diff --git a/2003/1xxx/CVE-2003-1023.json b/2003/1xxx/CVE-2003-1023.json index 5ce251f1eb9..6523c7a215f 100644 --- a/2003/1xxx/CVE-2003-1023.json +++ b/2003/1xxx/CVE-2003-1023.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030919 uninitialized buffer in midnight commander", - "refsource" : "BUGTRAQ", - "url" : "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html" - }, - { - "name" : "CSSA-2004-014.0", - "refsource" : "CALDERA", - "url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt" - }, - { - "name" : "FEDORA-2004-058", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/updates/FEDORA-2004-058.shtml" - }, - { - "name" : "FLSA:1224", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html" - }, - { - "name" : "GLSA-200403-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200403-09.xml" - }, - { - "name" : "20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108118433222764&w=2" - }, - { - "name" : "CLA-2004:833", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833" - }, - { - "name" : "DSA-424", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2004/dsa-424" - }, - { - "name" : "RHSA-2004:034", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2004-034.html" - }, - { - "name" : "RHSA-2004:035", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2004-035.html" - }, - { - "name" : "MDKSA-2004:007", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007" - }, - { - "name" : "20040201-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" - }, - { - "name" : "20040202-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" - }, - { - "name" : "8658", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/8658" - }, - { - "name" : "10645", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/10645" - }, - { - "name" : "10685", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/10685" - }, - { - "name" : "10716", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/10716" - }, - { - "name" : "10772", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/10772" - }, - { - "name" : "10823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/10823" - }, - { - "name" : "11219", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11219" - }, - { - "name" : "11262", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11262" - }, - { - "name" : "11268", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11268" - }, - { - "name" : "9833", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/9833" - }, - { - "name" : "11296", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11296" - }, - { - "name" : "midnight-commander-vfssresolvesymlink-bo(13247)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247" - }, - { - "name" : "oval:org.mitre.oval:def:822", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2004:034", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2004-034.html" + }, + { + "name": "10772", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/10772" + }, + { + "name": "20040202-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" + }, + { + "name": "FLSA:1224", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html" + }, + { + "name": "midnight-commander-vfssresolvesymlink-bo(13247)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247" + }, + { + "name": "20040201-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" + }, + { + "name": "10716", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/10716" + }, + { + "name": "20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108118433222764&w=2" + }, + { + "name": "CSSA-2004-014.0", + "refsource": "CALDERA", + "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt" + }, + { + "name": "FEDORA-2004-058", + "refsource": "FEDORA", + "url": "http://fedoranews.org/updates/FEDORA-2004-058.shtml" + }, + { + "name": "10645", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/10645" + }, + { + "name": "MDKSA-2004:007", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007" + }, + { + "name": "10823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/10823" + }, + { + "name": "20030919 uninitialized buffer in midnight commander", + "refsource": "BUGTRAQ", + "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html" + }, + { + "name": "CLA-2004:833", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833" + }, + { + "name": "8658", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/8658" + }, + { + "name": "DSA-424", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2004/dsa-424" + }, + { + "name": "RHSA-2004:035", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2004-035.html" + }, + { + "name": "10685", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/10685" + }, + { + "name": "11219", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11219" + }, + { + "name": "oval:org.mitre.oval:def:822", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822" + }, + { + "name": "9833", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/9833" + }, + { + "name": "11296", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11296" + }, + { + "name": "11268", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11268" + }, + { + "name": "11262", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11262" + }, + { + "name": "GLSA-200403-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200403-09.xml" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0566.json b/2004/0xxx/CVE-2004-0566.json index 81b85651494..65ab2f9cca5 100644 --- a/2004/0xxx/CVE-2004-0566.json +++ b/2004/0xxx/CVE-2004-0566.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040215 GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0806.html" - }, - { - "name" : "MS04-025", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025" - }, - { - "name" : "TA04-212A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA04-212A.html" - }, - { - "name" : "VU#266926", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/266926" - }, - { - "name" : "ie-bmp-integer-overflow(15210)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15210" - }, - { - "name" : "oval:org.mitre.oval:def:216", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A216" - }, - { - "name" : "oval:org.mitre.oval:def:306", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A306" - }, - { - "name" : "oval:org.mitre.oval:def:322", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A322" - }, - { - "name" : "oval:org.mitre.oval:def:507", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A507" - }, - { - "name" : "oval:org.mitre.oval:def:515", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A515" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:216", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A216" + }, + { + "name": "oval:org.mitre.oval:def:322", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A322" + }, + { + "name": "VU#266926", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/266926" + }, + { + "name": "20040215 GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0806.html" + }, + { + "name": "oval:org.mitre.oval:def:306", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A306" + }, + { + "name": "MS04-025", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025" + }, + { + "name": "oval:org.mitre.oval:def:515", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A515" + }, + { + "name": "TA04-212A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA04-212A.html" + }, + { + "name": "oval:org.mitre.oval:def:507", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A507" + }, + { + "name": "ie-bmp-integer-overflow(15210)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15210" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0642.json b/2004/0xxx/CVE-2004-0642.json index 3db5fc256ec..bc30930792e 100644 --- a/2004/0xxx/CVE-2004-0642.json +++ b/2004/0xxx/CVE-2004-0642.