admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:24:00 +00:00
parent fff8f5014b
commit 49e6e727a1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
61 changed files with 4742 additions and 4742 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2006/0xxx/CVE-2006-0364.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0364", "ID": "CVE-2006-0364",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by \"&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116\"." "value": "Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by \"&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060118 MyBB Signature HTML Code Injection", "name": "ADV-2006-0255",
"refsource" : "BUGTRAQ", "refsource": "VUPEN",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-01/0332.html" "url": "http://www.vupen.com/english/advisories/2006/0255"
}, },
{ {
"name" : "16308", "name": "mybb-html-signature-xss(24225)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/16308" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24225"
}, },
{ {
"name" : "ADV-2006-0255", "name": "16308",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/0255" "url": "http://www.securityfocus.com/bid/16308"
}, },
{ {
"name" : "22628", "name": "20060118 MyBB Signature HTML Code Injection",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/22628" "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0332.html"
}, },
{ {
"name" : "18544", "name": "22628",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/18544" "url": "http://www.osvdb.org/22628"
}, },
{ {
"name" : "mybb-html-signature-xss(24225)", "name": "18544",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24225" "url": "http://secunia.com/advisories/18544"
} }
] ]
} }

92
2006/0xxx/CVE-2006-0439.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0439", "ID": "CVE-2006-0439",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing data/userlist.txt." "value": "Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing data/userlist.txt."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060124 [eVuln] Text Rider Sensitive Information Disclosure", "name": "1015533",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/archive/1/423130/100/0/threaded" "url": "http://securitytracker.com/id?1015533"
}, },
{ {
"name" : "http://evuln.com/vulns/46/summary.html", "name": "ADV-2006-0321",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://evuln.com/vulns/46/summary.html" "url": "http://www.vupen.com/english/advisories/2006/0321"
}, },
{ {
"name" : "ADV-2006-0321", "name": "textrider-data-information-disclosure(24279)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2006/0321" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24279"
}, },
{ {
"name" : "1015533", "name": "http://evuln.com/vulns/46/summary.html",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://securitytracker.com/id?1015533" "url": "http://evuln.com/vulns/46/summary.html"
}, },
{ {
"name" : "18605", "name": "18605",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/18605" "url": "http://secunia.com/advisories/18605"
}, },
{ {
"name" : "textrider-data-information-disclosure(24279)", "name": "20060124 [eVuln] Text Rider Sensitive Information Disclosure",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24279" "url": "http://www.securityfocus.com/archive/1/423130/100/0/threaded"
} }
] ]
} }

86
2006/0xxx/CVE-2006-0694.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0694", "ID": "CVE-2006-0694",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the loaders (load_*.php) in Ansilove before 1.03 allows remote attackers to read arbitrary files via unspecified vectors involving \"converting files accessible by the webserver\"." "value": "Unspecified vulnerability in the loaders (load_*.php) in Ansilove before 1.03 allows remote attackers to read arbitrary files via unspecified vectors involving \"converting files accessible by the webserver\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=392826", "name": "ADV-2006-0536",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=392826" "url": "http://www.vupen.com/english/advisories/2006/0536"
}, },
{ {
"name" : "16603", "name": "ansilove-load-information-disclosure(24681)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/16603" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24681"
}, },
{ {
"name" : "ADV-2006-0536", "name": "http://sourceforge.net/project/shownotes.php?release_id=392826",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2006/0536" "url": "http://sourceforge.net/project/shownotes.php?release_id=392826"
}, },
{ {
"name" : "18810", "name": "16603",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/18810" "url": "http://www.securityfocus.com/bid/16603"
}, },
{ {
"name" : "ansilove-load-information-disclosure(24681)", "name": "18810",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24681" "url": "http://secunia.com/advisories/18810"
} }
] ]
} }

86
2006/0xxx/CVE-2006-0979.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0979", "ID": "CVE-2006-0979",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors." "value": "Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://issuedealer.com/changes/", "name": "http://issuedealer.com/changes/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://issuedealer.com/changes/" "url": "http://issuedealer.com/changes/"
}, },
{ {
"name" : "16884", "name": "16884",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/16884" "url": "http://www.securityfocus.com/bid/16884"
}, },
{ {
"name" : "23502", "name": "issuedealer-unpublished-issue-disclosure(24929)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/23502" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24929"
}, },
{ {
"name" : "19018", "name": "19018",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/19018" "url": "http://secunia.com/advisories/19018"
}, },
{ {
"name" : "issuedealer-unpublished-issue-disclosure(24929)", "name": "23502",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24929" "url": "http://www.osvdb.org/23502"
} }
] ]
} }

74
2006/1xxx/CVE-2006-1665.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1665", "ID": "CVE-2006-1665",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0.1 stable allow remote attackers to inject arbitrary web script or HTML via the (1) adminJump and (2) forum_middle parameters in (a) forum.php, and the (3) form parameter in (b) members.php, (c) pm.php, and (d) mail.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0.1 stable allow remote attackers to inject arbitrary web script or HTML via the (1) adminJump and (2) forum_middle parameters in (a) forum.php, and the (3) form parameter in (b) members.php, (c) pm.php, and (d) mail.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060404 ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz", "name": "17375",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/429940/100/0/threaded" "url": "http://www.securityfocus.com/bid/17375"
}, },
{ {
"name" : "17375", "name": "arabportal-multiple-xss(25657)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/17375" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25657"
}, },
{ {
"name" : "arabportal-multiple-xss(25657)", "name": "20060404 ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25657" "url": "http://www.securityfocus.com/archive/1/429940/100/0/threaded"
} }
] ]
} }

86
2006/1xxx/CVE-2006-1926.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1926", "ID": "CVE-2006-1926",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the pagenum parameter." "value": "SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the pagenum parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060419 ThWboard <= 3 Beta 2.84 SQL Injection", "name": "17606",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/431354/100/0/threaded" "url": "http://www.securityfocus.com/bid/17606"
}, },
{ {
"name" : "20060611 ThWboard 3.0 <= SQL Injection", "name": "20060613 Re: BUGTRAQ:20060611 ThWboard 3.0 <= SQL Injection",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436813/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/436919/100/0/threaded"
}, },
{ {
"name" : "20060613 Re: BUGTRAQ:20060611 ThWboard 3.0 <= SQL Injection", "name": "20060611 ThWboard 3.0 <= SQL Injection",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436919/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/436813/100/0/threaded"
}, },
{ {
"name" : "17606", "name": "thwboard-showtopic-sql-injection(25891)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/17606" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25891"
}, },
{ {
"name" : "thwboard-showtopic-sql-injection(25891)", "name": "20060419 ThWboard <= 3 Beta 2.84 SQL Injection",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25891" "url": "http://www.securityfocus.com/archive/1/431354/100/0/threaded"
} }
] ]
} }

98
2006/3xxx/CVE-2006-3288.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3288", "ID": "CVE-2006-3288",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and overwrite arbitrary files via unspecified vectors." "value": "Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and overwrite arbitrary files via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060628 Multiple Vulnerabilities in Wireless Control System", "name": "ADV-2006-2583",
"refsource" : "CISCO", "refsource": "VUPEN",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml" "url": "http://www.vupen.com/english/advisories/2006/2583"
}, },
{ {
"name" : "18701", "name": "20870",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/18701" "url": "http://secunia.com/advisories/20870"
}, },
{ {
"name" : "ADV-2006-2583", "name": "20060628 Multiple Vulnerabilities in Wireless Control System",
"refsource" : "VUPEN", "refsource": "CISCO",
"url" : "http://www.vupen.com/english/advisories/2006/2583" "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
}, },
{ {
"name" : "26881", "name": "1016398",
"refsource" : "OSVDB", "refsource": "SECTRACK",
"url" : "http://www.osvdb.org/26881" "url": "http://securitytracker.com/id?1016398"
}, },
{ {
"name" : "1016398", "name": "26881",
"refsource" : "SECTRACK", "refsource": "OSVDB",
"url" : "http://securitytracker.com/id?1016398" "url": "http://www.osvdb.org/26881"
}, },
{ {
"name" : "20870", "name": "18701",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/20870" "url": "http://www.securityfocus.com/bid/18701"
}, },
{ {
"name" : "cisco-wcs-tftp-access(27440)", "name": "cisco-wcs-tftp-access(27440)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27440" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27440"
} }
] ]
} }

