admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:27:48 +00:00
parent 22b10258e2
commit 533369d11e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 4109 additions and 4109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2006/3xxx/CVE-2006-3239.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3239",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3239",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter."
"lang": "eng",
"value": "SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060619 VBZooM <<--V1.11 \"message.php\" SQL injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437655"
"name": "vbzoom-message-sql-injection(27295)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27295"
},
{
"name" : "18497",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18497"
"name": "20060619 VBZooM <<--V1.11 \"message.php\" SQL injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437655"
},
{
"name" : "1148",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1148"
"name": "18497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18497"
},
{
"name" : "vbzoom-message-sql-injection(27295)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27295"
"name": "1148",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1148"
}
]
}

104
2006/3xxx/CVE-2006-3352.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3352",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3352",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status."
"lang": "eng",
"value": "** DISPUTED ** Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060630 Browser bugs hit IE, Firefox today (SANS)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438785/100/0/threaded"
"name": "20060630 RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438863/100/0/threaded"
},
{
"name" : "20060630 ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438811/100/0/threaded"
"name": "18734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18734"
},
{
"name" : "20060630 RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438863/100/0/threaded"
"name": "http://isc.sans.org/diary.php?storyid=1448",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.php?storyid=1448"
},
{
"name" : "20060630 Re: Browser bugs hit IE, Firefox today (SANS)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438864/100/0/threaded"
"name": "20060704 Re: Browser bugs hit IE, Firefox today (SANS)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439146/100/0/threaded"
},
{
"name" : "20060630 Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438788/100/0/threaded"
"name": "20060630 Browser bugs hit IE, Firefox today (SANS)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438785/100/0/threaded"
},
{
"name" : "20060704 Re: Browser bugs hit IE, Firefox today (SANS)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439146/100/0/threaded"
"name": "20060630 Re: Browser bugs hit IE, Firefox today (SANS)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438864/100/0/threaded"
},
{
"name" : "http://isc.sans.org/diary.php?storyid=1448",
"refsource" : "MISC",
"url" : "http://isc.sans.org/diary.php?storyid=1448"
"name": "20060630 ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438811/100/0/threaded"
},
{
"name" : "18734",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18734"
"name": "20060630 Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438788/100/0/threaded"
}
]
}

22
2006/4xxx/CVE-2006-4152.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4152",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4152",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2006/4xxx/CVE-2006-4179.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4179",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4179",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2006/4xxx/CVE-2006-4443.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4443",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4443",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote attackers to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote attackers to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060826 AlstraSoft Video Share Enterprise Remote File Include Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/444416/100/0/threaded"
"name": "alstrasoft-myajax-file-include(28583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28583"
},
{
"name" : "19724",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19724"
"name": "20060826 AlstraSoft Video Share Enterprise Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444416/100/0/threaded"
},
{
"name" : "1467",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1467"
"name": "19724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19724"
},
{
"name" : "alstrasoft-myajax-file-include(28583)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28583"
"name": "1467",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1467"
}
]
}

86
2006/4xxx/CVE-2006-4595.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4595",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4595",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "muforum (µforum) 0.4c stores membres/members.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes."
"lang": "eng",
"value": "muforum (\u00b5forum) 0.4c stores membres/members.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060901 &micro;forum v0.4c (members.dat) MD5 Passwd Hash Disclosure Poc",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/445001/100/0/threaded"
"name": "ADV-2006-3445",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3445"
},
{
"name" : "http://acid-root.new.fr/poc/08060901.txt",
"refsource" : "MISC",
"url" : "http://acid-root.new.fr/poc/08060901.txt"
"name": "20060901 &micro;forum v0.4c (members.dat) MD5 Passwd Hash Disclosure Poc",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445001/100/0/threaded"
},
{
"name" : "ADV-2006-3445",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3445"
"name": "http://acid-root.new.fr/poc/08060901.txt",
"refsource": "MISC",
"url": "http://acid-root.new.fr/poc/08060901.txt"
},
{
"name" : "21742",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21742"
"name": "21742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21742"
},
{
"name" : "1514",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1514"
"name": "1514",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1514"
}
]
}

86
2006/4xxx/CVE-2006-4974.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4974",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4974",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command."
"lang": "eng",
"value": "Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2401",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2401"
"name": "29125",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29125"
},
{
"name" : "20121",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20121"
"name": "wsftp-pasv-bo(29074)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
},
{
"name" : "29125",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29125"
"name": "20121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20121"
},
{
"name" : "22032",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22032"
"name": "2401",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2401"
},
{
"name" : "wsftp-pasv-bo(29074)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
"name": "22032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22032"
}
]
}