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt", - "refsource" : "CONFIRM", - "url" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt" - }, - { - "name" : "TA04-247A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA04-247A.html" - }, - { - "name" : "VU#795632", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/795632" - }, - { - "name" : "CLA-2004:860", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860" - }, - { - "name" : "DSA-543", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2004/dsa-543" - }, - { - "name" : "GLSA-200409-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml" - }, - { - "name" : "RHSA-2004:350", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2004-350.html" - }, - { - "name" : "2004-0045", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.net/errata/2004/0045/" - }, - { - "name" : "20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109508872524753&w=2" - }, - { - "name" : "11078", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11078" - }, - { - "name" : "oval:org.mitre.oval:def:4936", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4936" - }, - { - "name" : "oval:org.mitre.oval:def:10709", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10709" - }, - { - "name" : "kerberos-kdc-double-free(17157)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#795632", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/795632" + }, + { + "name": "CLA-2004:860", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860" + }, + { + "name": "oval:org.mitre.oval:def:10709", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10709" + }, + { + "name": "RHSA-2004:350", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2004-350.html" + }, + { + "name": "oval:org.mitre.oval:def:4936", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4936" + }, + { + "name": "2004-0045", + "refsource": "TRUSTIX", + "url": "http://www.trustix.net/errata/2004/0045/" + }, + { + "name": "DSA-543", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2004/dsa-543" + }, + { + "name": "TA04-247A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA04-247A.html" + }, + { + "name": "GLSA-200409-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml" + }, + { + "name": "20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109508872524753&w=2" + }, + { + "name": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt", + "refsource": "CONFIRM", + "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt" + }, + { + "name": "11078", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11078" + }, + { + "name": "kerberos-kdc-double-free(17157)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17157" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0826.json b/2004/0xxx/CVE-2004-0826.json index 1bc986d4044..fb1090a3dd0 100644 --- a/2004/0xxx/CVE-2004-0826.json +++ b/2004/0xxx/CVE-2004-0826.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040823 Netscape NSS Library Remote Compromise", - "refsource" : "ISS", - "url" : "http://xforce.iss.net/xforce/alerts/id/180" - }, - { - "name" : "SSRT4779", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=109351293827731&w=2" - }, - { - "name" : "11015", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11015" - }, - { - "name" : "sslv2-client-hello-overflow(16314)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11015", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11015" + }, + { + "name": "20040823 Netscape NSS Library Remote Compromise", + "refsource": "ISS", + "url": "http://xforce.iss.net/xforce/alerts/id/180" + }, + { + "name": "sslv2-client-hello-overflow(16314)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16314" + }, + { + "name": "SSRT4779", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=109351293827731&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1140.json b/2004/1xxx/CVE-2004-1140.json index 783695b2ac6..406c7745e7c 100644 --- a/2004/1xxx/CVE-2004-1140.json +++ b/2004/1xxx/CVE-2004-1140.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ethereal.com/appnotes/enpa-sa-00016.html", - "refsource" : "CONFIRM", - "url" : "http://www.ethereal.com/appnotes/enpa-sa-00016.html" - }, - { - "name" : "CLA-2005:916", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916" - }, - { - "name" : "FLSA-2006:152922", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" - }, - { - "name" : "GLSA-200412-15", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" - }, - { - "name" : "MDKSA-2004:152", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" - }, - { - "name" : "RHSA-2005:037", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-037.html" - }, - { - "name" : "P-061", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/p-061.shtml" - }, - { - "name" : "oval:org.mitre.oval:def:10484", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10484" - }, - { - "name" : "13468", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13468/" - }, - { - "name" : "11943", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11943" - }, - { - "name" : "Ethereal-rtp-dos(18485)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18485" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:10484", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10484" + }, + { + "name": "http://www.ethereal.com/appnotes/enpa-sa-00016.html", + "refsource": "CONFIRM", + "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" + }, + { + "name": "CLA-2005:916", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916" + }, + { + "name": "GLSA-200412-15", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" + }, + { + "name": "13468", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13468/" + }, + { + "name": "MDKSA-2004:152", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" + }, + { + "name": "RHSA-2005:037", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" + }, + { + "name": "11943", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11943" + }, + { + "name": "Ethereal-rtp-dos(18485)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18485" + }, + { + "name": "FLSA-2006:152922", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" + }, + { + "name": "P-061", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1605.json b/2004/1xxx/CVE-2004-1605.json index 3d7f7069d8e..db50fefd340 100644 --- a/2004/1xxx/CVE-2004-1605.json +++ b/2004/1xxx/CVE-2004-1605.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1605", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1605", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041018 Multiple vulnerabilities in Sage Saleslogix", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109811852218478&w=2" - }, - { - "name" : "20041018 Multiple vulnerabilities in Sage Saleslogix", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html" - }, - { - "name" : "11450", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11450" - }, - { - "name" : "10942", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/10942" - }, - { - "name" : "1011769", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1011769" - }, - { - "name" : "12883", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12883" - }, - { - "name" : "saleslogix-cookie-admin-access(17749)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17749" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "12883", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12883" + }, + { + "name": "20041018 Multiple vulnerabilities in Sage Saleslogix", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109811852218478&w=2" + }, + { + "name": "1011769", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1011769" + }, + { + "name": "saleslogix-cookie-admin-access(17749)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17749" + }, + { + "name": "11450", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11450" + }, + { + "name": "20041018 Multiple vulnerabilities in Sage Saleslogix", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html" + }, + { + "name": "10942", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/10942" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1621.json b/2004/1xxx/CVE-2004-1621.json index ff99d9266f1..a1c0c1fb7cf 100644 --- a/2004/1xxx/CVE-2004-1621.json +++ b/2004/1xxx/CVE-2004-1621.