122
2006/3xxx/CVE-2006-3431.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3431", "ID": "CVE-2006-3431",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the \"Style\" option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086." "value": "Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the \"Style\" option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060703 Excel 2000/XP/2003 Style 0day POC", "name": "20060707 Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438963/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/439427/100/0/threaded"
}, },
{ {
"name" : "20060707 Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs", "name": "SSRT061264",
"refsource" : "BUGTRAQ", "refsource": "HP",
"url" : "http://www.securityfocus.com/archive/1/439427/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
}, },
{ {
"name" : "20060711 New CVE number states Excel Style handling as a separate issue", "name": "20268",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=115274676314243&w=2" "url": "http://secunia.com/advisories/20268"
}, },
{ {
"name" : "HPSBST02161", "name": "MS06-059",
"refsource" : "HP", "refsource": "MS",
"url" : "http://www.securityfocus.com/archive/1/449179/100/0/threaded" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-059"
}, },
{ {
"name" : "SSRT061264", "name": "oval:org.mitre.oval:def:431",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/archive/1/449179/100/0/threaded" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A431"
}, },
{ {
"name" : "MS06-059", "name": "1016430",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-059" "url": "http://securitytracker.com/id?1016430"
}, },
{ {
"name" : "18872", "name": "20060711 New CVE number states Excel Style handling as a separate issue",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/18872" "url": "http://marc.info/?l=bugtraq&m=115274676314243&w=2"
}, },
{ {
"name" : "ADV-2006-2689", "name": "HPSBST02161",
"refsource" : "VUPEN", "refsource": "HP",
"url" : "http://www.vupen.com/english/advisories/2006/2689" "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
}, },
{ {
"name" : "oval:org.mitre.oval:def:431", "name": "18872",
"refsource" : "OVAL", "refsource": "BID",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A431" "url": "http://www.securityfocus.com/bid/18872"
}, },
{ {
"name" : "1016430", "name": "ADV-2006-2689",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://securitytracker.com/id?1016430" "url": "http://www.vupen.com/english/advisories/2006/2689"
}, },
{ {
"name" : "20268", "name": "20060703 Excel 2000/XP/2003 Style 0day POC",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/20268" "url": "http://www.securityfocus.com/archive/1/438963/100/0/threaded"
} }
] ]
} }

110
2006/3xxx/CVE-2006-3929.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3929", "ID": "CVE-2006-3929",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter." "value": "Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060726 Zyxel Prestige 660H-61 Cross-Site Scripting", "name": "19180",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/441193/100/0/threaded" "url": "http://www.securityfocus.com/bid/19180"
}, },
{ {
"name" : "http://www.eazel.es/media/advisory004-Zyxel-Prestige-660H-61-Cross-Site-Scripting.html", "name": "zyxel-prestige-rpsysadmin-xss(28021)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.eazel.es/media/advisory004-Zyxel-Prestige-660H-61-Cross-Site-Scripting.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28021"
}, },
{ {
"name" : "19180", "name": "27548",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/19180" "url": "http://www.osvdb.org/27548"
}, },
{ {
"name" : "ADV-2006-3012", "name": "20060726 Zyxel Prestige 660H-61 Cross-Site Scripting",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2006/3012" "url": "http://www.securityfocus.com/archive/1/441193/100/0/threaded"
}, },
{ {
"name" : "27548", "name": "ADV-2006-3012",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/27548" "url": "http://www.vupen.com/english/advisories/2006/3012"
}, },
{ {
"name" : "1016598", "name": "21225",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1016598" "url": "http://secunia.com/advisories/21225"
}, },
{ {
"name" : "21225", "name": "1016598",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/21225" "url": "http://securitytracker.com/id?1016598"
}, },
{ {
"name" : "1301", "name": "http://www.eazel.es/media/advisory004-Zyxel-Prestige-660H-61-Cross-Site-Scripting.html",
"refsource" : "SREASON", "refsource": "MISC",
"url" : "http://securityreason.com/securityalert/1301" "url": "http://www.eazel.es/media/advisory004-Zyxel-Prestige-660H-61-Cross-Site-Scripting.html"
}, },
{ {
"name" : "zyxel-prestige-rpsysadmin-xss(28021)", "name": "1301",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28021" "url": "http://securityreason.com/securityalert/1301"
} }
] ]
} }

212
2006/4xxx/CVE-2006-4146.json
View File

@ -1,186 +1,186 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4146", "ID": "CVE-2006-4146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations." "value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841", "name": "ADV-2006-4283",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841" "url": "http://www.vupen.com/english/advisories/2006/4283"
}, },
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=304669", "name": "25098",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://docs.info.apple.com/article.html?artnum=304669" "url": "http://secunia.com/advisories/25098"
}, },
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm", "name": "GLSA-200711-23",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm" "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
}, },
{ {
"name" : "APPLE-SA-2006-10-31", "name": "25894",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html" "url": "http://secunia.com/advisories/25894"
}, },
{ {
"name" : "GLSA-200711-23", "name": "RHSA-2007:0469",
"refsource" : "GENTOO", "refsource": "REDHAT",
"url" : "http://security.gentoo.org/glsa/glsa-200711-23.xml" "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
}, },
{ {
"name" : "RHSA-2007:0229", "name": "ADV-2007-3229",
"refsource" : "REDHAT", "refsource": "VUPEN",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0229.html" "url": "http://www.vupen.com/english/advisories/2007/3229"
}, },
{ {
"name" : "RHSA-2007:0469", "name": "APPLE-SA-2006-10-31",
"refsource" : "REDHAT", "refsource": "APPLE",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0469.html" "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
}, },
{ {
"name" : "20070602-01-P", "name": "28318",
"refsource" : "SGI", "refsource": "OSVDB",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" "url": "http://www.osvdb.org/28318"
}, },
{ {
"name" : "USN-356-1", "name": "1017138",
"refsource" : "UBUNTU", "refsource": "SECTRACK",
"url" : "http://www.ubuntu.com/usn/usn-356-1" "url": "http://securitytracker.com/id?1017138"
}, },
{ {
"name" : "19802", "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/19802" "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10463", "name": "oval:org.mitre.oval:def:10463",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
}, },
{ {
"name" : "ADV-2006-3433", "name": "RHSA-2007:0229",
"refsource" : "VUPEN", "refsource": "REDHAT",
"url" : "http://www.vupen.com/english/advisories/2006/3433" "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
}, },
{ {
"name" : "ADV-2006-4283", "name": "22662",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/4283" "url": "http://secunia.com/advisories/22662"
}, },
{ {
"name" : "ADV-2007-3229", "name": "25632",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/3229" "url": "http://secunia.com/advisories/25632"
}, },
{ {
"name" : "28318", "name": "25934",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/28318" "url": "http://secunia.com/advisories/25934"
}, },
{ {
"name" : "1017138", "name": "http://docs.info.apple.com/article.html?artnum=304669",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1017138" "url": "http://docs.info.apple.com/article.html?artnum=304669"
}, },
{ {
"name" : "21713", "name": "ADV-2006-3433",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/21713" "url": "http://www.vupen.com/english/advisories/2006/3433"
}, },
{ {
"name" : "22205", "name": "26909",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/22205" "url": "http://secunia.com/advisories/26909"
}, },
{ {
"name" : "22662", "name": "27706",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/22662" "url": "http://secunia.com/advisories/27706"
}, },
{ {
"name" : "25098", "name": "21713",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/25098" "url": "http://secunia.com/advisories/21713"
}, },
{ {
"name" : "25632", "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/25632" "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
}, },
{ {
"name" : "25894", "name": "22205",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/25894" "url": "http://secunia.com/advisories/22205"
}, },
{ {
"name" : "25934", "name": "19802",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/25934" "url": "http://www.securityfocus.com/bid/19802"
}, },
{ {
"name" : "26909", "name": "20070602-01-P",
"refsource" : "SECUNIA", "refsource": "SGI",
"url" : "http://secunia.com/advisories/26909" "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
}, },
{ {
"name" : "27706", "name": "USN-356-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/27706" "url": "http://www.ubuntu.com/usn/usn-356-1"
} }
] ]
} }

92
2006/4xxx/CVE-2006-4521.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4521", "ID": "CVE-2006-4521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request." "value": "The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061027 Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability", "name": "22660",
"refsource" : "IDEFENSE", "refsource": "SECUNIA",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437" "url": "http://secunia.com/advisories/22660"
}, },
{ {
"name" : "20842", "name": "ADV-2006-4293",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/20842" "url": "http://www.vupen.com/english/advisories/2006/4293"
}, },
{ {
"name" : "ADV-2006-4293", "name": "20842",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/4293" "url": "http://www.securityfocus.com/bid/20842"
}, },
{ {
"name" : "1017140", "name": "novell-berdecodelogindatarequeset-dos(29963)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1017140" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963"
}, },
{ {
"name" : "22660", "name": "20061027 Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability",
"refsource" : "SECUNIA", "refsource": "IDEFENSE",
"url" : "http://secunia.com/advisories/22660" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437"
}, },
{ {
"name" : "novell-berdecodelogindatarequeset-dos(29963)", "name": "1017140",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963" "url": "http://securitytracker.com/id?1017140"
} }
] ]
} }

