diff --git a/2001/0xxx/CVE-2001-0217.json b/2001/0xxx/CVE-2001-0217.json index dbb9542ecb3..402a098a807 100644 --- a/2001/0xxx/CVE-2001-0217.json +++ b/2001/0xxx/CVE-2001-0217.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010212 PALS Library System \"show files\" Vulnerability and remote command execution", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0220.html" - }, - { - "name" : "2372", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2372" - }, - { - "name" : "webpals-library-cgi-url(6102)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6102" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2372", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2372" + }, + { + "name": "webpals-library-cgi-url(6102)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6102" + }, + { + "name": "20010212 PALS Library System \"show files\" Vulnerability and remote command execution", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0220.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0786.json b/2001/0xxx/CVE-2001-0786.json index bd9ad126806..2d312b8954c 100644 --- a/2001/0xxx/CVE-2001-0786.json +++ b/2001/0xxx/CVE-2001-0786.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0786", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0786", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010618 Multiple Vulnerabilities In AMLServer", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0228.html" - }, - { - "name" : "2882", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2882", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2882" + }, + { + "name": "20010618 Multiple Vulnerabilities In AMLServer", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0228.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0979.json b/2001/0xxx/CVE-2001-0979.json index 146f74a46b5..4317ed1fa9a 100644 --- a/2001/0xxx/CVE-2001-0979.json +++ b/2001/0xxx/CVE-2001-0979.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010903 hpux warez", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/211687" - }, - { - "name" : "3279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3279" - }, - { - "name" : "hpux-swverify-bo(7078)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hpux-swverify-bo(7078)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7078" + }, + { + "name": "20010903 hpux warez", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/211687" + }, + { + "name": "3279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3279" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1224.json b/2001/1xxx/CVE-2001-1224.json index cf4b2d5040a..1e24556d951 100644 --- a/2001/1xxx/CVE-2001-1224.json +++ b/2001/1xxx/CVE-2001-1224.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1224", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1224", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011223 GOBBLES CGI MARATHON #001", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/246994" - }, - { - "name" : "3739", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3739" - }, - { - "name" : "adrotate-sql-execute-commands(7736)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7736.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3739", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3739" + }, + { + "name": "adrotate-sql-execute-commands(7736)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7736.php" + }, + { + "name": "20011223 GOBBLES CGI MARATHON #001", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/246994" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2239.json b/2006/2xxx/CVE-2006-2239.json index fa1ac30cd4b..b703a495dca 100644 --- a/2006/2xxx/CVE-2006-2239.json +++ b/2006/2xxx/CVE-2006-2239.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2239", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2239", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://evuln.com/vulns/133/summary.html", - "refsource" : "MISC", - "url" : "http://evuln.com/vulns/133/summary.html" - }, - { - "name" : "17854", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17854" - }, - { - "name" : "ADV-2006-1669", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1669" - }, - { - "name" : "25276", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25276" - }, - { - "name" : "19972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19972" - }, - { - "name" : "newsadmin-readarticle-sql-injection(26247)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-1669", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1669" + }, + { + "name": "newsadmin-readarticle-sql-injection(26247)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26247" + }, + { + "name": "19972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19972" + }, + { + "name": "25276", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25276" + }, + { + "name": "17854", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17854" + }, + { + "name": "http://evuln.com/vulns/133/summary.html", + "refsource": "MISC", + "url": "http://evuln.com/vulns/133/summary.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2391.json b/2006/2xxx/CVE-2006-2391.json index 5f76a608c56..9e32b4f7aa8 100644 --- a/2006/2xxx/CVE-2006-2391.json +++ b/2006/2xxx/CVE-2006-2391.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060522 ACROS Security: Buffer Overflow In EMC (previously Dantz) Retroclient Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434726/100/0/threaded" - }, - { - "name" : "http://www.acrossecurity.com/aspr/ASPR-2006-05-17-1-PUB.txt", - "refsource" : "MISC", - "url" : "http://www.acrossecurity.com/aspr/ASPR-2006-05-17-1-PUB.txt" - }, - { - "name" : "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9511", - "refsource" : "CONFIRM", - "url" : "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9511" - }, - { - "name" : "VU#186944", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/186944" - }, - { - "name" : "17948", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17948" - }, - { - "name" : "18064", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18064" - }, - { - "name" : "ADV-2006-1766", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1766" - }, - { - "name" : "1016063", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016063" - }, - { - "name" : "1016136", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016136" - }, - { - "name" : "20080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20080" - }, - { - "name" : "retrospect-client-bo(26380)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060522 ACROS Security: Buffer Overflow In EMC (previously Dantz) Retroclient Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434726/100/0/threaded" + }, + { + "name": "http://www.acrossecurity.com/aspr/ASPR-2006-05-17-1-PUB.txt", + "refsource": "MISC", + "url": "http://www.acrossecurity.com/aspr/ASPR-2006-05-17-1-PUB.txt" + }, + { + "name": "20080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20080" + }, + { + "name": "VU#186944", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/186944" + }, + { + "name": "17948", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17948" + }, + { + "name": "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9511", + "refsource": "CONFIRM", + "url": "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9511" + }, + { + "name": "ADV-2006-1766", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1766" + }, + { + "name": "1016136", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016136" + }, + { + "name": "retrospect-client-bo(26380)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26380" + }, + { + "name": "1016063", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016063" + }, + { + "name": "18064", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18064" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2426.json b/2006/2xxx/CVE-2006-2426.json index 0725052dc35..d118d65f1f9 100644 --- a/2006/2xxx/CVE-2006-2426.json +++ b/2006/2xxx/CVE-2006-2426.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2426", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060514 JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434001/100/0/threaded" - }, - { - "name" : "http://www.illegalaccess.org/exploit/FullDiskApplet.html", - "refsource" : "MISC", - "url" : "http://www.illegalaccess.org/exploit/FullDiskApplet.