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1621", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1621", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041018 IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] )", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109812960023736&w=2" - }, - { - "name" : "20041021 Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] )", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109841682529328&w=2" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21187833", - "refsource" : "MISC", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21187833" - }, - { - "name" : "VU#404382", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/404382" - }, - { - "name" : "11458", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11458" - }, - { - "name" : "1011779", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1011779" - }, - { - "name" : "12891", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12891" - }, - { - "name" : "lotus-notes-xss(17758)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17758" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#404382", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/404382" + }, + { + "name": "lotus-notes-xss(17758)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17758" + }, + { + "name": "20041021 Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] )", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109841682529328&w=2" + }, + { + "name": "12891", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12891" + }, + { + "name": "11458", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11458" + }, + { + "name": "20041018 IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] )", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109812960023736&w=2" + }, + { + "name": "1011779", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1011779" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21187833", + "refsource": "MISC", + "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21187833" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1738.json b/2004/1xxx/CVE-2004-1738.json index 86b7ef62315..6bb65276938 100644 --- a/2004/1xxx/CVE-2004-1738.json +++ b/2004/1xxx/CVE-2004-1738.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1738", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1738", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040823 JShop Input Validation Hole in 'page.php' Permits Cross-Site", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109327547026265&w=2" - }, - { - "name" : "http://indohack.sourceforge.net/drponidi/jshop-vuln.txt", - "refsource" : "MISC", - "url" : "http://indohack.sourceforge.net/drponidi/jshop-vuln.txt" - }, - { - "name" : "1011020", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1011020" - }, - { - "name" : "12345", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12345" - }, - { - "name" : "jshop-page-xpage-xss(17075)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17075" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://indohack.sourceforge.net/drponidi/jshop-vuln.txt", + "refsource": "MISC", + "url": "http://indohack.sourceforge.net/drponidi/jshop-vuln.txt" + }, + { + "name": "jshop-page-xpage-xss(17075)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17075" + }, + { + "name": "12345", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12345" + }, + { + "name": "20040823 JShop Input Validation Hole in 'page.php' Permits Cross-Site", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109327547026265&w=2" + }, + { + "name": "1011020", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1011020" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1968.json b/2004/1xxx/CVE-2004-1968.json index 733ae5efce8..e8c6ba302d4 100644 --- a/2004/1xxx/CVE-2004-1968.json +++ b/2004/1xxx/CVE-2004-1968.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1968", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to read arbitrary messages by modifying the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1968", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040425 Multiple Vulnerabilities In OpenBB", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108301983206107&w=2" - }, - { - "name" : "10217", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10217" - }, - { - "name" : "1009935", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1009935" - }, - { - "name" : "11481", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11481" - }, - { - "name" : "openbb-myhomephp-obtain-information(15970)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to read arbitrary messages by modifying the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openbb-myhomephp-obtain-information(15970)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15970" + }, + { + "name": "10217", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10217" + }, + { + "name": "20040425 Multiple Vulnerabilities In OpenBB", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108301983206107&w=2" + }, + { + "name": "11481", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11481" + }, + { + "name": "1009935", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1009935" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2153.json b/2004/2xxx/CVE-2004-2153.json index dfee8e5abcd..0fadf5ec786 100644 --- a/2004/2xxx/CVE-2004-2153.json +++ b/2004/2xxx/CVE-2004-2153.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[fm-news] 20041001 Newsletter for Thursday, September 30th 2004", - "refsource" : "MLIST", - "url" : "http://archives.neohapsis.com/archives/apps/freshmeat/2004-09/0030.html" - }, - { - "name" : "11304", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11304" - }, - { - "name" : "10480", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/10480" - }, - { - "name" : "12721", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12721" - }, - { - "name" : "real-estate-management-software(17598)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17598" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "12721", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12721" + }, + { + "name": "real-estate-management-software(17598)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17598" + }, + { + "name": "[fm-news] 20041001 Newsletter for Thursday, September 30th 2004", + "refsource": "MLIST", + "url": "http://archives.neohapsis.com/archives/apps/freshmeat/2004-09/0030.html" + }, + { + "name": "10480", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/10480" + }, + { + "name": "11304", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11304" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2464.json b/2004/2xxx/CVE-2004-2464.json index 3b73e6552a9..606e4a6d9fc 100644 --- a/2004/2xxx/CVE-2004-2464.json +++ b/2004/2xxx/CVE-2004-2464.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded \"..//\" sequences (\"%2e%2e%2f%2f\"). NOTE: it was later reported that 0.6.21 and earlier is also affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071224 Double directory traversal in ImgSvr 0.6.21", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485490/100/100/threaded" - }, - { - "name" : "http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20(ImgSvr)%200.4.txt", - "refsource" : "MISC", - "url" : "http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20(ImgSvr)%200.4.txt" - }, - { - "name" : "10048", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10048" - }, - { - "name" : "4946", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4946" - }, - { - "name" : "11287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11287" - }, - { - "name" : "imgsvr-dotdot-directory-traversal(16680)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16680" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded \"..//\" sequences (\"%2e%2e%2f%2f\"). NOTE: it was later reported that 0.6.21 and earlier is also affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "10048", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10048" + }, + { + "name": "imgsvr-dotdot-directory-traversal(16680)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16680" + }, + { + "name": "4946", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4946" + }, + { + "name": "http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20(ImgSvr)%200.4.txt", + "refsource": "MISC", + "url": "http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20(ImgSvr)%200.4.txt" + }, + { + "name": "20071224 Double directory traversal in ImgSvr 0.6.21", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485490/100/100/threaded" + }, + { + "name": "11287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11287" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2529.json b/2004/2xxx/CVE-2004-2529.json index 1cef607fb05..051bfeb7f9e 100644 --- a/2004/2xxx/CVE-2004-2529.json +++ b/2004/2xxx/CVE-2004-2529.