92
2006/6xxx/CVE-2006-6008.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6008",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6008",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778."
"lang": "eng",
"value": "ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384454",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384454"
"name": "GLSA-200611-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200611-05.xml"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=150292",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=150292"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384454",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384454"
},
{
"name" : "http://ftp.debian.org/debian/pool/main/l/linux-ftpd/linux-ftpd_0.17-22.diff.gz",
"refsource" : "CONFIRM",
"url" : "http://ftp.debian.org/debian/pool/main/l/linux-ftpd/linux-ftpd_0.17-22.diff.gz"
"name": "http://ftp.debian.org/debian/pool/main/l/linux-ftpd/linux-ftpd_0.17-22.diff.gz",
"refsource": "CONFIRM",
"url": "http://ftp.debian.org/debian/pool/main/l/linux-ftpd/linux-ftpd_0.17-22.diff.gz"
},
{
"name" : "GLSA-200611-05",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200611-05.xml"
"name": "22816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22816"
},
{
"name" : "22816",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22816"
"name": "22853",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22853"
},
{
"name" : "22853",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22853"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=150292",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=150292"
}
]
}

302
2006/6xxx/CVE-2006-6106.json
View File

@ -1,261 +1,261 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-6106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field."
"lang": "eng",
"value": "Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070209 rPSA-2007-0031-1 kernel",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459615/100/0/threaded"
"name": "2007-0002",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0002/"
},
{
"name" : "20070615 rPSA-2007-0124-1 kernel xen",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/471457"
"name": "24098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24098"
},
{
"name" : "[linux-kernel] 20061215 [patch 24/24] Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=linux-kernel&m=116614741607528&w=2"
"name": "ADV-2006-5037",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5037"
},
{
"name" : "[linux-kernel] 20061219 Linux 2.6.18.6",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=linux-kernel&m=116648929829440&w=2"
"name": "MDKSA-2007:025",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:025"
},
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602"
"name": "27227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27227"
},
{
"name" : "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5",
"refsource" : "CONFIRM",
"url" : "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5"
"name": "oval:org.mitre.oval:def:10891",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10891"
},
{
"name" : "https://issues.rpath.com/browse/RPL-848",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-848"
"name": "SUSE-SA:2007:053",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm"
"name": "23609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23609"
},
{
"name" : "DSA-1304",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1304"
"name": "RHSA-2007:0014",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0014.html"
},
{
"name" : "DSA-1503",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1503"
"name": "MDKSA-2007:012",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:012"
},
{
"name" : "MDKSA-2007:002",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:002"
"name": "23593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23593"
},
{
"name" : "MDKSA-2007:012",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:012"
"name": "SUSE-SA:2007:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_21_kernel.html"
},
{
"name" : "MDKSA-2007:025",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:025"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm"
},
{
"name" : "RHSA-2007:0014",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0014.html"
"name": "USN-416-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-416-1"
},
{
"name" : "SUSE-SA:2007:018",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_18_kernel.html"
"name": "24105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24105"
},
{
"name" : "SUSE-SA:2007:021",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_21_kernel.html"
"name": "25226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25226"
},
{
"name" : "SUSE-SA:2007:030",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_30_kernel.html"
"name": "23408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23408"
},
{
"name" : "SUSE-SA:2007:035",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
"name": "23752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23752"
},
{
"name" : "SUSE-SA:2007:053",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
"name": "25683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25683"
},
{
"name" : "2007-0002",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0002/"
"name": "24206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24206"
},
{
"name" : "USN-416-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-416-1"
"name": "20070209 rPSA-2007-0031-1 kernel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459615/100/0/threaded"
},
{
"name" : "21604",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21604"
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602"
},
{
"name" : "oval:org.mitre.oval:def:10891",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10891"
"name": "23997",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23997"
},
{
"name" : "ADV-2006-5037",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5037"
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name" : "23408",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23408"
"name": "SUSE-SA:2007:018",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_18_kernel.html"
},
{
"name" : "23427",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23427"
"name": "DSA-1503",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1503"
},
{
"name" : "23593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23593"
"name": "24547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24547"
},
{
"name" : "23609",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23609"
"name": "[linux-kernel] 20061219 Linux 2.6.18.6",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=116648929829440&w=2"
},
{
"name" : "23752",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23752"
"name": "MDKSA-2007:002",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:002"
},
{
"name" : "23997",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23997"
"name": "SUSE-SA:2007:030",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html"
},
{
"name" : "24098",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24098"
"name": "29058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29058"
},
{
"name" : "24105",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24105"
"name": "DSA-1304",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1304"
},
{
"name" : "24206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24206"
"name": "25714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25714"
},
{
"name" : "24547",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24547"
"name": "kernel-cmtprecvinteropmsg-bo(30912)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30912"
},
{
"name" : "25683",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25683"
"name": "21604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21604"
},
{
"name" : "25714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25714"
"name": "SUSE-SA:2007:035",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
},
{
"name" : "25691",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25691"
"name": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5",
"refsource": "CONFIRM",
"url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5"
},
{
"name" : "25226",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25226"
"name": "23427",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23427"
},
{
"name" : "27227",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27227"
"name": "25691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25691"
},
{
"name" : "29058",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29058"
"name": "https://issues.rpath.com/browse/RPL-848",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-848"
},
{
"name" : "kernel-cmtprecvinteropmsg-bo(30912)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30912"
"name": "[linux-kernel] 20061215 [patch 24/24] Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=116614741607528&w=2"
}
]
}