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm" - }, - { - "name" : "DSA-1769", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1769" - }, - { - "name" : "MDVSA-2009:137", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137" - }, - { - "name" : "MDVSA-2009:162", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162" - }, - { - "name" : "RHSA-2009:0392", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0392.html" - }, - { - "name" : "RHSA-2009:0394", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0394.html" - }, - { - "name" : "RHSA-2009:0377", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2009-0377.html" - }, - { - "name" : "SUSE-SR:2006:012", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006-06-02.html" - }, - { - "name" : "USN-748-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-748-1" - }, - { - "name" : "17981", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17981" - }, - { - "name" : "oval:org.mitre.oval:def:10609", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10609" - }, - { - "name" : "34489", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34489" - }, - { - "name" : "34495", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34495" - }, - { - "name" : "34496", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34496" - }, - { - "name" : "34675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34675" - }, - { - "name" : "34632", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34632" - }, - { - "name" : "ADV-2006-1824", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1824" - }, - { - "name" : "25561", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25561" - }, - { - "name" : "20132", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20132" - }, - { - "name" : "20457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20457" - }, - { - "name" : "909", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/909" - }, - { - "name" : "sun-java-fontcreatefont-dos(26493)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26493" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2009:137", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137" + }, + { + "name": "34632", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34632" + }, + { + "name": "909", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/909" + }, + { + "name": "http://www.illegalaccess.org/exploit/FullDiskApplet.html", + "refsource": "MISC", + "url": "http://www.illegalaccess.org/exploit/FullDiskApplet.html" + }, + { + "name": "34675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34675" + }, + { + "name": "20060514 JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434001/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm" + }, + { + "name": "20132", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20132" + }, + { + "name": "oval:org.mitre.oval:def:10609", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10609" + }, + { + "name": "34489", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34489" + }, + { + "name": "RHSA-2009:0394", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0394.html" + }, + { + "name": "25561", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25561" + }, + { + "name": "34495", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34495" + }, + { + "name": "RHSA-2009:0377", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html" + }, + { + "name": "SUSE-SR:2006:012", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html" + }, + { + "name": "MDVSA-2009:162", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162" + }, + { + "name": "ADV-2006-1824", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1824" + }, + { + "name": "RHSA-2009:0392", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0392.html" + }, + { + "name": "34496", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34496" + }, + { + "name": "sun-java-fontcreatefont-dos(26493)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26493" + }, + { + "name": "USN-748-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-748-1" + }, + { + "name": "DSA-1769", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1769" + }, + { + "name": "17981", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17981" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm" + }, + { + "name": "20457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20457" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2819.json b/2006/2xxx/CVE-2006-2819.json index 3d50f4d29c4..dfea4d90211 100644 --- a/2006/2xxx/CVE-2006-2819.json +++ b/2006/2xxx/CVE-2006-2819.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in Wiki.php in Barnraiser Igloo 0.1.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c_node[class_path] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1863", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/1863" - }, - { - "name" : "18250", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18250" - }, - { - "name" : "igloo-wiki-file-include(27683)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27683" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in Wiki.php in Barnraiser Igloo 0.1.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c_node[class_path] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18250", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18250" + }, + { + "name": "1863", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/1863" + }, + { + "name": "igloo-wiki-file-include(27683)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27683" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6840.json b/2006/6xxx/CVE-2006-6840.json index c6484f421d8..fd8265ed63a 100644 --- a/2006/6xxx/CVE-2006-6840.json +++ b/2006/6xxx/CVE-2006-6840.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6840", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a \"negative start parameter.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6840", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980" - }, - { - "name" : "DSA-1488", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1488" - }, - { - "name" : "21806", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21806" - }, - { - "name" : "28871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28871" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a \"negative start parameter.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980" + }, + { + "name": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624", + "refsource": "CONFIRM", + "url": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624" + }, + { + "name": "28871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28871" + }, + { + "name": "21806", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21806" + }, + { + "name": "DSA-1488", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1488" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6859.json b/2006/6xxx/CVE-2006-6859.json index d1e5444a50e..04bbbb69722 100644 --- a/2006/6xxx/CVE-2006-6859.json +++ b/2006/6xxx/CVE-2006-6859.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6859", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons 2005.01 and earlier allows remote attackers to execute arbitrary SQL commands via the key parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6859", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3048", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3048" - }, - { - "name" : "21824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21824" - }, - { - "name" : "ADV-2007-0013", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0013" - }, - { - "name" : "31680", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31680" - }, - { - "name" : "23584", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23584" - }, - { - "name" : "clicknprintcoupons-key-sql-injection(31217)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons 2005.01 and earlier allows remote attackers to execute arbitrary SQL commands via the key parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0013", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0013" + }, + { + "name": "3048", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3048" + }, + { + "name": "23584", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23584" + }, + { + "name": "21824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21824" + }, + { + "name": "31680", + "refsource": "OSVDB", + "url": "http://osvdb.org/31680" + }, + { + "name": "clicknprintcoupons-key-sql-injection(31217)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31217" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6941.json b/2006/6xxx/CVE-2006-6941.json index c5e4cd2579b..a2564be148d 100644 --- a/2006/6xxx/CVE-2006-6941.json +++ b/2006/6xxx/CVE-2006-6941.