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Gadu-Gadu allows remote attackers to bypass the \"image send\" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041213 Gadu-Gadu several vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110295777306493&w=2" - }, - { - "name" : "http://www.man.poznan.pl/~security/gg-adv.txt", - "refsource" : "MISC", - "url" : "http://www.man.poznan.pl/~security/gg-adv.txt" - }, - { - "name" : "11899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11899" - }, - { - "name" : "12520", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/12520" - }, - { - "name" : "13450", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13450" - }, - { - "name" : "gadu-gadu-image-bypass-security(18463)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Gadu-Gadu allows remote attackers to bypass the \"image send\" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "12520", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/12520" + }, + { + "name": "20041213 Gadu-Gadu several vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110295777306493&w=2" + }, + { + "name": "gadu-gadu-image-bypass-security(18463)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463" + }, + { + "name": "http://www.man.poznan.pl/~security/gg-adv.txt", + "refsource": "MISC", + "url": "http://www.man.poznan.pl/~security/gg-adv.txt" + }, + { + "name": "13450", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13450" + }, + { + "name": "11899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11899" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2291.json b/2008/2xxx/CVE-2008-2291.json index 074b3779da3..1416250d794 100644 --- a/2008/2xxx/CVE-2008-2291.json +++ b/2008/2xxx/CVE-2008-2291.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2291", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/492228/100/0/threaded" - }, - { - "name" : "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/492128/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-025/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-025/" - }, - { - "name" : "http://www.insomniasec.com/advisories/ISVA-080516.2.htm", - "refsource" : "MISC", - "url" : "http://www.insomniasec.com/advisories/ISVA-080516.2.htm" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html" - }, - { - "name" : "HPSBMA02369", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=122167472229965&w=2" - }, - { - "name" : "SSRT080115", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=122167472229965&w=2" - }, - { - "name" : "29199", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29199" - }, - { - "name" : "1020024", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020024" - }, - { - "name" : "ADV-2008-1542", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1542/references" - }, - { - "name" : "30261", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30261" - }, - { - "name" : "symantec-altiris-axengine-info-disclosure(42437)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm", + "refsource": "MISC", + "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm" + }, + { + "name": "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded" + }, + { + "name": "ADV-2008-1542", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1542/references" + }, + { + "name": "SSRT080115", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2" + }, + { + "name": "HPSBMA02369", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html" + }, + { + "name": "29199", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29199" + }, + { + "name": "symantec-altiris-axengine-info-disclosure(42437)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437" + }, + { + "name": "1020024", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020024" + }, + { + "name": "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded" + }, + { + "name": "30261", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30261" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2682.json b/2008/2xxx/CVE-2008-2682.json index eb2b7167c72..38f4f2dec96 100644 --- a/2008/2xxx/CVE-2008-2682.json +++ b/2008/2xxx/CVE-2008-2682.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2682", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "_RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2682", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5766", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5766" - }, - { - "name" : "http://bugreport.ir/index.php?/40", - "refsource" : "MISC", - "url" : "http://bugreport.ir/index.php?/40" - }, - { - "name" : "29616", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29616" - }, - { - "name" : "30583", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30583" - }, - { - "name" : "realm-login-authentication-bypass(42960)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42960" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "_RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugreport.ir/index.php?/40", + "refsource": "MISC", + "url": "http://bugreport.ir/index.php?/40" + }, + { + "name": "realm-login-authentication-bypass(42960)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42960" + }, + { + "name": "5766", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5766" + }, + { + "name": "30583", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30583" + }, + { + "name": "29616", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29616" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2910.json b/2008/2xxx/CVE-2008-2910.json index 00fbbbe8e49..89598c23886 100644 --- a/2008/2xxx/CVE-2008-2910.json +++ b/2008/2xxx/CVE-2008-2910.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5793", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5793" - }, - { - "name" : "29693", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29693" - }, - { - "name" : "30696", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30696" - }, - { - "name" : "autoproducer-dxttextouteffect-activex-bo(43036)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43036" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "autoproducer-dxttextouteffect-activex-bo(43036)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43036" + }, + { + "name": "29693", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29693" + }, + { + "name": "5793", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5793" + }, + { + "name": "30696", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30696" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2924.json b/2008/2xxx/CVE-2008-2924.json index 2d2139ac935..2784c232570 100644 --- a/2008/2xxx/CVE-2008-2924.json +++ b/2008/2xxx/CVE-2008-2924.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2924", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2924", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.valarsoft.com/index.php?page=home¬izie=si¬ID=154&singlenot=1&no_home=1#2", - "refsource" : "CONFIRM", - "url" : "http://www.valarsoft.com/index.php?page=home¬izie=si¬ID=154&singlenot=1&no_home=1#2" - }, - { - "name" : "29748", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29748" - }, - { - "name" : "30656", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30656" - }, - { - "name" : "webmatic-unspecified-xss(43115)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29748", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29748" + }, + { + "name": "webmatic-unspecified-xss(43115)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43115" + }, + { + "name": "http://www.valarsoft.com/index.php?page=home¬izie=si¬ID=154&singlenot=1&no_home=1#2", + "refsource": "CONFIRM", + "url": "http://www.valarsoft.com/index.php?page=home¬izie=si¬ID=154&singlenot=1&no_home=1#2" + }, + { + "name": "30656", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30656" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3071.json b/2008/3xxx/CVE-2008-3071.json index a0e92f90deb..26a88ab5c1d 100644 --- a/2008/3xxx/CVE-2008-3071.json +++ b/2008/3xxx/CVE-2008-3071.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3071", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3071", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://community.mybboard.net/attachment.php?aid=9272", - "refsource" : "CONFIRM", - "url" : "http://community.mybboard.net/attachment.php?aid=9272" - }, - { - "name" : "http://community.mybboard.net/showthread.php?tid=31666", - "refsource" : "CONFIRM", - "url" : "http://community.mybboard.net/showthread.php?tid=31666" - }, - { - "name" : "31013", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31013" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://community.mybboard.net/attachment.php?aid=9272", + "refsource": "CONFIRM", + "url": "http://community.mybboard.net/attachment.php?aid=9272" + }, + { + "name": "31013", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31013" + }, + { + "name": "http://community.mybboard.net/showthread.php?tid=31666", + "refsource": "CONFIRM", + "url": "http://community.mybboard.net/showthread.php?tid=31666" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3094.json b/2008/3xxx/CVE-2008-3094.json index f89ad7fe9c0..25cc65ce17e 100644 --- a/2008/3xxx/CVE-2008-3094.json +++ b/2008/3xxx/CVE-2008-3094.