admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

jpcert20171117 batch

Browse Source
This commit is contained in:
Takayuki Uchiyama 2017-11-17 17:29:36 +09:00
parent 493d1bd42a
commit 49cabe46f5
5 changed files with 362 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
2017/10xxx/CVE-2017-10886.json
View File

@ -1,18 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10886",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10886",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Frogman Office Inc.",
"product": {
"product_data": [
{
"product_name": "CS-Cart Japanese Edition",
"version": {
"version_data": [
{
"version_value": "v4.3.10 and earlier (excluding v2 and v3)"
}
]
}
},
{
"product_name": "CS-Cart Multivendor Japanese Edition",
"version": {
"version_data": [
{
"version_value": "v4.3.10 and earlier (excluding v2 and v3)"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Cross-site scripting"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"http://tips.cs-cart.jp/fix-jvn-29602086.html"
},
{
"url":"https://jvn.jp/en/jp/JVN29602086/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows an attacker to inject arbitrary web script or HTML via unspecified vectors."
}
]
}
}

78
2017/10xxx/CVE-2017-10887.json
View File

@ -1,18 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10887",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10887",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "BOOK WALKER Co.,Ltd.",
"product": {
"product_data": [
{
"product_name": "BOOK WALKER for Windows",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.9 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"url":"https://jvn.jp/en/jp/JVN18420340/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
}
}

88
2017/10xxx/CVE-2017-10888.json
View File

@ -1,18 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10888",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10888",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "BOOK WALKER Co.,Ltd.",
"product": {
"product_data": [
{
"product_name": "BOOK WALKER for Windows",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.9 and earlier"
}
]
}
},
{
"product_name": "BOOK WALKER for Mac",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.5 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Information Disclosure"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"url":"https://jvn.jp/en/jp/JVN18420340/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors."
}
]
}
}

78
2017/10xxx/CVE-2017-10889.json
View File

@ -1,18 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10889",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10889",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "tablepress.org",
"product": {
"product_data": [
{
"product_name": "TablePress",
"version": {
"version_data": [
{
"version_value": "prior to version 1.8.1"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"XML external entities (XXE)"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://wordpress.org/plugins/tablepress/#developers"
},
{
"url":"https://jvn.jp/en/jp/JVN05398317/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"TablePress prior to version 1.8.1 allows an attackerto conduct XML External Entity (XXE) attacks via unspecified vectors."
}
]
}
}

115
2017/10xxx/CVE-2017-10890.json
View File

@ -1,18 +1,99 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10890",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10890",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Sharp Corporation",
"product": {
"product_data": [
{
"product_name": "RX-V200 firmware",
"version": {
"version_data": [
{
"version_value": "prior to 09.87.17.09"
}
]
}
},
{
"product_name": "RX-V100 firmware",
"version": {
"version_data": [
{
"version_value": "prior to 03.29.17.09"
}
]
}
},
{
"product_name": "RX-CLV1-P firmware",
"version": {
"version_data": [
{
"version_value": "prior to 79.17.17.09"
}
]
}
},
{
"product_name": "RX-CLV2-B firmware",
"version": {
"version_data": [
{
"version_value": "prior to 89.07.17.09"
}
]
}
},
{
"product_name": "RX-CLV3-N firmware",
"version": {
"version_data": [
{
"version_value": "prior to 91.09.17.10"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Session Management Issue"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN76382932/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors."
}
]
}
}