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to obtain sensitive information via an invalid action parameter in an info operation, which discloses the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2704", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2704" - }, - { - "name" : "http://www.freewebshop.org/?id=27", - "refsource" : "CONFIRM", - "url" : "http://www.freewebshop.org/?id=27" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to obtain sensitive information via an invalid action parameter in an info operation, which discloses the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2704", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2704" + }, + { + "name": "http://www.freewebshop.org/?id=27", + "refsource": "CONFIRM", + "url": "http://www.freewebshop.org/?id=27" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7083.json b/2006/7xxx/CVE-2006-7083.json index 2c860bde4a3..aee6fe1e8b1 100644 --- a/2006/7xxx/CVE-2006-7083.json +++ b/2006/7xxx/CVE-2006-7083.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7083", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to read arbitrary files via \"..\" sequences in the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-7083", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060719 Multiple Vulnerabilities RPS", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048006.html" - }, - { - "name" : "28639", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28639" - }, - { - "name" : "2322", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2322" - }, - { - "name" : "rps-index-directory-traversal(27876)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27876" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to read arbitrary files via \"..\" sequences in the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060719 Multiple Vulnerabilities RPS", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048006.html" + }, + { + "name": "rps-index-directory-traversal(27876)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27876" + }, + { + "name": "2322", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2322" + }, + { + "name": "28639", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28639" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0179.json b/2011/0xxx/CVE-2011-0179.json index 55b2793e66a..f02bd40b12f 100644 --- a/2011/0xxx/CVE-2011-0179.json +++ b/2011/0xxx/CVE-2011-0179.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0179", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2011-0179", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4581", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4581" - }, - { - "name" : "APPLE-SA-2011-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2011-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" + }, + { + "name": "http://support.apple.com/kb/HT4581", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4581" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2174.json b/2011/2xxx/CVE-2011-2174.json index f8306b07852..03863d3f6a0 100644 --- a/2011/2xxx/CVE-2011-2174.json +++ b/2011/2xxx/CVE-2011-2174.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-2174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/05/31/20" - }, - { - "name" : "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/06/01/1" - }, - { - "name" : "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/06/01/11" - }, - { - "name" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081", - "refsource" : "CONFIRM", - "url" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2011-07.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2011-07.html" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2011-08.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2011-08.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=710097", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=710097" - }, - { - "name" : "DSA-2274", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2274" - }, - { - "name" : "FEDORA-2011-7821", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html" - }, - { - "name" : "FEDORA-2011-7846", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html" - }, - { - "name" : "FEDORA-2011-7858", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html" - }, - { - "name" : "48066", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48066" - }, - { - "name" : "oval:org.mitre.oval:def:14777", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14777" - }, - { - "name" : "44449", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44449" - }, - { - "name" : "45149", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45149" - }, - { - "name" : "44958", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44958" - }, - { - "name" : "48947", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48947" - }, - { - "name" : "wireshark-compressed-packet-dos(67793)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44958", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44958" + }, + { + "name": "FEDORA-2011-7846", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=710097", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=710097" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908" + }, + { + "name": "48947", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48947" + }, + { + "name": "48066", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48066" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html" + }, + { + "name": "oval:org.mitre.oval:def:14777", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14777" + }, + { + "name": "DSA-2274", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2274" + }, + { + "name": "44449", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44449" + }, + { + "name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081", + "refsource": "CONFIRM", + "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081" + }, + { + "name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/06/01/11" + }, + { + "name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/06/01/1" + }, + { + "name": "FEDORA-2011-7821", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html" + }, + { + "name": "wireshark-compressed-packet-dos(67793)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67793" + }, + { + "name": "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/05/31/20" + }, + { + "name": "FEDORA-2011-7858", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html" + }, + { + "name": "45149", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45149" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2234.json b/2011/2xxx/CVE-2011-2234.json index 8e90c332241..6174396198c 100644 --- a/2011/2xxx/CVE-2011-2234.json +++ b/2011/2xxx/CVE-2011-2234.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2234", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2011-2234", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2604.json b/2011/2xxx/CVE-2011-2604.json index 9d8fa7c4d26..d6b6e6a6ccf 100644 --- a/2011/2xxx/CVE-2011-2604.json +++ b/2011/2xxx/CVE-2011-2604.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2604", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2604", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.contextis.com/resources/blog/webgl/", - "refsource" : "MISC", - "url" : "http://www.contextis.com/resources/blog/webgl/" - }, - { - "name" : "http://www.contextis.com/resources/blog/webgl2/", - "refsource" : "MISC", - "url" : "http://www.contextis.com/resources/blog/webgl2/" - }, - { - "name" : "48319", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48319" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "48319", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48319" + }, + { + "name": "http://www.contextis.com/resources/blog/webgl2/", + "refsource": "MISC", + "url": "http://www.contextis.com/resources/blog/webgl2/" + }, + { + "name": "http://www.contextis.com/resources/blog/webgl/", + "refsource": "MISC", + "url": "http://www.contextis.com/resources/blog/webgl/" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2778.json b/2011/2xxx/CVE-2011-2778.json index b3a2e26c886..23cc11724b6 100644 --- a/2011/2xxx/CVE-2011-2778.json +++ b/2011/2xxx/CVE-2011-2778.