22
2006/4xxx/CVE-2006-4730.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4730", "ID": "CVE-2006-4730",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2010/2xxx/CVE-2010-2110.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2110", "ID": "CVE-2010-2110",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors." "value": "Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=42228", "name": "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=42228" "url": "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html", "name": "oval:org.mitre.oval:def:12123",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12123"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12123", "name": "http://code.google.com/p/chromium/issues/detail?id=42228",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12123" "url": "http://code.google.com/p/chromium/issues/detail?id=42228"
} }
] ]
} }

68
2010/2xxx/CVE-2010-2410.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-2410", "ID": "CVE-2010-2410",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2395 and CVE-2010-2409." "value": "Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2395 and CVE-2010-2409."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}, },
{ {
"name" : "TA10-287A", "name": "TA10-287A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
} }
] ]
} }

68
2010/2xxx/CVE-2010-2620.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2620", "ID": "CVE-2010-2620",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first." "value": "Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "13932", "name": "40284",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "http://www.exploit-db.com/exploits/13932" "url": "http://secunia.com/advisories/40284"
}, },
{ {
"name" : "40284", "name": "13932",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/40284" "url": "http://www.exploit-db.com/exploits/13932"
} }
] ]
} }

92
2010/2xxx/CVE-2010-2927.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2927", "ID": "CVE-2010-2927",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0006 allows remote attackers to cause a denial of service (daemon crash) via multiple incomplete DIGEST-MD5 connection attempts." "value": "The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0006 allows remote attackers to cause a denial of service (daemon crash) via multiple incomplete DIGEST-MD5 connection attempts."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24027463", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24027463",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24027463" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24027463"
}, },
{ {
"name" : "IO12399", "name": "66782",
"refsource" : "AIXAPAR", "refsource": "OSVDB",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IO12399" "url": "http://osvdb.org/66782"
}, },
{ {
"name" : "42093", "name": "ibm-tds-digestmd5-dos(60821)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/42093" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60821"
}, },
{ {
"name" : "66782", "name": "40791",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/66782" "url": "http://secunia.com/advisories/40791"
}, },
{ {
"name" : "40791", "name": "42093",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/40791" "url": "http://www.securityfocus.com/bid/42093"
}, },
{ {
"name" : "ibm-tds-digestmd5-dos(60821)", "name": "IO12399",
"refsource" : "XF", "refsource": "AIXAPAR",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60821" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO12399"
} }
] ]
} }

22
2010/3xxx/CVE-2010-3410.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-3410", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2010-3410",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1825. Reason: This candidate is a duplicate of CVE-2010-1825. Notes: All CVE users should reference CVE-2010-1825 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1825. Reason: This candidate is a duplicate of CVE-2010-1825. Notes: All CVE users should reference CVE-2010-1825 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

68
2010/3xxx/CVE-2010-3577.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-3577", "ID": "CVE-2010-3577",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality and integrity, related to Kernel/CIFS." "value": "Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality and integrity, related to Kernel/CIFS."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}, },
{ {
"name" : "TA10-287A", "name": "TA10-287A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
} }
] ]
} }

188
2010/3xxx/CVE-2010-3642.json
View File

@ -1,166 +1,166 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-3642", "ID": "CVE-2010-3642",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652." "value": "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html", "name": "ADV-2011-0192",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html" "url": "http://www.vupen.com/english/advisories/2011/0192"
}, },
{ {
"name" : "http://support.apple.com/kb/HT4435", "name": "42183",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://support.apple.com/kb/HT4435" "url": "http://secunia.com/advisories/42183"
}, },
{ {
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1", "name": "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1" "url": "http://support.apple.com/kb/HT4435"
}, },
{ {
"name" : "APPLE-SA-2010-11-10-1", "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
}, },
{ {
"name" : "GLSA-201101-09", "name": "43026",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml" "url": "http://secunia.com/advisories/43026"
}, },
{ {
"name" : "HPSBMA02663", "name": "GLSA-201101-09",
"refsource" : "HP", "refsource": "GENTOO",
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2" "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
}, },
{ {
"name" : "SSRT100428", "name": "ADV-2010-2918",
"refsource" : "HP", "refsource": "VUPEN",
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2" "url": "http://www.vupen.com/english/advisories/2010/2918"
}, },
{ {
"name" : "RHSA-2010:0829", "name": "APPLE-SA-2010-11-10-1",
"refsource" : "REDHAT", "refsource": "APPLE",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0829.html" "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}, },
{ {
"name" : "RHSA-2010:0834", "name": "RHSA-2010:0834",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0834.html" "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
}, },
{ {
"name" : "RHSA-2010:0867", "name": "SUSE-SA:2010:055",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0867.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
}, },
{ {
"name" : "SUSE-SA:2010:055", "name": "42926",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html" "url": "http://secunia.com/advisories/42926"
}, },
{ {
"name" : "44678", "name": "SSRT100428",
"refsource" : "BID", "refsource": "HP",
"url" : "http://www.securityfocus.com/bid/44678" "url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12065", "name": "ADV-2010-2903",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12065" "url": "http://www.vupen.com/english/advisories/2010/2903"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16254", "name": "HPSBMA02663",
"refsource" : "OVAL", "refsource": "HP",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16254" "url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
}, },
{ {
"name" : "42183", "name": "ADV-2011-0173",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/42183" "url": "http://www.vupen.com/english/advisories/2011/0173"
}, },
{ {
"name" : "42926", "name": "oval:org.mitre.oval:def:12065",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/42926" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12065"
}, },
{ {
"name" : "43026", "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/43026" "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
}, },
{ {
"name" : "ADV-2010-2903", "name": "44678",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2010/2903" "url": "http://www.securityfocus.com/bid/44678"
}, },
{ {
"name" : "ADV-2010-2906", "name": "ADV-2010-2906",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2906" "url": "http://www.vupen.com/english/advisories/2010/2906"
}, },
{ {
"name" : "ADV-2010-2918", "name": "RHSA-2010:0867",
"refsource" : "VUPEN", "refsource": "REDHAT",
"url" : "http://www.vupen.com/english/advisories/2010/2918" "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
}, },
{ {
"name" : "ADV-2011-0173", "name": "RHSA-2010:0829",
"refsource" : "VUPEN", "refsource": "REDHAT",
"url" : "http://www.vupen.com/english/advisories/2011/0173" "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
}, },
{ {
"name" : "ADV-2011-0192", "name": "oval:org.mitre.oval:def:16254",
"refsource" : "VUPEN", "refsource": "OVAL",
"url" : "http://www.vupen.com/english/advisories/2011/0192" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16254"
} }
] ]
} }

176
2010/3xxx/CVE-2010-3690.json
View File

@ -1,156 +1,156 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-3690", "ID": "CVE-2010-3690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2) vectors involving functions that make getCallbackURL calls, or (3) vectors involving functions that make getURL calls." "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2) vectors involving functions that make getCallbackURL calls, or (3) vectors involving functions that make getURL calls."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2010/09/29/6" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
}, },
{ {
"name" : "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback", "name": "DSA-2172",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "http://www.openwall.com/lists/oss-security/2010/10/01/2" "url": "http://www.debian.org/security/2011/dsa-2172"
}, },
{ {
"name" : "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback", "name": "https://issues.jasig.org/browse/PHPCAS-80",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2010/10/01/5" "url": "https://issues.jasig.org/browse/PHPCAS-80"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82", "name": "ADV-2011-0456",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82" "url": "http://www.vupen.com/english/advisories/2011/0456"
}, },
{ {
"name" : "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538", "name": "FEDORA-2010-15943",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
}, },
{ {
"name" : "https://issues.jasig.org/browse/PHPCAS-80", "name": "FEDORA-2010-15970",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://issues.jasig.org/browse/PHPCAS-80" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
}, },
{ {
"name" : "https://forge.indepnet.net/projects/glpi/repository/revisions/12601", "name": "ADV-2010-2909",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "https://forge.indepnet.net/projects/glpi/repository/revisions/12601" "url": "http://www.vupen.com/english/advisories/2010/2909"
}, },
{ {
"name" : "DSA-2172", "name": "43585",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2011/dsa-2172" "url": "http://www.securityfocus.com/bid/43585"
}, },
{ {
"name" : "FEDORA-2010-15943", "name": "42149",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html" "url": "http://secunia.com/advisories/42149"
}, },
{ {
"name" : "FEDORA-2010-15970", "name": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html" "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
}, },
{ {
"name" : "FEDORA-2010-16905", "name": "ADV-2010-2705",
"refsource" : "FEDORA", "refsource": "VUPEN",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html" "url": "http://www.vupen.com/english/advisories/2010/2705"
}, },
{ {
"name" : "FEDORA-2010-16912", "name": "43427",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html" "url": "http://secunia.com/advisories/43427"
}, },
{ {
"name" : "43585", "name": "[oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/43585" "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
}, },
{ {
"name" : "41878", "name": "FEDORA-2010-16912",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/41878" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
}, },
{ {
"name" : "42149", "name": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/42149" "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
}, },
{ {
"name" : "42184", "name": "FEDORA-2010-16905",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/42184" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
}, },
{ {
"name" : "43427", "name": "41878",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/43427" "url": "http://secunia.com/advisories/41878"
}, },
{ {
"name" : "ADV-2010-2705", "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2010/2705" "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
}, },
{ {
"name" : "ADV-2010-2909", "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2010/2909" "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
}, },
{ {
"name" : "ADV-2011-0456", "name": "42184",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2011/0456" "url": "http://secunia.com/advisories/42184"
} }
] ]
} }