98
2006/6xxx/CVE-2006-6153.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6153",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6153",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061119 Classified System [injection sql]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452179/100/100/threaded"
"name": "22987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22987"
},
{
"name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=47",
"refsource" : "MISC",
"url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=47"
"name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=47",
"refsource": "MISC",
"url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=47"
},
{
"name" : "21190",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21190"
"name": "1017259",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017259"
},
{
"name" : "1017259",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017259"
"name": "1926",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1926"
},
{
"name" : "22987",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22987"
"name": "21190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21190"
},
{
"name" : "1926",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1926"
"name": "classifiedsystem-catsearch-xss(30446)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30446"
},
{
"name" : "classifiedsystem-catsearch-xss(30446)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30446"
"name": "20061119 Classified System [injection sql]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452179/100/100/threaded"
}
]
}

80
2006/6xxx/CVE-2006-6178.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6178",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6178",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in PCCSRV\\Web_console\\RemoteInstallCGI\\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors."
"lang": "eng",
"value": "Buffer overflow in PCCSRV\\Web_console\\RemoteInstallCGI\\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702",
"refsource" : "CONFIRM",
"url" : "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702"
"name": "ADV-2006-4852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4852"
},
{
"name" : "http://solutionfile.trendmicro.com/SolutionFile/1031702/en/Hotfix_Readme_OSCE7_3_B1087.txt",
"refsource" : "MISC",
"url" : "http://solutionfile.trendmicro.com/SolutionFile/1031702/en/Hotfix_Readme_OSCE7_3_B1087.txt"
"name": "http://solutionfile.trendmicro.com/SolutionFile/1031702/en/Hotfix_Readme_OSCE7_3_B1087.txt",
"refsource": "MISC",
"url": "http://solutionfile.trendmicro.com/SolutionFile/1031702/en/Hotfix_Readme_OSCE7_3_B1087.txt"
},
{
"name" : "21442",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21442"
"name": "21442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21442"
},
{
"name" : "ADV-2006-4852",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4852"
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702"
}
]
}

122
2006/6xxx/CVE-2006-6335.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6335",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6335",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll."
"lang": "eng",
"value": "Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061212 ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/454197/100/0/threaded"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-046.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-046.html"
},
{
"name" : "20061212 ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/454211/100/0/threaded"
"name": "http://www.sophos.com/support/knowledgebase/article/17340.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/17340.html"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-046.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-046.html"
"name": "21563",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21563"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-045.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-045.html"
"name": "20061212 ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454197/100/0/threaded"
},
{
"name" : "http://www.sophos.com/support/knowledgebase/article/17340.html",
"refsource" : "CONFIRM",
"url" : "http://www.sophos.com/support/knowledgebase/article/17340.html"
"name": "sophos-sit-bo(30852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30852"
},
{
"name" : "http://www.sophos.com/support/knowledgebase/article/21637.html",
"refsource" : "CONFIRM",
"url" : "http://www.sophos.com/support/knowledgebase/article/21637.html"
"name": "20061212 ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454211/100/0/threaded"
},
{
"name" : "21563",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21563"
"name": "ADV-2006-4919",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4919"
},
{
"name" : "ADV-2006-4919",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4919"
"name": "23325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23325"
},
{
"name" : "23325",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23325"
"name": "sophos-cpio-bo(30851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30851"
},
{
"name" : "sophos-cpio-bo(30851)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30851"
"name": "http://www.sophos.com/support/knowledgebase/article/21637.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/21637.html"
},
{
"name" : "sophos-sit-bo(30852)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30852"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-045.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-045.html"
}
]
}