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2778", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2778", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.torproject.org/blog/tor-02235-released-security-patches", - "refsource" : "CONFIRM", - "url" : "https://blog.torproject.org/blog/tor-02235-released-security-patches" - }, - { - "name" : "DSA-2363", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2363" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blog.torproject.org/blog/tor-02235-released-security-patches", + "refsource": "CONFIRM", + "url": "https://blog.torproject.org/blog/tor-02235-released-security-patches" + }, + { + "name": "DSA-2363", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2363" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2785.json b/2011/2xxx/CVE-2011-2785.json index d2830486478..163518123a4 100644 --- a/2011/2xxx/CVE-2011-2785.json +++ b/2011/2xxx/CVE-2011-2785.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-2785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=84402", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=84402" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html" - }, - { - "name" : "74235", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/74235" - }, - { - "name" : "oval:org.mitre.oval:def:14298", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14298" - }, - { - "name" : "google-chrome-homepage-sec-bypass(68947)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68947" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:14298", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14298" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html" + }, + { + "name": "google-chrome-homepage-sec-bypass(68947)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68947" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=84402", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=84402" + }, + { + "name": "74235", + "refsource": "OSVDB", + "url": "http://osvdb.org/74235" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3085.json b/2011/3xxx/CVE-2011-3085.json index 70ed5c471df..8b9a2658ab1 100644 --- a/2011/3xxx/CVE-2011-3085.json +++ b/2011/3xxx/CVE-2011-3085.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=118374", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=118374" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html" - }, - { - "name" : "GLSA-201205-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201205-03.xml" - }, - { - "name" : "openSUSE-SU-2012:0656", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html" - }, - { - "name" : "53540", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53540" - }, - { - "name" : "oval:org.mitre.oval:def:15256", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15256" - }, - { - "name" : "1027067", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027067" - }, - { - "name" : "google-autofilled-code-execution(75590)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75590" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201205-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201205-03.xml" + }, + { + "name": "google-autofilled-code-execution(75590)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75590" + }, + { + "name": "openSUSE-SU-2012:0656", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html" + }, + { + "name": "1027067", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027067" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=118374", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=118374" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html" + }, + { + "name": "53540", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53540" + }, + { + "name": "oval:org.mitre.oval:def:15256", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15256" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3273.json b/2011/3xxx/CVE-2011-3273.json index eb6e851902d..8001744df9a 100644 --- a/2011/3xxx/CVE-2011-3273.json +++ b/2011/3xxx/CVE-2011-3273.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3273", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2011-3273", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=24123", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=24123" - }, - { - "name" : "20110928 Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d57.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20110928 Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d57.shtml" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=24123", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=24123" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3387.json b/2011/3xxx/CVE-2011-3387.json index 5ec01b7a1fc..d8044291a27 100644 --- a/2011/3xxx/CVE-2011-3387.json +++ b/2011/3xxx/CVE-2011-3387.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3387", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3387", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PM42551", - "refsource" : "AIXAPAR", - "url" : "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551" - }, - { - "name" : "RHSA-2011:1265", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1265.html" - }, - { - "name" : "ibm-java-class-file-dos(69641)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-java-class-file-dos(69641)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641" + }, + { + "name": "PM42551", + "refsource": "AIXAPAR", + "url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551" + }, + { + "name": "RHSA-2011:1265", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4406.json b/2011/4xxx/CVE-2011-4406.json index ce601abffcf..7d0c314c66d 100644 --- a/2011/4xxx/CVE-2011-4406.json +++ b/2011/4xxx/CVE-2011-4406.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4406", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2011-4406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/oneiric/accountsservice/oneiric-updates/revision/21", - "refsource" : "CONFIRM", - "url" : "http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/oneiric/accountsservice/oneiric-updates/revision/21" - }, - { - "name" : "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4406.html", - "refsource" : "CONFIRM", - "url" : "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4406.html" - }, - { - "name" : "USN-1351-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1351-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4406.html", + "refsource": "CONFIRM", + "url": "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4406.html" + }, + { + "name": "http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/oneiric/accountsservice/oneiric-updates/revision/21", + "refsource": "CONFIRM", + "url": "http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/oneiric/accountsservice/oneiric-updates/revision/21" + }, + { + "name": "USN-1351-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1351-1" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4695.json b/2011/4xxx/CVE-2011-4695.json index 81e1480ceab..033e8a0f890 100644 --- a/2011/4xxx/CVE-2011-4695.json +++ b/2011/4xxx/CVE-2011-4695.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4695", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is installed, allows local users to bypass Internet Explorer sandbox restrictions and gain privileges via unknown vectors, as demonstrated by the White Phosphorus wp_ie_sandbox_escape module for Immunity CANVAS. NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4695", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dailydave] 20111206 Flash 0day", - "refsource" : "MLIST", - "url" : "https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html" - }, - { - "name" : "http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.mov", - "refsource" : "MISC", - "url" : "http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.mov" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is installed, allows local users to bypass Internet Explorer sandbox restrictions and gain privileges via unknown vectors, as demonstrated by the White Phosphorus wp_ie_sandbox_escape module for Immunity CANVAS. NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.mov", + "refsource": "MISC", + "url": "http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.mov" + }, + { + "name": "[dailydave] 20111206 Flash 0day", + "refsource": "MLIST", + "url": "https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4854.json b/2011/4xxx/CVE-2011-4854.json index 42202603c69..581f6bf64fe 100644 --- a/2011/4xxx/CVE-2011-4854.json +++ b/2011/4xxx/CVE-2011-4854.