236
2010/3xxx/CVE-2010-3718.json
View File

@ -1,206 +1,206 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-3718", "ID": "CVE-2010-3718",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack." "value": "Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110205 [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions", "name": "46177",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/516211/100/0/threaded" "url": "http://www.securityfocus.com/bid/46177"
}, },
{ {
"name" : "http://tomcat.apache.org/security-5.html", "name": "oval:org.mitre.oval:def:13969",
"refsource" : "MISC", "refsource": "OVAL",
"url" : "http://tomcat.apache.org/security-5.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13969"
}, },
{ {
"name" : "http://tomcat.apache.org/security-6.html", "name": "20110205 [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://tomcat.apache.org/security-6.html" "url": "http://www.securityfocus.com/archive/1/516211/100/0/threaded"
}, },
{ {
"name" : "http://tomcat.apache.org/security-7.html", "name": "8072",
"refsource" : "MISC", "refsource": "SREASON",
"url" : "http://tomcat.apache.org/security-7.html" "url": "http://securityreason.com/securityalert/8072"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5002", "name": "http://tomcat.apache.org/security-6.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://support.apple.com/kb/HT5002" "url": "http://tomcat.apache.org/security-6.html"
}, },
{ {
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html", "name": "HPSBUX02860",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html" "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2"
}, },
{ {
"name" : "APPLE-SA-2011-10-12-3", "name": "45022",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" "url": "http://secunia.com/advisories/45022"
}, },
{ {
"name" : "DSA-2160", "name": "RHSA-2011:1845",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2011/dsa-2160" "url": "http://www.redhat.com/support/errata/RHSA-2011-1845.html"
}, },
{ {
"name" : "HPSBUX02725", "name": "SUSE-SR:2011:005",
"refsource" : "HP", "refsource": "SUSE",
"url" : "http://marc.info/?l=bugtraq&m=132215163318824&w=2" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
}, },
{ {
"name" : "SSRT100627", "name": "SSRT100627",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=132215163318824&w=2" "url": "http://marc.info/?l=bugtraq&m=132215163318824&w=2"
}, },
{ {
"name" : "HPSBUX02860", "name": "tomcat-servletcontect-sec-bypass(65159)",
"refsource" : "HP", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=136485229118404&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65159"
}, },
{ {
"name" : "SSRT101146", "name": "APPLE-SA-2011-10-12-3",
"refsource" : "HP", "refsource": "APPLE",
"url" : "http://marc.info/?l=bugtraq&m=136485229118404&w=2" "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
}, },
{ {
"name" : "HPSBST02955", "name": "MDVSA-2011:030",
"refsource" : "HP", "refsource": "MANDRIVA",
"url" : "http://marc.info/?l=bugtraq&m=139344343412337&w=2" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:030"
}, },
{ {
"name" : "HPSBUX02645", "name": "oval:org.mitre.oval:def:19379",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://marc.info/?l=bugtraq&m=130168502603566&w=2" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19379"
}, },
{ {
"name" : "MDVSA-2011:030", "name": "RHSA-2011:0897",
"refsource" : "MANDRIVA", "refsource": "REDHAT",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:030" "url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html"
}, },
{ {
"name" : "RHSA-2011:0791", "name": "57126",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0791.html" "url": "http://secunia.com/advisories/57126"
}, },
{ {
"name" : "RHSA-2011:0896", "name": "RHSA-2011:0791",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0896.html" "url": "http://www.redhat.com/support/errata/RHSA-2011-0791.html"
}, },
{ {
"name" : "RHSA-2011:0897", "name": "43192",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0897.html" "url": "http://secunia.com/advisories/43192"
}, },
{ {
"name" : "RHSA-2011:1845", "name": "RHSA-2011:0896",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1845.html" "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
}, },
{ {
"name" : "SUSE-SR:2011:005", "name": "DSA-2160",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html" "url": "http://www.debian.org/security/2011/dsa-2160"
}, },
{ {
"name" : "46177", "name": "1025025",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/46177" "url": "http://www.securitytracker.com/id?1025025"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12517", "name": "http://support.apple.com/kb/HT5002",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12517" "url": "http://support.apple.com/kb/HT5002"
}, },
{ {
"name" : "oval:org.mitre.oval:def:13969", "name": "HPSBUX02725",
"refsource" : "OVAL", "refsource": "HP",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13969" "url": "http://marc.info/?l=bugtraq&m=132215163318824&w=2"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19379", "name": "SSRT101146",
"refsource" : "OVAL", "refsource": "HP",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19379" "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2"
}, },
{ {
"name" : "1025025", "name": "http://tomcat.apache.org/security-5.html",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id?1025025" "url": "http://tomcat.apache.org/security-5.html"
}, },
{ {
"name" : "43192", "name": "oval:org.mitre.oval:def:12517",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/43192" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12517"
}, },
{ {
"name" : "45022", "name": "HPSBUX02645",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/45022" "url": "http://marc.info/?l=bugtraq&m=130168502603566&w=2"
}, },
{ {
"name" : "57126", "name": "HPSBST02955",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/57126" "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2"
}, },
{ {
"name" : "8072", "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html",
"refsource" : "SREASON", "refsource": "CONFIRM",
"url" : "http://securityreason.com/securityalert/8072" "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"
}, },
{ {
"name" : "tomcat-servletcontect-sec-bypass(65159)", "name": "http://tomcat.apache.org/security-7.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65159" "url": "http://tomcat.apache.org/security-7.html"
} }
] ]
} }