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3094", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information (private group names) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3094", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/277873", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/277873" - }, - { - "name" : "30070", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30070" - }, - { - "name" : "30928", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30928" - }, - { - "name" : "organic-title-information-disclosure(43578)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43578" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information (private group names) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30070", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30070" + }, + { + "name": "http://drupal.org/node/277873", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/277873" + }, + { + "name": "30928", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30928" + }, + { + "name": "organic-title-information-disclosure(43578)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43578" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3816.json b/2008/3xxx/CVE-2008-3816.json index 8c4236ea017..294371e7935 100644 --- a/2008/3xxx/CVE-2008-3816.json +++ b/2008/3xxx/CVE-2008-3816.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3816", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2008-3816", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081022 Multiple Vulnerabilities in Cisco PIX and Cisco ASA", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml" - }, - { - "name" : "31863", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31863" - }, - { - "name" : "oval:org.mitre.oval:def:5499", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5499" - }, - { - "name" : "ADV-2008-2899", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2899" - }, - { - "name" : "1021086", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021086" - }, - { - "name" : "1021087", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021087" - }, - { - "name" : "32391", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32391" - }, - { - "name" : "cisco-pix-asa-ipv6-dos(46025)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46025" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31863", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31863" + }, + { + "name": "oval:org.mitre.oval:def:5499", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5499" + }, + { + "name": "1021087", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021087" + }, + { + "name": "cisco-pix-asa-ipv6-dos(46025)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46025" + }, + { + "name": "32391", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32391" + }, + { + "name": "1021086", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021086" + }, + { + "name": "20081022 Multiple Vulnerabilities in Cisco PIX and Cisco ASA", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml" + }, + { + "name": "ADV-2008-2899", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2899" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6148.json b/2008/6xxx/CVE-2008-6148.json index 9ef28478010..7a6d0cc6edb 100644 --- a/2008/6xxx/CVE-2008-6148.json +++ b/2008/6xxx/CVE-2008-6148.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7573", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7573" - }, - { - "name" : "33010", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33010" - }, - { - "name" : "33312", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33312" - }, - { - "name" : "liveticker-index-sql-injection(47605)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47605" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33010", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33010" + }, + { + "name": "liveticker-index-sql-injection(47605)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47605" + }, + { + "name": "33312", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33312" + }, + { + "name": "7573", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7573" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6525.json b/2008/6xxx/CVE-2008-6525.json index de4c09dbe40..15a88bd9cf7 100644 --- a/2008/6xxx/CVE-2008-6525.json +++ b/2008/6xxx/CVE-2008-6525.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6525", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6525", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7018", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7018" - }, - { - "name" : "32150", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32150" - }, - { - "name" : "nicephpfaq-unspecified-sql-injection(46402)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46402" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7018", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7018" + }, + { + "name": "32150", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32150" + }, + { + "name": "nicephpfaq-unspecified-sql-injection(46402)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46402" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6553.json b/2008/6xxx/CVE-2008-6553.json index 5a1b241f53f..544e1b4d87e 100644 --- a/2008/6xxx/CVE-2008-6553.json +++ b/2008/6xxx/CVE-2008-6553.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6553", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a delete_admin action, and (3) modify administrative passwords via a change_password action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6553", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6933", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6933" - }, - { - "name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/32063.pl", - "refsource" : "MISC", - "url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/32063.pl" - }, - { - "name" : "32063", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32063" - }, - { - "name" : "microcms-microcmsadminhome-security-bypass(46294)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a delete_admin action, and (3) modify administrative passwords via a change_password action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32063", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32063" + }, + { + "name": "microcms-microcmsadminhome-security-bypass(46294)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46294" + }, + { + "name": "6933", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6933" + }, + { + "name": "http://downloads.securityfocus.com/vulnerabilities/exploits/32063.pl", + "refsource": "MISC", + "url": "http://downloads.securityfocus.com/vulnerabilities/exploits/32063.pl" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6865.json b/2008/6xxx/CVE-2008-6865.json index fa144aa02d9..f961ac3b299 100644 --- a/2008/6xxx/CVE-2008-6865.json +++ b/2008/6xxx/CVE-2008-6865.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6865", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6865", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081030 PHP-Nuke Module Sectionsnew (printpage&artid) Remote SQL injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497939/100/0/threaded" - }, - { - "name" : "51890", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/51890" - }, - { - "name" : "sectionsnew-modules-sql-injection(51735)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sectionsnew-modules-sql-injection(51735)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51735" + }, + { + "name": "20081030 PHP-Nuke Module Sectionsnew (printpage&artid) Remote SQL injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497939/100/0/threaded" + }, + { + "name": "51890", + "refsource": "OSVDB", + "url": "http://osvdb.org/51890" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7152.json b/2008/7xxx/CVE-2008-7152.json index 62a115d7b0f..7180bd33576 100644 --- a/2008/7xxx/CVE-2008-7152.json +++ b/2008/7xxx/CVE-2008-7152.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7152", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) client.php or (2) taxonservice.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7152", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/bid/28142/exploit", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/bid/28142/exploit" - }, - { - "name" : "28142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28142" - }, - { - "name" : "sid-dir-file-include(41097)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) client.php or (2) taxonservice.