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4854", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the get_enabled_product_icon program. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4854", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html", - "refsource" : "MISC", - "url" : "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html" - }, - { - "name" : "plesk-htmlmeta-unspecified(72093)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72093" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the get_enabled_product_icon program. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "plesk-htmlmeta-unspecified(72093)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72093" + }, + { + "name": "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html", + "refsource": "MISC", + "url": "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1235.json b/2013/1xxx/CVE-2013-1235.json index 80dd75d0674..3c6650d1061 100644 --- a/2013/1xxx/CVE-2013-1235.json +++ b/2013/1xxx/CVE-2013-1235.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-1235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130503 Cisco Wireless Lan Controller Telnet Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130503 Cisco Wireless Lan Controller Telnet Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1456.json b/2013/1xxx/CVE-2013-1456.json index 9ad0b3e8550..d3134c1ebd6 100644 --- a/2013/1xxx/CVE-2013-1456.json +++ b/2013/1xxx/CVE-2013-1456.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1456", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-1456", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1555.json b/2013/1xxx/CVE-2013-1555.json index eac03087891..325319fd0b4 100644 --- a/2013/1xxx/CVE-2013-1555.json +++ b/2013/1xxx/CVE-2013-1555.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-1555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" - }, - { - "name" : "GLSA-201308-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "RHSA-2013:0772", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0772.html" - }, - { - "name" : "53372", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/53372" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "53372", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/53372" + }, + { + "name": "GLSA-201308-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" + }, + { + "name": "RHSA-2013:0772", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1835.json b/2013/1xxx/CVE-2013-1835.json index ef3870f4182..f45180fb070 100644 --- a/2013/1xxx/CVE-2013-1835.json +++ b/2013/1xxx/CVE-2013-1835.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1835", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-1835", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20130325 Moodle security notifications public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2013/03/25/2" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=225347", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=225347" - }, - { - "name" : "FEDORA-2013-4387", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html" - }, - { - "name" : "FEDORA-2013-4404", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2013-4387", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html" + }, + { + "name": "FEDORA-2013-4404", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html" + }, + { + "name": "[oss-security] 20130325 Moodle security notifications public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2013/03/25/2" + }, + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=225347", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=225347" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5088.json b/2013/5xxx/CVE-2013-5088.json index 7dde09f1e91..547f5dbd42c 100644 --- a/2013/5xxx/CVE-2013-5088.json +++ b/2013/5xxx/CVE-2013-5088.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5088", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-5088", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5302.json b/2013/5xxx/CVE-2013-5302.json index 06cab3d3cac..3b5d36e3a48 100644 --- a/2013/5xxx/CVE-2013-5302.json +++ b/2013/5xxx/CVE-2013-5302.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013", - "refsource" : "MISC", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013" - }, - { - "name" : "http://typo3.org/extensions/repository/view/ke_search", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/extensions/repository/view/ke_search" - }, - { - "name" : "61609", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/61609" - }, - { - "name" : "95959", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/95959" - }, - { - "name" : "54306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54306" - }, - { - "name" : "facetedsearch-unspecified-sql-injection(86235)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86235" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "54306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54306" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013", + "refsource": "MISC", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013" + }, + { + "name": "95959", + "refsource": "OSVDB", + "url": "http://osvdb.org/95959" + }, + { + "name": "61609", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/61609" + }, + { + "name": "http://typo3.org/extensions/repository/view/ke_search", + "refsource": "CONFIRM", + "url": "http://typo3.org/extensions/repository/view/ke_search" + }, + { + "name": "facetedsearch-unspecified-sql-injection(86235)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86235" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5376.json b/2013/5xxx/CVE-2013-5376.json index 05fb6d4b304..f6cb43c0c77 100644 --- a/2013/5xxx/CVE-2013-5376.json +++ b/2013/5xxx/CVE-2013-5376.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a \"cross frame scripting\" attack against an administrative user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-5376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1004452", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1004452" - }, - { - "name" : "storwize-v7000-cve20135376-crossframe(86902)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86902" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a \"cross frame scripting\" attack against an administrative user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004452", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004452" + }, + { + "name": "storwize-v7000-cve20135376-crossframe(86902)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86902" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5626.json b/2013/5xxx/CVE-2013-5626.json index bf76384363c..46cd4248bc6 100644 --- a/2013/5xxx/CVE-2013-5626.json +++ b/2013/5xxx/CVE-2013-5626.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5626", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-5626", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5906.json b/2013/5xxx/CVE-2013-5906.json index b3add7ae4f7..d7e4919394e 100644 --- a/2013/5xxx/CVE-2013-5906.json +++ b/2013/5xxx/CVE-2013-5906.