362
2010/3xxx/CVE-2010-3765.json
View File

@ -1,311 +1,311 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3765", "ID": "CVE-2010-3765",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware." "value": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "15341", "name": "44425",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "http://www.exploit-db.com/exploits/15341" "url": "http://www.securityfocus.com/bid/44425"
}, },
{ {
"name" : "15342", "name": "RHSA-2010:0812",
"refsource" : "EXPLOIT-DB", "refsource": "REDHAT",
"url" : "http://www.exploit-db.com/exploits/15342" "url": "https://rhn.redhat.com/errata/RHSA-2010-0812.html"
}, },
{ {
"name" : "15352", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "http://www.exploit-db.com/exploits/15352" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53"
}, },
{ {
"name" : "http://isc.sans.edu/diary.html?storyid=9817", "name": "ADV-2010-2837",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://isc.sans.edu/diary.html?storyid=9817" "url": "http://www.vupen.com/english/advisories/2010/2837"
}, },
{ {
"name" : "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=646997",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=646997"
}, },
{ {
"name" : "http://www.norman.com/security_center/virus_description_archive/129146/", "name": "http://support.avaya.com/css/P8/documents/100114335",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.norman.com/security_center/virus_description_archive/129146/" "url": "http://support.avaya.com/css/P8/documents/100114335"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53", "name": "41965",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53" "url": "http://secunia.com/advisories/41965"
}, },
{ {
"name" : "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter", "name": "41975",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter" "url": "http://secunia.com/advisories/41975"
}, },
{ {
"name" : "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/", "name": "RHSA-2010:0896",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/" "url": "http://www.redhat.com/support/errata/RHSA-2010-0896.html"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=607222", "name": "RHSA-2010:0808",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=607222" "url": "http://www.redhat.com/support/errata/RHSA-2010-0808.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=646997", "name": "15341",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=646997" "url": "http://www.exploit-db.com/exploits/15341"
}, },
{ {
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html", "name": "1024651",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html" "url": "http://www.securitytracker.com/id?1024651"
}, },
{ {
"name" : "http://support.avaya.com/css/P8/documents/100114329", "name": "41761",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://support.avaya.com/css/P8/documents/100114329" "url": "http://secunia.com/advisories/41761"
}, },
{ {
"name" : "http://support.avaya.com/css/P8/documents/100114335", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100114335" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222"
}, },
{ {
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox", "name": "FEDORA-2010-17105",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html"
}, },
{ {
"name" : "DSA-2124", "name": "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "http://www.debian.org/security/2010/dsa-2124" "url": "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter"
}, },
{ {
"name" : "FEDORA-2010-17105", "name": "41969",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html" "url": "http://secunia.com/advisories/41969"
}, },
{ {
"name" : "FEDORA-2010-16883", "name": "USN-1011-3",
"refsource" : "FEDORA", "refsource": "UBUNTU",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html" "url": "http://www.ubuntu.com/usn/USN-1011-3"
}, },
{ {
"name" : "FEDORA-2010-16885", "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html" "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
}, },
{ {
"name" : "FEDORA-2010-16897", "name": "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/",
"refsource" : "FEDORA", "refsource": "MISC",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html" "url": "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/"
}, },
{ {
"name" : "MDVSA-2010:213", "name": "USN-1011-1",
"refsource" : "MANDRIVA", "refsource": "UBUNTU",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:213" "url": "http://www.ubuntu.com/usn/usn-1011-1"
}, },
{ {
"name" : "MDVSA-2010:219", "name": "1024650",
"refsource" : "MANDRIVA", "refsource": "SECTRACK",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:219" "url": "http://www.securitytracker.com/id?1024650"
}, },
{ {
"name" : "RHSA-2010:0809", "name": "USN-1011-2",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0809.html" "url": "http://www.ubuntu.com/usn/USN-1011-2"
}, },
{ {
"name" : "RHSA-2010:0810", "name": "RHSA-2010:0809",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0810.html" "url": "http://www.redhat.com/support/errata/RHSA-2010-0809.html"
}, },
{ {
"name" : "RHSA-2010:0808", "name": "MDVSA-2010:219",
"refsource" : "REDHAT", "refsource": "MANDRIVA",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0808.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:219"
}, },
{ {
"name" : "RHSA-2010:0812", "name": "42867",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "https://rhn.redhat.com/errata/RHSA-2010-0812.html" "url": "http://secunia.com/advisories/42867"
}, },
{ {
"name" : "RHSA-2010:0861", "name": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0861.html" "url": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/"
}, },
{ {
"name" : "RHSA-2010:0896", "name": "ADV-2010-2857",
"refsource" : "REDHAT", "refsource": "VUPEN",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0896.html" "url": "http://www.vupen.com/english/advisories/2010/2857"
}, },
{ {
"name" : "SSA:2010-305-01", "name": "ADV-2011-0061",
"refsource" : "SLACKWARE", "refsource": "VUPEN",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706" "url": "http://www.vupen.com/english/advisories/2011/0061"
}, },
{ {
"name" : "USN-1011-3", "name": "http://support.avaya.com/css/P8/documents/100114329",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-1011-3" "url": "http://support.avaya.com/css/P8/documents/100114329"
}, },
{ {
"name" : "USN-1011-1", "name": "DSA-2124",
"refsource" : "UBUNTU", "refsource": "DEBIAN",
"url" : "http://www.ubuntu.com/usn/usn-1011-1" "url": "http://www.debian.org/security/2010/dsa-2124"
}, },
{ {
"name" : "USN-1011-2", "name": "1024645",
"refsource" : "UBUNTU", "refsource": "SECTRACK",
"url" : "http://www.ubuntu.com/usn/USN-1011-2" "url": "http://www.securitytracker.com/id?1024645"
}, },
{ {
"name" : "44425", "name": "42043",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/44425" "url": "http://secunia.com/advisories/42043"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12108", "name": "http://www.norman.com/security_center/virus_description_archive/129146/",
"refsource" : "OVAL", "refsource": "MISC",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108" "url": "http://www.norman.com/security_center/virus_description_archive/129146/"
}, },
{ {
"name" : "1024650", "name": "41966",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1024650" "url": "http://secunia.com/advisories/41966"
}, },
{ {
"name" : "1024651", "name": "MDVSA-2010:213",
"refsource" : "SECTRACK", "refsource": "MANDRIVA",
"url" : "http://www.securitytracker.com/id?1024651" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:213"
}, },
{ {
"name" : "1024645", "name": "42008",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1024645" "url": "http://secunia.com/advisories/42008"
}, },
{ {
"name" : "41966", "name": "FEDORA-2010-16883",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/41966" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html"
}, },
{ {
"name" : "41969", "name": "SSA:2010-305-01",
"refsource" : "SECUNIA", "refsource": "SLACKWARE",
"url" : "http://secunia.com/advisories/41969" "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706"
}, },
{ {
"name" : "42008", "name": "ADV-2010-2871",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/42008" "url": "http://www.vupen.com/english/advisories/2010/2871"
}, },
{ {
"name" : "42043", "name": "http://isc.sans.edu/diary.html?storyid=9817",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/42043" "url": "http://isc.sans.edu/diary.html?storyid=9817"
}, },
{ {
"name" : "41761", "name": "RHSA-2010:0810",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/41761" "url": "http://www.redhat.com/support/errata/RHSA-2010-0810.html"
}, },
{ {
"name" : "41965", "name": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/41965" "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html"
}, },
{ {
"name" : "41975", "name": "15352",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/41975" "url": "http://www.exploit-db.com/exploits/15352"
}, },
{ {
"name" : "42003", "name": "oval:org.mitre.oval:def:12108",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/42003" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108"
}, },
{ {
"name" : "42867", "name": "42003",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/42867" "url": "http://secunia.com/advisories/42003"
}, },
{ {
"name" : "ADV-2010-2871", "name": "FEDORA-2010-16897",
"refsource" : "VUPEN", "refsource": "FEDORA",
"url" : "http://www.vupen.com/english/advisories/2010/2871" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
}, },
{ {
"name" : "ADV-2010-2837", "name": "RHSA-2010:0861",
"refsource" : "VUPEN", "refsource": "REDHAT",
"url" : "http://www.vupen.com/english/advisories/2010/2837" "url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
}, },
{ {
"name" : "ADV-2010-2857", "name": "FEDORA-2010-16885",
"refsource" : "VUPEN", "refsource": "FEDORA",
"url" : "http://www.vupen.com/english/advisories/2010/2857" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
}, },
{ {
"name" : "ADV-2010-2864", "name": "15342",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2010/2864" "url": "http://www.exploit-db.com/exploits/15342"
}, },
{ {
"name" : "ADV-2011-0061", "name": "ADV-2010-2864",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0061" "url": "http://www.vupen.com/english/advisories/2010/2864"
} }
] ]
} }

98
2010/4xxx/CVE-2010-4151.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4151", "ID": "CVE-2010-4151",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033." "value": "SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20101019 SQL injection in DeluxeBB", "name": "http://www.htbridge.ch/advisory/sql_injection_in_deluxebb.html",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/514374/100/0/threaded" "url": "http://www.htbridge.ch/advisory/sql_injection_in_deluxebb.html"
}, },
{ {
"name" : "http://packetstormsecurity.org/1010-exploits/deluxebb13x-sql.txt", "name": "41918",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://packetstormsecurity.org/1010-exploits/deluxebb13x-sql.txt" "url": "http://secunia.com/advisories/41918"
}, },
{ {
"name" : "http://www.htbridge.ch/advisory/sql_injection_in_deluxebb.html", "name": "http://www.deluxebb.com/community/topic.php?tid=993",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.htbridge.ch/advisory/sql_injection_in_deluxebb.html" "url": "http://www.deluxebb.com/community/topic.php?tid=993"
}, },
{ {
"name" : "http://www.deluxebb.com/community/topic.php?tid=993", "name": "20101019 SQL injection in DeluxeBB",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www.deluxebb.com/community/topic.php?tid=993" "url": "http://www.securityfocus.com/archive/1/514374/100/0/threaded"
}, },
{ {
"name" : "44259", "name": "44259",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/44259" "url": "http://www.securityfocus.com/bid/44259"
}, },
{ {
"name" : "41918", "name": "deluxebb-xthedateformat-sql-injection(62660)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/41918" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62660"
}, },
{ {
"name" : "deluxebb-xthedateformat-sql-injection(62660)", "name": "http://packetstormsecurity.org/1010-exploits/deluxebb13x-sql.txt",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62660" "url": "http://packetstormsecurity.org/1010-exploits/deluxebb13x-sql.txt"
} }
] ]
} }

116
2010/4xxx/CVE-2010-4480.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4480", "ID": "CVE-2010-4480",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing \"@\" characters, as demonstrated using \"[a@url@page]\"." "value": "error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing \"@\" characters, as demonstrated using \"[a@url@page]\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "15699", "name": "ADV-2011-0027",
"refsource" : "EXPLOIT-DB", "refsource": "VUPEN",
"url" : "http://www.exploit-db.com/exploits/15699" "url": "http://www.vupen.com/english/advisories/2011/0027"
}, },
{ {
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2010-9.php", "name": "ADV-2011-0001",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2010-9.php" "url": "http://www.vupen.com/english/advisories/2011/0001"
}, },
{ {
"name" : "DSA-2139", "name": "45633",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2010/dsa-2139" "url": "http://www.securityfocus.com/bid/45633"
}, },
{ {
"name" : "MDVSA-2011:000", "name": "42485",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:000" "url": "http://secunia.com/advisories/42485"
}, },
{ {
"name" : "45633", "name": "DSA-2139",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/45633" "url": "http://www.debian.org/security/2010/dsa-2139"
}, },
{ {
"name" : "42485", "name": "15699",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/42485" "url": "http://www.exploit-db.com/exploits/15699"
}, },
{ {
"name" : "42725", "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2010-9.php",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/42725" "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2010-9.php"
}, },
{ {
"name" : "ADV-2010-3133", "name": "ADV-2010-3133",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3133" "url": "http://www.vupen.com/english/advisories/2010/3133"
}, },
{ {
"name" : "ADV-2011-0001", "name": "42725",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2011/0001" "url": "http://secunia.com/advisories/42725"
}, },
{ {
"name" : "ADV-2011-0027", "name": "MDVSA-2011:000",
"refsource" : "VUPEN", "refsource": "MANDRIVA",
"url" : "http://www.vupen.com/english/advisories/2011/0027" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:000"
} }
] ]
} }