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.securityfocus.com/bid/28142/exploit", + "refsource": "MISC", + "url": "http://www.securityfocus.com/bid/28142/exploit" + }, + { + "name": "28142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28142" + }, + { + "name": "sid-dir-file-include(41097)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41097" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7192.json b/2008/7xxx/CVE-2008-7192.json index 15ce73ea4be..ff0831ac32b 100644 --- a/2008/7xxx/CVE-2008-7192.json +++ b/2008/7xxx/CVE-2008-7192.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080126 WoltLab Burning Board 3.x.x Private Message Delete XSRF Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487139/100/200/threaded" - }, - { - "name" : "wbb-index-csrf(39990)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39990" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wbb-index-csrf(39990)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39990" + }, + { + "name": "20080126 WoltLab Burning Board 3.x.x Private Message Delete XSRF Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487139/100/200/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5074.json b/2012/5xxx/CVE-2012-5074.json index d8eeee021bb..62a062fa6fc 100644 --- a/2012/5xxx/CVE-2012-5074.json +++ b/2012/5xxx/CVE-2012-5074.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5074", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2012-5074", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "RHSA-2012:1386", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1386.html" - }, - { - "name" : "RHSA-2012:1391", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1391.html" - }, - { - "name" : "RHSA-2012:1467", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1467.html" - }, - { - "name" : "SUSE-SU-2012:1398", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" - }, - { - "name" : "56056", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56056" - }, - { - "name" : "oval:org.mitre.oval:def:16668", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16668" - }, - { - "name" : "51029", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51029" - }, - { - "name" : "51326", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51326" - }, - { - "name" : "51390", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51390" - }, - { - "name" : "javaruntimeenvironment-jaxws-cve20125074(79426)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2012:1398", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "RHSA-2012:1386", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html" + }, + { + "name": "oval:org.mitre.oval:def:16668", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16668" + }, + { + "name": "56056", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56056" + }, + { + "name": "RHSA-2012:1391", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html" + }, + { + "name": "51029", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51029" + }, + { + "name": "51390", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51390" + }, + { + "name": "javaruntimeenvironment-jaxws-cve20125074(79426)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79426" + }, + { + "name": "RHSA-2012:1467", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" + }, + { + "name": "51326", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51326" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5228.json b/2012/5xxx/CVE-2012-5228.json index 54a4e2ffdfd..23b775de8d0 100644 --- a/2012/5xxx/CVE-2012-5228.json +++ b/2012/5xxx/CVE-2012-5228.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5228", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/index.php in phplist 2.10.9, 2.10.17, and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the testtarget parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5228", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "18419", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18419" - }, - { - "name" : "51681", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/51681" - }, - { - "name" : "78548", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/78548" - }, - { - "name" : "47727", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47727" - }, - { - "name" : "phplist-testtarget-xss(72747)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72747" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/index.php in phplist 2.10.9, 2.10.17, and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the testtarget parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "47727", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47727" + }, + { + "name": "phplist-testtarget-xss(72747)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72747" + }, + { + "name": "18419", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18419" + }, + { + "name": "78548", + "refsource": "OSVDB", + "url": "http://osvdb.org/78548" + }, + { + "name": "51681", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/51681" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5246.json b/2012/5xxx/CVE-2012-5246.json index 4d463ec4acb..5633df00517 100644 --- a/2012/5xxx/CVE-2012-5246.json +++ b/2012/5xxx/CVE-2012-5246.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5246", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5246", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5764.json b/2012/5xxx/CVE-2012-5764.json index eadf0d34be3..80e62bbc8c4 100644 --- a/2012/5xxx/CVE-2012-5764.json +++ b/2012/5xxx/CVE-2012-5764.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5764", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5764", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5966.json b/2012/5xxx/CVE-2012-5966.json index 022520a0871..0bff0ee31dd 100644 --- a/2012/5xxx/CVE-2012-5966.json +++ b/2012/5xxx/CVE-2012-5966.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2012-5966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#876780", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/876780" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#876780", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/876780" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11034.json b/2017/11xxx/CVE-2017-11034.json index 70cfce781da..f0322a85bc3 100644 --- a/2017/11xxx/CVE-2017-11034.json +++ b/2017/11xxx/CVE-2017-11034.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11034", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11034", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11787.json b/2017/11xxx/CVE-2017-11787.json index 1f343ea7368..4738734426e 100644 --- a/2017/11xxx/CVE-2017-11787.json +++ b/2017/11xxx/CVE-2017-11787.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11787", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11787", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11951.json b/2017/11xxx/CVE-2017-11951.json index 171c4464089..62a5365d91b 100644 --- a/2017/11xxx/CVE-2017-11951.json +++ b/2017/11xxx/CVE-2017-11951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11951", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11951", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15101.json b/2017/15xxx/CVE-2017-15101.json index c7358ed8ca2..1c4b6b48356 100644 --- a/2017/15xxx/CVE-2017-15101.json +++ b/2017/15xxx/CVE-2017-15101.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "anemec@redhat.com", - "ID" : "CVE-2017-15101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "liblouis", - "version" : { - "version_data" : [ - { - "version_value" : "2.5.4" - } - ] - } - } - ] - }, - "vendor_name" : "Liblouis" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version" : "3.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-121" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2017-15101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "liblouis", + "version": { + "version_data": [ + { + "version_value": "2.5.4" + } + ] + } + } + ] + }, + "vendor_name": "Liblouis" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101" - }, - { - "name" : "RHSA-2017:3384", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3384" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101" + }, + { + "name": "RHSA-2017:3384", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3384" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15134.json b/2017/15xxx/CVE-2017-15134.json index 3e78d688619..39afc400c26 100644 --- a/2017/15xxx/CVE-2017-15134.json +++ b/2017/15xxx/CVE-2017-15134.