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5906", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-5906", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" - }, - { - "name" : "HPSBUX02972", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2" - }, - { - "name" : "HPSBUX02973", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2" - }, - { - "name" : "SSRT101454", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2" - }, - { - "name" : "SSRT101455", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2" - }, - { - "name" : "RHSA-2014:0030", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0030.html" - }, - { - "name" : "RHSA-2014:0414", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0414" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "64903", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64903" - }, - { - "name" : "102010", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102010" - }, - { - "name" : "1029608", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029608" - }, - { - "name" : "56485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56485" - }, - { - "name" : "56535", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56535" - }, - { - "name" : "oracle-cpujan2014-cve20135906(90342)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90342" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102010", + "refsource": "OSVDB", + "url": "http://osvdb.org/102010" + }, + { + "name": "RHSA-2014:0414", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0414" + }, + { + "name": "SSRT101455", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2" + }, + { + "name": "64903", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64903" + }, + { + "name": "56535", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56535" + }, + { + "name": "RHSA-2014:0030", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" + }, + { + "name": "56485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56485" + }, + { + "name": "SSRT101454", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2" + }, + { + "name": "oracle-cpujan2014-cve20135906(90342)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90342" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" + }, + { + "name": "HPSBUX02972", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2" + }, + { + "name": "HPSBUX02973", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2" + }, + { + "name": "1029608", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029608" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2191.json b/2014/2xxx/CVE-2014-2191.json index 8cda98da00f..2bfea4d1713 100644 --- a/2014/2xxx/CVE-2014-2191.json +++ b/2014/2xxx/CVE-2014-2191.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-2191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140506 Cisco Broadcast Access Center for Telco and Wireless Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2191" - }, - { - "name" : "1030198", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030198" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140506 Cisco Broadcast Access Center for Telco and Wireless Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2191" + }, + { + "name": "1030198", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030198" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2288.json b/2014/2xxx/CVE-2014-2288.json index 767b835ea3a..cc7f014f39a 100644 --- a/2014/2xxx/CVE-2014-2288.json +++ b/2014/2xxx/CVE-2014-2288.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2288", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency \"is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request,\" allows remote attackers to cause a denial of service (crash) via a PJSIP endpoint that does not have an associated outgoing request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2288", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2014-003-12.diff", - "refsource" : "MISC", - "url" : "http://downloads.asterisk.org/pub/security/AST-2014-003-12.diff" - }, - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2014-003.html", - "refsource" : "CONFIRM", - "url" : "http://downloads.asterisk.org/pub/security/AST-2014-003.html" - }, - { - "name" : "https://issues.asterisk.org/jira/browse/ASTERISK-23210", - "refsource" : "CONFIRM", - "url" : "https://issues.asterisk.org/jira/browse/ASTERISK-23210" - }, - { - "name" : "FEDORA-2014-3762", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130426.html" - }, - { - "name" : "FEDORA-2014-3779", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130400.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency \"is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request,\" allows remote attackers to cause a denial of service (crash) via a PJSIP endpoint that does not have an associated outgoing request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://downloads.asterisk.org/pub/security/AST-2014-003-12.diff", + "refsource": "MISC", + "url": "http://downloads.asterisk.org/pub/security/AST-2014-003-12.diff" + }, + { + "name": "http://downloads.asterisk.org/pub/security/AST-2014-003.html", + "refsource": "CONFIRM", + "url": "http://downloads.asterisk.org/pub/security/AST-2014-003.html" + }, + { + "name": "https://issues.asterisk.org/jira/browse/ASTERISK-23210", + "refsource": "CONFIRM", + "url": "https://issues.asterisk.org/jira/browse/ASTERISK-23210" + }, + { + "name": "FEDORA-2014-3762", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130426.html" + }, + { + "name": "FEDORA-2014-3779", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130400.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2401.json b/2014/2xxx/CVE-2014-2401.json index 1e35357ec91..7474de72129 100644 --- a/2014/2xxx/CVE-2014-2401.json +++ b/2014/2xxx/CVE-2014-2401.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2401", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-2401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" - }, - { - "name" : "https://www.ibm.com/support/docview.wss?uid=swg21675973", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=swg21675973" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03091", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "HPSBUX03092", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "SSRT101667", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "SSRT101668", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "RHSA-2014:0413", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0413" - }, - { - "name" : "RHSA-2014:0414", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0414" - }, - { - "name" : "66911", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66911" - }, - { - "name" : "58974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58974" - }, - { - "name" : "59058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/docview.wss?uid=swg21675973", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973" + }, + { + "name": "RHSA-2014:0414", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0414" + }, + { + "name": "HPSBUX03091", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" + }, + { + "name": "RHSA-2014:0413", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0413" + }, + { + "name": "59058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59058" + }, + { + "name": "SSRT101667", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "66911", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66911" + }, + { + "name": "HPSBUX03092", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "58974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58974" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + }, + { + "name": "SSRT101668", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2424.json b/2014/2xxx/CVE-2014-2424.json index 5717707c41c..27f06d84e96 100644 --- a/2014/2xxx/CVE-2014-2424.json +++ b/2014/2xxx/CVE-2014-2424.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2424", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-2424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "33989", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/33989" - }, - { - "name" : "http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - }, - { - "name" : "66871", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66871" - }, - { - "name" : "105844", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/105844" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105844", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/105844" + }, + { + "name": "66871", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66871" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + }, + { + "name": "http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html" + }, + { + "name": "33989", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/33989" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2507.json b/2014/2xxx/CVE-2014-2507.json index 07a519e025d..91d7aaa4846 100644 --- a/2014/2xxx/CVE-2014-2507.json +++ b/2014/2xxx/CVE-2014-2507.