194
2011/1xxx/CVE-2011-1022.json
View File

@ -1,171 +1,171 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-1022", "ID": "CVE-2011-1022",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message." "value": "The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[libcg-devel] 20101115 Fwd: libcgroup netlink", "name": "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://sourceforge.net/mailarchive/message.php?msg_id=26598749" "url": "http://openwall.com/lists/oss-security/2011/02/25/11"
}, },
{ {
"name" : "[libcg-devel] 20110218 [PATCH 2/2] cgrulesengd: Ignore netlink messages that don't come from the kernel.", "name": "43758",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://sourceforge.net/mailarchive/message.php?msg_id=27102603" "url": "http://secunia.com/advisories/43758"
}, },
{ {
"name" : "[oss-security] 20110224 CVE request: libcgroup: Failure to verify netlink messages", "name": "44093",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://openwall.com/lists/oss-security/2011/02/25/6" "url": "http://secunia.com/advisories/44093"
}, },
{ {
"name" : "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2011/02/25/9" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987"
}, },
{ {
"name" : "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages", "name": "1025157",
"refsource" : "MLIST", "refsource": "SECTRACK",
"url" : "http://openwall.com/lists/oss-security/2011/02/25/11" "url": "http://www.securitytracker.com/id?1025157"
}, },
{ {
"name" : "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages", "name": "46578",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://openwall.com/lists/oss-security/2011/02/25/12" "url": "http://www.securityfocus.com/bid/46578"
}, },
{ {
"name" : "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages", "name": "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2011/02/25/14" "url": "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987", "name": "43891",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987" "url": "http://secunia.com/advisories/43891"
}, },
{ {
"name" : "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download", "name": "DSA-2193",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download" "url": "http://www.debian.org/security/2011/dsa-2193"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=680409", "name": "openSUSE-SU-2011:0316",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=680409" "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html"
}, },
{ {
"name" : "DSA-2193", "name": "FEDORA-2011-2631",
"refsource" : "DEBIAN", "refsource": "FEDORA",
"url" : "http://www.debian.org/security/2011/dsa-2193" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html"
}, },
{ {
"name" : "FEDORA-2011-2631", "name": "ADV-2011-0679",
"refsource" : "FEDORA", "refsource": "VUPEN",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html" "url": "http://www.vupen.com/english/advisories/2011/0679"
}, },
{ {
"name" : "FEDORA-2011-2638", "name": "ADV-2011-0774",
"refsource" : "FEDORA", "refsource": "VUPEN",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html" "url": "http://www.vupen.com/english/advisories/2011/0774"
}, },
{ {
"name" : "RHSA-2011:0320", "name": "[libcg-devel] 20101115 Fwd: libcgroup netlink",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0320.html" "url": "http://sourceforge.net/mailarchive/message.php?msg_id=26598749"
}, },
{ {
"name" : "openSUSE-SU-2011:0316", "name": "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html" "url": "http://openwall.com/lists/oss-security/2011/02/25/14"
}, },
{ {
"name" : "46578", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=680409",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/46578" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680409"
}, },
{ {
"name" : "1025157", "name": "RHSA-2011:0320",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id?1025157" "url": "http://www.redhat.com/support/errata/RHSA-2011-0320.html"
}, },
{ {
"name" : "43611", "name": "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/43611" "url": "http://openwall.com/lists/oss-security/2011/02/25/12"
}, },
{ {
"name" : "43758", "name": "43611",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/43758" "url": "http://secunia.com/advisories/43611"
}, },
{ {
"name" : "43891", "name": "FEDORA-2011-2638",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/43891" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html"
}, },
{ {
"name" : "44093", "name": "[oss-security] 20110224 CVE request: libcgroup: Failure to verify netlink messages",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/44093" "url": "http://openwall.com/lists/oss-security/2011/02/25/6"
}, },
{ {
"name" : "ADV-2011-0679", "name": "[oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2011/0679" "url": "http://openwall.com/lists/oss-security/2011/02/25/9"
}, },
{ {
"name" : "ADV-2011-0774", "name": "[libcg-devel] 20110218 [PATCH 2/2] cgrulesengd: Ignore netlink messages that don't come from the kernel.",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2011/0774" "url": "http://sourceforge.net/mailarchive/message.php?msg_id=27102603"
} }
] ]
} }

22
2011/1xxx/CVE-2011-1145.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1145", "ID": "CVE-2011-1145",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

92
2011/1xxx/CVE-2011-1384.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1384", "ID": "CVE-2011-1384",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file." "value": "The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc", "name": "aix-scout-symlink(71615)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71615"
}, },
{ {
"name" : "IV11643", "name": "47222",
"refsource" : "AIXAPAR", "refsource": "SECUNIA",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IV11643" "url": "http://secunia.com/advisories/47222"
}, },
{ {
"name" : "51059", "name": "http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/51059" "url": "http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc"
}, },
{ {
"name" : "51083", "name": "51059",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/51083" "url": "http://www.securityfocus.com/bid/51059"
}, },
{ {
"name" : "47222", "name": "51083",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/47222" "url": "http://www.securityfocus.com/bid/51083"
}, },
{ {
"name" : "aix-scout-symlink(71615)", "name": "IV11643",
"refsource" : "XF", "refsource": "AIXAPAR",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71615" "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IV11643"
} }
] ]
} }

22
2011/1xxx/CVE-2011-1791.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1791", "ID": "CVE-2011-1791",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

98
2011/1xxx/CVE-2011-1899.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1899", "ID": "CVE-2011-1899",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth 6.0.x, 6.1.x, 6.2.1, and 6.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters." "value": "Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth 6.0.x, 6.1.x, 6.2.1, and 6.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110510 CA20110510-01: Security Notice for CA eHealth", "name": "44482",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/517956/100/0/threaded" "url": "http://secunia.com/advisories/44482"
}, },
{ {
"name" : "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5662845D-4CD7-4CE6-8829-4F07A4C67366}", "name": "1025518",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5662845D-4CD7-4CE6-8829-4F07A4C67366}" "url": "http://securitytracker.com/id?1025518"
}, },
{ {
"name" : "47795", "name": "8252",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/47795" "url": "http://securityreason.com/securityalert/8252"
}, },
{ {
"name" : "1025518", "name": "20110510 CA20110510-01: Security Notice for CA eHealth",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1025518" "url": "http://www.securityfocus.com/archive/1/517956/100/0/threaded"
}, },
{ {
"name" : "44482", "name": "47795",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/44482" "url": "http://www.securityfocus.com/bid/47795"
}, },
{ {
"name" : "8252", "name": "ehealth-unspecified-xss(67389)",
"refsource" : "SREASON", "refsource": "XF",
"url" : "http://securityreason.com/securityalert/8252" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67389"
}, },
{ {
"name" : "ehealth-unspecified-xss(67389)", "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5662845D-4CD7-4CE6-8829-4F07A4C67366}",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67389" "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5662845D-4CD7-4CE6-8829-4F07A4C67366}"
} }
] ]
} }

74
2011/1xxx/CVE-2011-1963.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2011-1963", "ID": "CVE-2011-1963",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"XSLT Memory Corruption Vulnerability.\"" "value": "Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"XSLT Memory Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS11-057", "name": "MS11-057",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
}, },
{ {
"name" : "TA11-221A", "name": "oval:org.mitre.oval:def:12753",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-221A.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12753"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12753", "name": "TA11-221A",
"refsource" : "OVAL", "refsource": "CERT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12753" "url": "http://www.us-cert.gov/cas/techalerts/TA11-221A.html"
} }
] ]
} }

22
2011/5xxx/CVE-2011-5020.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5020", "ID": "CVE-2011-5020",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2011/5xxx/CVE-2011-5074.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5074", "ID": "CVE-2011-5074",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via (1) user_profile_edit.php or (2) user_add.php." "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via (1) user_profile_edit.php or (2) user_add.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110914 Multiple vulnerabilities in SiT! Support Incident Tracker", "name": "http://sitracker.org/wiki/ReleaseNotes365",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/519636" "url": "http://sitracker.org/wiki/ReleaseNotes365"
}, },
{ {
"name" : "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html", "name": "20110914 Multiple vulnerabilities in SiT! Support Incident Tracker",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html" "url": "http://www.securityfocus.com/archive/1/519636"
}, },
{ {
"name" : "http://sitracker.org/wiki/ReleaseNotes365", "name": "46019",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://sitracker.org/wiki/ReleaseNotes365" "url": "http://secunia.com/advisories/46019"
}, },
{ {
"name" : "46019", "name": "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/46019" "url": "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html"
} }
] ]
} }