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "DATE_PUBLIC" : "2018-01-21T00:00:00", - "ID" : "CVE-2017-15134", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "389-ds-base", - "version" : { - "version_data" : [ - { - "version_value" : "1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5" - } - ] - } - } - ] - }, - "vendor_name" : "Red Hat, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-120" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "DATE_PUBLIC": "2018-01-21T00:00:00", + "ID": "CVE-2017-15134", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "389-ds-base", + "version": { + "version_data": [ + { + "version_value": "1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5" + } + ] + } + } + ] + }, + "vendor_name": "Red Hat, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180715 [SECURITY] [DLA 1428-1] 389-ds-base security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html" - }, - { - "name" : "https://pagure.io/389-ds-base/c/6aa2acdc3cad9", - "refsource" : "MISC", - "url" : "https://pagure.io/389-ds-base/c/6aa2acdc3cad9" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1531573", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1531573" - }, - { - "name" : "RHSA-2018:0163", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0163" - }, - { - "name" : "102790", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102790" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:0163", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0163" + }, + { + "name": "https://pagure.io/389-ds-base/c/6aa2acdc3cad9", + "refsource": "MISC", + "url": "https://pagure.io/389-ds-base/c/6aa2acdc3cad9" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1531573", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531573" + }, + { + "name": "102790", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102790" + }, + { + "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1428-1] 389-ds-base security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15191.json b/2017/15xxx/CVE-2017-15191.json index 2606ddf2c18..3775aad9ee5 100644 --- a/2017/15xxx/CVE-2017-15191.json +++ b/2017/15xxx/CVE-2017-15191.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190115 [SECURITY] [DLA 1634-1] wireshark security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068" - }, - { - "name" : "https://code.wireshark.org/review/23591", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/23591" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2017-44.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2017-44.html" - }, - { - "name" : "101227", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101227" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.wireshark.org/security/wnpa-sec-2017-44.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2017-44.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068" + }, + { + "name": "[debian-lts-announce] 20190115 [SECURITY] [DLA 1634-1] wireshark security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html" + }, + { + "name": "101227", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101227" + }, + { + "name": "https://code.wireshark.org/review/23591", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/23591" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15376.json b/2017/15xxx/CVE-2017-15376.json index 77268e23dab..d94e6399e08 100644 --- a/2017/15xxx/CVE-2017-15376.json +++ b/2017/15xxx/CVE-2017-15376.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vulnerability-lab.com/get_content.php?id=2097", - "refsource" : "MISC", - "url" : "https://www.vulnerability-lab.com/get_content.php?id=2097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.vulnerability-lab.com/get_content.php?id=2097", + "refsource": "MISC", + "url": "https://www.vulnerability-lab.com/get_content.php?id=2097" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15994.json b/2017/15xxx/CVE-2017-15994.json index e0712531090..619de7c494a 100644 --- a/2017/15xxx/CVE-2017-15994.json +++ b/2017/15xxx/CVE-2017-15994.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3", - "refsource" : "MISC", - "url" : "https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3" - }, - { - "name" : "https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55", - "refsource" : "MISC", - "url" : "https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55" - }, - { - "name" : "https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b", - "refsource" : "MISC", - "url" : "https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3", + "refsource": "MISC", + "url": "https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3" + }, + { + "name": "https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b", + "refsource": "MISC", + "url": "https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b" + }, + { + "name": "https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55", + "refsource": "MISC", + "url": "https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3663.json b/2017/3xxx/CVE-2017-3663.json index bbcaf3835ef..a632d3269aa 100644 --- a/2017/3xxx/CVE-2017-3663.json +++ b/2017/3xxx/CVE-2017-3663.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3663", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-3663", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3896.json b/2017/3xxx/CVE-2017-3896.json index 4a598105c94..3a175c5e4e6 100644 --- a/2017/3xxx/CVE-2017-3896.json +++ b/2017/3xxx/CVE-2017-3896.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "ID" : "CVE-2017-3896", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "McAfee Agent", - "version" : { - "version_data" : [ - { - "version_value" : "5.0.x versions prior to 5.0.4.449" - } - ] - } - } - ] - }, - "vendor_name" : "Intel" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Unvalidated parameter vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "ID": "CVE-2017-3896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "McAfee Agent", + "version": { + "version_data": [ + { + "version_value": "5.0.x versions prior to 5.0.4.449" + } + ] + } + } + ] + }, + "vendor_name": "Intel" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10183", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10183" - }, - { - "name" : "95903", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95903" - }, - { - "name" : "1037629", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unvalidated parameter vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95903", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95903" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10183", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10183" + }, + { + "name": "1037629", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037629" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8625.json b/2017/8xxx/CVE-2017-8625.json index cf939bf74f8..f754a48190e 100644 --- a/2017/8xxx/CVE-2017-8625.json +++ b/2017/8xxx/CVE-2017-8625.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-8625", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Internet Explorer", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka \"Internet Explorer Security Feature Bypass Vulnerability\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-8625", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Internet Explorer", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442", - "refsource" : "MISC", - "url" : "https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442" - }, - { - "name" : "https://msitpros.com/?p=3909", - "refsource" : "MISC", - "url" : "https://msitpros.com/?p=3909" - }, - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625" - }, - { - "name" : "100063", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100063" - }, - { - "name" : "1039112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039112" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka \"Internet Explorer Security Feature Bypass Vulnerability\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625" + }, + { + "name": "https://msitpros.com/?p=3909", + "refsource": "MISC", + "url": "https://msitpros.com/?p=3909" + }, + { + "name": "https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442", + "refsource": "MISC", + "url": "https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442" + }, + { + "name": "100063", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100063" + }, + { + "name": "1039112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039112" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8645.json b/2017/8xxx/CVE-2017-8645.json index 475040ae5ac..d1539ce8ffd 100644 --- a/2017/8xxx/CVE-2017-8645.json +++ b/2017/8xxx/CVE-2017-8645.