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2507", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2014-2507", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140605 ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0051.html" - }, - { - "name" : "20140630 ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532596/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html" - }, - { - "name" : "67916", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67916" - }, - { - "name" : "1030339", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030339" - }, - { - "name" : "58954", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58954" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140605 ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0051.html" + }, + { + "name": "67916", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67916" + }, + { + "name": "1030339", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030339" + }, + { + "name": "20140630 ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532596/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html" + }, + { + "name": "58954", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58954" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6143.json b/2014/6xxx/CVE-2014-6143.json index 46eaa49ed40..31658766241 100644 --- a/2014/6xxx/CVE-2014-6143.json +++ b/2014/6xxx/CVE-2014-6143.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6143", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows local users to obtain sensitive information by reading a response." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-6143", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21691035", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21691035" - }, - { - "name" : "IT04614", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614" - }, - { - "name" : "ibm-xc10-cve20146143-info-disc(96913)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96913" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows local users to obtain sensitive information by reading a response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-xc10-cve20146143-info-disc(96913)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96913" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691035", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691035" + }, + { + "name": "IT04614", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6477.json b/2014/6xxx/CVE-2014-6477.json index 577394a2ae2..186b0b2e249 100644 --- a/2014/6xxx/CVE-2014-6477.json +++ b/2014/6xxx/CVE-2014-6477.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6547. NOTE: this issue was originally mapped to CVE-2014-4301, but CVE-2014-4301 is for an unrelated vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-6477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "oracle-database-cve20146477-info-disc(99937)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99937" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6547. NOTE: this issue was originally mapped to CVE-2014-4301, but CVE-2014-4301 is for an unrelated vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oracle-database-cve20146477-info-disc(99937)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99937" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0369.json b/2017/0xxx/CVE-2017-0369.json index c98681ce0b4..cb2dca1fd38 100644 --- a/2017/0xxx/CVE-2017-0369.json +++ b/2017/0xxx/CVE-2017-0369.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@debian.org", - "DATE_PUBLIC" : "2017-04-06T20:49:00.000Z", - "ID" : "CVE-2017-0369", - "STATE" : "PUBLIC", - "TITLE" : "Sysops can undelete pages, although the page is protected against it" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "mediawiki", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "mediawiki" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "restriction bypass" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "DATE_PUBLIC": "2017-04-06T20:49:00.000Z", + "ID": "CVE-2017-0369", + "STATE": "PUBLIC", + "TITLE": "Sysops can undelete pages, although the page is protected against it" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "mediawiki", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "mediawiki" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[mediawiki-announce] 20170406 Security Release: 1.28.1 / 1.27.2 / 1.23.16", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html" - }, - { - "name" : "https://phabricator.wikimedia.org/T108138", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T108138" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2017-0369", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2017-0369" - } - ] - }, - "source" : { - "advisory" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html", - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "restriction bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[mediawiki-announce] 20170406 Security Release: 1.28.1 / 1.27.2 / 1.23.16", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html" + }, + { + "name": "https://security-tracker.debian.org/tracker/CVE-2017-0369", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2017-0369" + }, + { + "name": "https://phabricator.wikimedia.org/T108138", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T108138" + } + ] + }, + "source": { + "advisory": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html", + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0473.json b/2017/0xxx/CVE-2017-0473.json index 02a8e4d0c2c..7f99851b061 100644 --- a/2017/0xxx/CVE-2017-0473.json +++ b/2017/0xxx/CVE-2017-0473.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2017-0473", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-6.0" - }, - { - "version_value" : "Android-6.0.1" - }, - { - "version_value" : "Android-7.0" - }, - { - "version_value" : "Android-7.1.1" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33982658." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2017-0473", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-6.0" + }, + { + "version_value": "Android-6.0.1" + }, + { + "version_value": "Android-7.0" + }, + { + "version_value": "Android-7.1.1" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-03-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-03-01" - }, - { - "name" : "96717", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96717" - }, - { - "name" : "1037968", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33982658." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-03-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-03-01" + }, + { + "name": "1037968", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037968" + }, + { + "name": "96717", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96717" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0690.json b/2017/0xxx/CVE-2017-0690.json index 2eda74431d1..bd5fee20a1a 100644 --- a/2017/0xxx/CVE-2017-0690.json +++ b/2017/0xxx/CVE-2017-0690.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-07-05T00:00:00", - "ID" : "CVE-2017-0690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of service" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-07-05T00:00:00", + "ID": "CVE-2017-0690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99478", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99478" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99478", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99478" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0877.json b/2017/0xxx/CVE-2017-0877.json index 1afc0e2224b..f73eaf9af0d 100644 --- a/2017/0xxx/CVE-2017-0877.json +++ b/2017/0xxx/CVE-2017-0877.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-12-04T00:00:00", - "ID" : "CVE-2017-0877", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "6.0" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-12-04T00:00:00", + "ID": "CVE-2017-0877", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "6.0" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-12-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-12-01" - }, - { - "name" : "102126", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102126" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-12-01" + }, + { + "name": "102126", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102126" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0952.json b/2017/0xxx/CVE-2017-0952.json index 1dd4658b389..9a25628fdf0 100644 --- a/2017/0xxx/CVE-2017-0952.json +++ b/2017/0xxx/CVE-2017-0952.