22
2014/3xxx/CVE-2014-3726.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3726", "ID": "CVE-2014-3726",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2014/3xxx/CVE-2014-3866.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3866", "ID": "CVE-2014-3866",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that change the (1) administrative password via the passwordc parameter or (2) administrative e-mail address via the email parameter." "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that change the (1) administrative password via the passwordc parameter or (2) administrative e-mail address via the email parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://research.openflare.org/advisories/OF-2014-11/usercake_csrf.txt", "name": "http://research.openflare.org/advisories/OF-2014-11/usercake_csrf.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://research.openflare.org/advisories/OF-2014-11/usercake_csrf.txt" "url": "http://research.openflare.org/advisories/OF-2014-11/usercake_csrf.txt"
} }
] ]
} }

74
2014/7xxx/CVE-2014-7009.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7009", "ID": "CVE-2014-7009",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The HKBN My Account (aka com.hkbn.myaccount) application @7F070015 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The HKBN My Account (aka com.hkbn.myaccount) application @7F070015 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#582497",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "VU#741425",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "http://www.kb.cert.org/vuls/id/741425"
}, },
{ {
"name" : "VU#741425", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/741425" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

22
2014/7xxx/CVE-2014-7171.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7171", "ID": "CVE-2014-7171",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2014/7xxx/CVE-2014-7306.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7306", "ID": "CVE-2014-7306",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2014/7xxx/CVE-2014-7362.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7362", "ID": "CVE-2014-7362",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Naranjas Con Tocados (aka com.NaranjasConTocados.com) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The Naranjas Con Tocados (aka com.NaranjasConTocados.com) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#388633",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/388633"
}, },
{ {
"name" : "VU#388633", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/388633" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

74
2014/7xxx/CVE-2014-7427.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7427", "ID": "CVE-2014-7427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) application 0.75.13441.88885 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) application 0.75.13441.88885 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#853449",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/853449"
}, },
{ {
"name" : "VU#582497", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#853449", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/853449" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

22
2014/8xxx/CVE-2014-8427.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8427", "ID": "CVE-2014-8427",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2014/8xxx/CVE-2014-8510.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8510", "ID": "CVE-2014-8510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters." "value": "The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-373/", "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-373/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-373/" "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-373/"
} }
] ]
} }

80
2014/8xxx/CVE-2014-8608.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8608", "ID": "CVE-2014-8608",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing \"crashme$$\"." "value": "The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing \"crashme$$\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20141210 CVE-2014-8608 - Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys]", "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/45" "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html", "name": "http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html" "url": "http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html"
}, },
{ {
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/", "name": "71615",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/" "url": "http://www.securityfocus.com/bid/71615"
}, },
{ {
"name" : "71615", "name": "20141210 CVE-2014-8608 - Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys]",
"refsource" : "BID", "refsource": "FULLDISC",
"url" : "http://www.securityfocus.com/bid/71615" "url": "http://seclists.org/fulldisclosure/2014/Dec/45"
} }
] ]
} }

68
2014/8xxx/CVE-2014-8652.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8652", "ID": "CVE-2014-8652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681." "value": "Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20140715 Http DoS Requests Flooding Crash Device Vulnerabilities Elipse E3 Scada PLC.", "name": "20140715 Http DoS Requests Flooding Crash Device Vulnerabilities Elipse E3 Scada PLC.",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Jul/69" "url": "http://seclists.org/fulldisclosure/2014/Jul/69"
}, },
{ {
"name" : "http://firebitsbr.wordpress.com/2014/07/16/vsla-security-advisory-fire-scada-dos-2013-001-http-dos-requests-flooding-crash-device-vulnerabilities-elipse-e3-scada-plc/", "name": "http://firebitsbr.wordpress.com/2014/07/16/vsla-security-advisory-fire-scada-dos-2013-001-http-dos-requests-flooding-crash-device-vulnerabilities-elipse-e3-scada-plc/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://firebitsbr.wordpress.com/2014/07/16/vsla-security-advisory-fire-scada-dos-2013-001-http-dos-requests-flooding-crash-device-vulnerabilities-elipse-e3-scada-plc/" "url": "http://firebitsbr.wordpress.com/2014/07/16/vsla-security-advisory-fire-scada-dos-2013-001-http-dos-requests-flooding-crash-device-vulnerabilities-elipse-e3-scada-plc/"
} }
] ]
} }

74
2014/9xxx/CVE-2014-9181.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9181", "ID": "CVE-2014-9181",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple directory traversal vulnerabilities in Plex Media Server before 0.9.9.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the URI to (1) manage/ or (2) web/ or remote authenticated users to read arbitrary files via a .. (dot dot) in the URI to resources/." "value": "Multiple directory traversal vulnerabilities in Plex Media Server before 0.9.9.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the URI to (1) manage/ or (2) web/ or remote authenticated users to read arbitrary files via a .. (dot dot) in the URI to resources/."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20140228 SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server", "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140228-1_Plex_Media_Server_Authentication_bypass_local_file_disclosure_v10.txt",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/531290" "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140228-1_Plex_Media_Server_Authentication_bypass_local_file_disclosure_v10.txt"
}, },
{ {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140228-1_Plex_Media_Server_Authentication_bypass_local_file_disclosure_v10.txt", "name": "20140228 SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140228-1_Plex_Media_Server_Authentication_bypass_local_file_disclosure_v10.txt" "url": "http://www.securityfocus.com/archive/1/531290"
}, },
{ {
"name" : "https://forums.plex.tv/index.php/topic/62832-plex-media-server/?p=583250", "name": "https://forums.plex.tv/index.php/topic/62832-plex-media-server/?p=583250",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://forums.plex.tv/index.php/topic/62832-plex-media-server/?p=583250" "url": "https://forums.plex.tv/index.php/topic/62832-plex-media-server/?p=583250"
} }
] ]
} }

80
2014/9xxx/CVE-2014-9219.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9219", "ID": "CVE-2014-9219",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter." "value": "Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php", "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php" "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php"
}, },
{ {
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2", "name": "MDVSA-2014:243",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:243"
}, },
{ {
"name" : "MDVSA-2014:243", "name": "https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:243" "url": "https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2"
}, },
{ {
"name" : "phpmyadmin-cve20149219-xss(99137)", "name": "phpmyadmin-cve20149219-xss(99137)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99137" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99137"
} }
] ]
} }

80
2014/9xxx/CVE-2014-9804.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9804", "ID": "CVE-2014-9804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to \"too many object.\"" "value": "vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to \"too many object.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20141224 Imagemagick fuzzing bug", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343459",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2014/12/24/1" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343459"
}, },
{ {
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs", "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
}, },
{ {
"name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee", "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee" "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343459", "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343459" "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee"
} }
] ]
} }

110
2014/9xxx/CVE-2014-9854.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9854", "ID": "CVE-2014-9854",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the \"identification of image.\"" "value": "coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the \"identification of image.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs", "name": "openSUSE-SU-2016:1833",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
}, },
{ {
"name" : "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b", "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b" "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed"
}, },
{ {
"name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed", "name": "SUSE-SU-2016:1782",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343514", "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343514" "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
}, },
{ {
"name" : "SUSE-SU-2016:1782", "name": "openSUSE-SU-2016:1748",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
}, },
{ {
"name" : "SUSE-SU-2016:1784", "name": "SUSE-SU-2016:1784",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
}, },
{ {
"name" : "openSUSE-SU-2016:1748", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343514",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343514"
}, },
{ {
"name" : "openSUSE-SU-2016:1833", "name": "USN-3131-1",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html" "url": "http://www.ubuntu.com/usn/USN-3131-1"
}, },
{ {
"name" : "USN-3131-1", "name": "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-3131-1" "url": "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b"
} }
] ]
} }

74
2016/2xxx/CVE-2016-2064.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2064", "ID": "CVE-2016-2064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands." "value": "sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88", "name": "https://www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2064-cve",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88" "url": "https://www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2064-cve"
}, },
{ {
"name" : "https://www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2064-cve", "name": "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2064-cve" "url": "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88"
}, },
{ {
"name" : "92375", "name": "92375",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/92375" "url": "http://www.securityfocus.com/bid/92375"
} }
] ]
} }