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-8645", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Scripting Engine", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 1511, 1607, 1703, and Windows Server 2016." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-8645", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Scripting Engine", + "version": { + "version_data": [ + { + "version_value": "Windows 10 1511, 1607, 1703, and Windows Server 2016." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42469", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42469/" - }, - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8645", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8645" - }, - { - "name" : "100052", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100052" - }, - { - "name" : "1039095", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039095" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "100052", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100052" + }, + { + "name": "1039095", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039095" + }, + { + "name": "42469", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42469/" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8645", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8645" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12023.json b/2018/12xxx/CVE-2018-12023.json index f94042a710d..4cd3000a6e0 100644 --- a/2018/12xxx/CVE-2018-12023.json +++ b/2018/12xxx/CVE-2018-12023.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12023", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12023", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12323.json b/2018/12xxx/CVE-2018-12323.json index eb2abf2195f..c9bf5bae203 100644 --- a/2018/12xxx/CVE-2018-12323.json +++ b/2018/12xxx/CVE-2018-12323.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12323", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf", - "refsource" : "MISC", - "url" : "https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf", + "refsource": "MISC", + "url": "https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12646.json b/2018/12xxx/CVE-2018-12646.json index 7d18501b734..1905893bb52 100644 --- a/2018/12xxx/CVE-2018-12646.json +++ b/2018/12xxx/CVE-2018-12646.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12646", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12646", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12966.json b/2018/12xxx/CVE-2018-12966.json index 154a7f61936..a0209ed08ac 100644 --- a/2018/12xxx/CVE-2018-12966.json +++ b/2018/12xxx/CVE-2018-12966.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12966", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12966", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13842.json b/2018/13xxx/CVE-2018-13842.json index eb983bf92c2..a6c2b55d075 100644 --- a/2018/13xxx/CVE-2018-13842.json +++ b/2018/13xxx/CVE-2018-13842.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13842", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13842", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13855.json b/2018/13xxx/CVE-2018-13855.json index cb2e13bb6a7..8bcf0992a82 100644 --- a/2018/13xxx/CVE-2018-13855.json +++ b/2018/13xxx/CVE-2018-13855.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13855", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13855", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16142.json b/2018/16xxx/CVE-2018-16142.json index 12632beaadd..2fa69aa3d10 100644 --- a/2018/16xxx/CVE-2018-16142.json +++ b/2018/16xxx/CVE-2018-16142.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16142", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16142", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://unothing.github.io/posts/phpok48278/", - "refsource" : "MISC", - "url" : "https://unothing.github.io/posts/phpok48278/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://unothing.github.io/posts/phpok48278/", + "refsource": "MISC", + "url": "https://unothing.github.io/posts/phpok48278/" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16374.json b/2018/16xxx/CVE-2018-16374.json index caaa93fa129..2e12525abe3 100644 --- a/2018/16xxx/CVE-2018-16374.json +++ b/2018/16xxx/CVE-2018-16374.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16374", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16374", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/philippe/FrogCMS/issues/14", - "refsource" : "MISC", - "url" : "https://github.com/philippe/FrogCMS/issues/14" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/philippe/FrogCMS/issues/14", + "refsource": "MISC", + "url": "https://github.com/philippe/FrogCMS/issues/14" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16519.json b/2018/16xxx/CVE-2018-16519.json index cf6a2b5864b..338f3df64d6 100644 --- a/2018/16xxx/CVE-2018-16519.json +++ b/2018/16xxx/CVE-2018-16519.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16519", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16519", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16639.json b/2018/16xxx/CVE-2018-16639.json index dfd36f2b623..c8fc3090734 100644 --- a/2018/16xxx/CVE-2018-16639.json +++ b/2018/16xxx/CVE-2018-16639.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16639", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16639", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16806.json b/2018/16xxx/CVE-2018-16806.json index 4202bdb3860..dea83c8b6ad 100644 --- a/2018/16xxx/CVE-2018-16806.json +++ b/2018/16xxx/CVE-2018-16806.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16806", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16806", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.esat.kuleuven.be/cosic/fast-furious-and-insecure-passive-keyless-entry-and-start-in-modern-supercars/", - "refsource" : "MISC", - "url" : "https://www.esat.kuleuven.be/cosic/fast-furious-and-insecure-passive-keyless-entry-and-start-in-modern-supercars/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.esat.kuleuven.be/cosic/fast-furious-and-insecure-passive-keyless-entry-and-start-in-modern-supercars/", + "refsource": "MISC", + "url": "https://www.esat.kuleuven.be/cosic/fast-furious-and-insecure-passive-keyless-entry-and-start-in-modern-supercars/" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17270.json b/2018/17xxx/CVE-2018-17270.json index 1067c81e9bd..fcb98d2228a 100644 --- a/2018/17xxx/CVE-2018-17270.json +++ b/2018/17xxx/CVE-2018-17270.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17270", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-17270", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17492.json b/2018/17xxx/CVE-2018-17492.json index 7a06b6257dd..70f09bcdad1 100644 --- a/2018/17xxx/CVE-2018-17492.json +++ b/2018/17xxx/CVE-2018-17492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17492", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17492", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4426.json b/2018/4xxx/CVE-2018-4426.json index 8e76e47fa27..eb044c2c6b5 100644 --- a/2018/4xxx/CVE-2018-4426.json +++ b/2018/4xxx/CVE-2018-4426.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4426", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4426", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4913.json b/2018/4xxx/CVE-2018-4913.json index 9ee9946a8ee..b383e6abef1 100644 --- a/2018/4xxx/CVE-2018-4913.json +++ b/2018/4xxx/CVE-2018-4913.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2018-4913", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is triggered by crafted XFA script definitions in a PDF file. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use After Free" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2018-4913", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html" - }, - { - "name" : "102995", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102995" - }, - { - "name" : "1040364", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040364" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is triggered by crafted XFA script definitions in a PDF file. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102995", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102995" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html" + }, + { + "name": "1040364", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040364" + } + ] + } +} \ No newline at end of file