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-0952", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-0952", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000116.json b/2017/1000xxx/CVE-2017-1000116.json index 214e7ebd98d..1118e07b732 100644 --- a/2017/1000xxx/CVE-2017-1000116.json +++ b/2017/1000xxx/CVE-2017-1000116.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2017-08-22T17:29:33.328519", - "ID" : "CVE-2017-1000116", - "REQUESTER" : "security@mercurial-scm.org", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Mercurial", - "version" : { - "version_data" : [ - { - "version_value" : "4.2.x and older" - } - ] - } - } - ] - }, - "vendor_name" : "" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Shell injection in ssh:// repository URLs" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2017-08-22T17:29:33.328519", + "ID": "CVE-2017-1000116", + "REQUESTER": "security@mercurial-scm.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29", - "refsource" : "CONFIRM", - "url" : "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29" - }, - { - "name" : "DSA-3963", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3963" - }, - { - "name" : "GLSA-201709-18", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201709-18" - }, - { - "name" : "RHSA-2017:2489", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2489" - }, - { - "name" : "100290", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100290" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29", + "refsource": "CONFIRM", + "url": "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29" + }, + { + "name": "100290", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100290" + }, + { + "name": "DSA-3963", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3963" + }, + { + "name": "RHSA-2017:2489", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2489" + }, + { + "name": "GLSA-201709-18", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201709-18" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16091.json b/2017/16xxx/CVE-2017-16091.json index bd2684858a6..14f750d0a79 100644 --- a/2017/16xxx/CVE-2017-16091.json +++ b/2017/16xxx/CVE-2017-16091.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2017-16091", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "xtalk node module", - "version" : { - "version_data" : [ - { - "version_value" : ">=0.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Path Traversal (CWE-22)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2017-16091", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "xtalk node module", + "version": { + "version_data": [ + { + "version_value": ">=0.0.2" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/339", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/339" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal (CWE-22)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/339", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/339" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16375.json b/2017/16xxx/CVE-2017-16375.json index 172c4cb72e3..7d3f4661b9a 100644 --- a/2017/16xxx/CVE-2017-16375.json +++ b/2017/16xxx/CVE-2017-16375.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2017-16375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the JavaSscript API engine. In this scenario, the JavaScript input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted Pointer Dereference" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2017-16375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html" - }, - { - "name" : "101813", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101813" - }, - { - "name" : "1039791", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039791" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the JavaSscript API engine. In this scenario, the JavaScript input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted Pointer Dereference" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1039791", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039791" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html" + }, + { + "name": "101813", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101813" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16466.json b/2017/16xxx/CVE-2017-16466.json index 9bea00e0591..be05fe2e7dd 100644 --- a/2017/16xxx/CVE-2017-16466.json +++ b/2017/16xxx/CVE-2017-16466.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16466", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-16466", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1414.json b/2017/1xxx/CVE-2017-1414.json index 0d11189214d..e3bf9e4ff18 100644 --- a/2017/1xxx/CVE-2017-1414.json +++ b/2017/1xxx/CVE-2017-1414.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1414", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1414", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1519.json b/2017/1xxx/CVE-2017-1519.json index bcd352955fd..d5c841db592 100644 --- a/2017/1xxx/CVE-2017-1519.json +++ b/2017/1xxx/CVE-2017-1519.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-09-07T00:00:00", - "ID" : "CVE-2017-1519", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "DB2 for Linux, UNIX and Windows", - "version" : { - "version_data" : [ - { - "version_value" : "10.5" - }, - { - "version_value" : "11.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-09-07T00:00:00", + "ID": "CVE-2017-1519", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DB2 for Linux, UNIX and Windows", + "version": { + "version_data": [ + { + "version_value": "10.5" + }, + { + "version_value": "11.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22007183", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22007183" - }, - { - "name" : "100688", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100688" - }, - { - "name" : "1039298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1039298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039298" + }, + { + "name": "100688", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100688" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22007183", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1637.json b/2017/1xxx/CVE-2017-1637.json index 85e4957f6c0..4147559f4f0 100644 --- a/2017/1xxx/CVE-2017-1637.json +++ b/2017/1xxx/CVE-2017-1637.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1637", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1637", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1918.json b/2017/1xxx/CVE-2017-1918.json index b4f5c952702..8ed8e72285c 100644 --- a/2017/1xxx/CVE-2017-1918.json +++ b/2017/1xxx/CVE-2017-1918.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1918", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1918", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4352.json b/2017/4xxx/CVE-2017-4352.json index e84eed926d1..a36b3ac7db7 100644 --- a/2017/4xxx/CVE-2017-4352.json +++ b/2017/4xxx/CVE-2017-4352.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4352", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4352", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4367.json b/2017/4xxx/CVE-2017-4367.json index 24dfa0b54ed..0ef429eefef 100644 --- a/2017/4xxx/CVE-2017-4367.json +++ b/2017/4xxx/CVE-2017-4367.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4367", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4367", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4769.json b/2017/4xxx/CVE-2017-4769.json index 28547fa06c4..edcc68aa9fa 100644 --- a/2017/4xxx/CVE-2017-4769.json +++ b/2017/4xxx/CVE-2017-4769.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4769", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4769", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4777.json b/2017/4xxx/CVE-2017-4777.json index 9a148b5b32a..c9ff128b217 100644 --- a/2017/4xxx/CVE-2017-4777.json +++ b/2017/4xxx/CVE-2017-4777.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4777", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4777", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4815.json b/2017/4xxx/CVE-2017-4815.json index cb69eb20003..e42bb420ac0 100644 --- a/2017/4xxx/CVE-2017-4815.json +++ b/2017/4xxx/CVE-2017-4815.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4815", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4815", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file