80
2016/2xxx/CVE-2016-2163.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-2163", "ID": "CVE-2016-2163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event." "value": "Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20160325 [CVE-2016-2163] Stored Cross Site Scripting in Event description", "name": "https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOG",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/537888/100/0/threaded" "url": "https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOG"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/136433/Apache-OpenMeetings-3.0.7-Cross-Site-Scripting.html", "name": "http://packetstormsecurity.com/files/136433/Apache-OpenMeetings-3.0.7-Cross-Site-Scripting.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/136433/Apache-OpenMeetings-3.0.7-Cross-Site-Scripting.html" "url": "http://packetstormsecurity.com/files/136433/Apache-OpenMeetings-3.0.7-Cross-Site-Scripting.html"
}, },
{ {
"name" : "http://openmeetings.apache.org/security.html", "name": "http://openmeetings.apache.org/security.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://openmeetings.apache.org/security.html" "url": "http://openmeetings.apache.org/security.html"
}, },
{ {
"name" : "https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOG", "name": "20160325 [CVE-2016-2163] Stored Cross Site Scripting in Event description",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOG" "url": "http://www.securityfocus.com/archive/1/537888/100/0/threaded"
} }
] ]
} }

22
2016/2xxx/CVE-2016-2590.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2590", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-2590",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }

100
2016/6xxx/CVE-2016-6036.json
View File

@ -1,114 +1,114 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-6036", "ID": "CVE-2016-6036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Collaborative Lifecycle Management", "product_name": "Rational Collaborative Lifecycle Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.0.1" "version_value": "3.0.1"
}, },
{ {
"version_value" : "4.0" "version_value": "4.0"
}, },
{ {
"version_value" : "3.0.1.6" "version_value": "3.0.1.6"
}, },
{ {
"version_value" : "4.0.1" "version_value": "4.0.1"
}, },
{ {
"version_value" : "4.0.2" "version_value": "4.0.2"
}, },
{ {
"version_value" : "4.0.3" "version_value": "4.0.3"
}, },
{ {
"version_value" : "4.0.4" "version_value": "4.0.4"
}, },
{ {
"version_value" : "4.0.5" "version_value": "4.0.5"
}, },
{ {
"version_value" : "4.0.6" "version_value": "4.0.6"
}, },
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "4.0.7" "version_value": "4.0.7"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784." "value": "IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-Site Scripting" "value": "Cross-Site Scripting"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.ibm.com/support/docview.wss?uid=swg22000784", "name": "97172",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://www.ibm.com/support/docview.wss?uid=swg22000784" "url": "http://www.securityfocus.com/bid/97172"
}, },
{ {
"name" : "97172", "name": "https://www.ibm.com/support/docview.wss?uid=swg22000784",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/97172" "url": "https://www.ibm.com/support/docview.wss?uid=swg22000784"
} }
] ]
} }

74
2016/6xxx/CVE-2016-6271.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6271", "ID": "CVE-2016-6271",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception." "value": "The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/gteissier/CVE-2016-6271", "name": "95928",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://github.com/gteissier/CVE-2016-6271" "url": "http://www.securityfocus.com/bid/95928"
}, },
{ {
"name" : "https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b", "name": "https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b" "url": "https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b"
}, },
{ {
"name" : "95928", "name": "https://github.com/gteissier/CVE-2016-6271",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/95928" "url": "https://github.com/gteissier/CVE-2016-6271"
} }
] ]
} }

68
2016/6xxx/CVE-2016-6859.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6859", "ID": "CVE-2016-6859",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to obtain sensitive information by triggering an error and then reading a Java stack trace." "value": "Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to obtain sensitive information by triggering an error and then reading a Java stack trace."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-6859_SAP-Hybris_InformationDisclosure.txt", "name": "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-6859_SAP-Hybris_InformationDisclosure.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-6859_SAP-Hybris_InformationDisclosure.txt" "url": "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-6859_SAP-Hybris_InformationDisclosure.txt"
}, },
{ {
"name" : "93959", "name": "93959",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93959" "url": "http://www.securityfocus.com/bid/93959"
} }
] ]
} }

22
2016/6xxx/CVE-2016-6868.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6868", "ID": "CVE-2016-6868",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2016/6xxx/CVE-2016-6878.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6878", "ID": "CVE-2016-6878",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang." "value": "The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://botan.randombit.net/security.html#id2", "name": "https://botan.randombit.net/security.html#id2",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://botan.randombit.net/security.html#id2" "url": "https://botan.randombit.net/security.html#id2"
} }
] ]
} }

80
2016/7xxx/CVE-2016-7384.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"ID" : "CVE-2016-7384", "ID": "CVE-2016-7384",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Quadro, NVS, and GeForce (all versions)", "product_name": "Quadro, NVS, and GeForce (all versions)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Quadro, NVS, and GeForce (all versions)" "version_value": "Quadro, NVS, and GeForce (all versions)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges." "value": "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Overflow" "value": "Buffer Overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "40655", "name": "https://support.lenovo.com/us/en/solutions/LEN-10822",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/40655/" "url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
}, },
{ {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", "name": "40655",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4247" "url": "https://www.exploit-db.com/exploits/40655/"
}, },
{ {
"name" : "https://support.lenovo.com/us/en/solutions/LEN-10822", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-10822" "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}, },
{ {
"name" : "93983", "name": "93983",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93983" "url": "http://www.securityfocus.com/bid/93983"
} }
] ]
} }

104
2016/7xxx/CVE-2016-7798.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7798", "ID": "CVE-2016-7798",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism." "value": "The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160919 CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode", "name": "[oss-security] 20160930 Re: CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/19/9" "url": "http://www.openwall.com/lists/oss-security/2016/09/30/6"
}, },
{ {
"name" : "[oss-security] 20160930 Re: CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode", "name": "DSA-3966",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/01/2" "url": "https://www.debian.org/security/2017/dsa-3966"
}, },
{ {
"name" : "[oss-security] 20160930 Re: CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode", "name": "https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/30/6" "url": "https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062"
}, },
{ {
"name" : "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update", "name": "[oss-security] 20160930 Re: CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html" "url": "http://www.openwall.com/lists/oss-security/2016/10/01/2"
}, },
{ {
"name" : "https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062", "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062" "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
}, },
{ {
"name" : "https://github.com/ruby/openssl/issues/49", "name": "[oss-security] 20160919 CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/ruby/openssl/issues/49" "url": "http://www.openwall.com/lists/oss-security/2016/09/19/9"
}, },
{ {
"name" : "DSA-3966", "name": "93031",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "https://www.debian.org/security/2017/dsa-3966" "url": "http://www.securityfocus.com/bid/93031"
}, },
{ {
"name" : "93031", "name": "https://github.com/ruby/openssl/issues/49",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/93031" "url": "https://github.com/ruby/openssl/issues/49"
} }
] ]
} }

22
2017/5xxx/CVE-2017-5559.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5559", "ID": "CVE-2017-5559",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2017/5xxx/CVE-2017-5616.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5616", "ID": "CVE-2017-5616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter." "value": "Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170128 Re: CVE request: cgiemail multiple vulnerabilities", "name": "95870",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/28/8" "url": "http://www.securityfocus.com/bid/95870"
}, },
{ {
"name" : "https://news.cpanel.com/tsr-2017-0001-full-disclosure/", "name": "https://news.cpanel.com/tsr-2017-0001-full-disclosure/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://news.cpanel.com/tsr-2017-0001-full-disclosure/" "url": "https://news.cpanel.com/tsr-2017-0001-full-disclosure/"
}, },
{ {
"name" : "95870", "name": "[oss-security] 20170128 Re: CVE request: cgiemail multiple vulnerabilities",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/95870" "url": "http://www.openwall.com/lists/oss-security/2017/01/28/8"
} }
] ]
} }

80
2017/5xxx/CVE-2017-5852.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5852", "ID": "CVE-2017-5852",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file." "value": "The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170201 podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)", "name": "https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2017/02/01/12" "url": "https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/"
}, },
{ {
"name" : "[oss-security] 20170202 Re: podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)", "name": "[oss-security] 20170201 podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/02/02/10" "url": "http://www.openwall.com/lists/oss-security/2017/02/01/12"
}, },
{ {
"name" : "https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/", "name": "97032",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/" "url": "http://www.securityfocus.com/bid/97032"
}, },
{ {
"name" : "97032", "name": "[oss-security] 20170202 Re: podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/97032" "url": "http://www.openwall.com/lists/oss-security/2017/02/02/10"
} }
] ]
} }

62
2017/5xxx/CVE-2017-5997.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5997", "ID": "CVE-2017-5997",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972." "value": "The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://erpscan.io/advisories/erpscan-16-038-sap-message-server-http-remote-dos/", "name": "https://erpscan.io/advisories/erpscan-16-038-sap-message-server-http-remote-dos/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://erpscan.io/advisories/erpscan-16-038-sap-message-server-http-remote-dos/" "url": "https://erpscan.io/advisories/erpscan-16-038-sap-message-server-http-remote-dos/"
} }
] ]
} }