98
2006/7xxx/CVE-2006-7115.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7115",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7115",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php."
"lang": "eng",
"value": "SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061110 PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451304/100/0/threaded"
"name": "20061110 PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451304/100/0/threaded"
},
{
"name" : "http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_(faq-faq.php)_Remote_SQL_Injection_Exploit.htm",
"refsource" : "MISC",
"url" : "http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_(faq-faq.php)_Remote_SQL_Injection_Exploit.htm"
"name": "21002",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21002"
},
{
"name" : "21002",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21002"
"name": "phpkit-faq-sql-injection(30209)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30209"
},
{
"name" : "31265",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31265"
"name": "31265",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31265"
},
{
"name" : "17479",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17479"
"name": "http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_(faq-faq.php)_Remote_SQL_Injection_Exploit.htm",
"refsource": "MISC",
"url": "http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_(faq-faq.php)_Remote_SQL_Injection_Exploit.htm"
},
{
"name" : "2357",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2357"
"name": "17479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17479"
},
{
"name" : "phpkit-faq-sql-injection(30209)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30209"
"name": "2357",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2357"
}
]
}

80
2006/7xxx/CVE-2006-7244.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7244",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7244",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length."
"lang": "eng",
"value": "Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110322 CVE Request: libpng memory leak",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/03/22/7"
"name": "[oss-security] 20110322 CVE Request: libpng memory leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/22/7"
},
{
"name" : "[oss-security] 20110328 Re: CVE Request: libpng memory leak",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/03/28/6"
"name": "[oss-security] 20110328 Re: CVE Request: libpng memory leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/28/6"
},
{
"name" : "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18",
"refsource" : "CONFIRM",
"url" : "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18"
"name": "https://bugs.gentoo.org/159216?id=159216",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/159216?id=159216"
},
{
"name" : "https://bugs.gentoo.org/159216?id=159216",
"refsource" : "CONFIRM",
"url" : "https://bugs.gentoo.org/159216?id=159216"
"name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18",
"refsource": "CONFIRM",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18"
}
]
}

74
2010/2xxx/CVE-2010-2573.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2573",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-2573",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka \"PowerPoint Integer Underflow Causes Heap Corruption Vulnerability.\""
"lang": "eng",
"value": "Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka \"PowerPoint Integer Underflow Causes Heap Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-088",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088"
"name": "oval:org.mitre.oval:def:12122",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12122"
},
{
"name" : "TA10-313A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-313A.html"
"name": "MS10-088",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088"
},
{
"name" : "oval:org.mitre.oval:def:12122",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12122"
"name": "TA10-313A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-313A.html"
}
]
}

80
2010/2xxx/CVE-2010-2619.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2619",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2619",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger \"incorrectly set flags.\""
"lang": "eng",
"value": "Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger \"incorrectly set flags.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.citrix.com/article/CTX125319",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX125319"
"name": "http://support.citrix.com/article/CTX125319",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX125319"
},
{
"name" : "1024157",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024157"
"name": "40282",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40282"
},
{
"name" : "40282",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40282"
"name": "1024157",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024157"
},
{
"name" : "ADV-2010-1613",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1613"
"name": "ADV-2010-1613",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1613"
}
]
}

62
2010/2xxx/CVE-2010-2980.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2980",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2980",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794."
"lang": "eng",
"value": "Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html",
"refsource" : "CONFIRM",
"url" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"
"name": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"
}
]
}

98
2011/0xxx/CVE-2011-0143.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0143",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0143",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
"lang": "eng",
"value": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4554",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4554"
"name": "http://support.apple.com/kb/HT4564",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4564"
},
{
"name" : "http://support.apple.com/kb/HT4564",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4564"
"name": "http://support.apple.com/kb/HT4566",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4566"
},
{
"name" : "http://support.apple.com/kb/HT4566",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4566"
"name": "APPLE-SA-2011-03-02-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name" : "APPLE-SA-2011-03-02-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
"name": "APPLE-SA-2011-03-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"name" : "APPLE-SA-2011-03-09-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
"name": "http://support.apple.com/kb/HT4554",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4554"
},
{
"name" : "APPLE-SA-2011-03-09-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
"name": "APPLE-SA-2011-03-09-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name" : "oval:org.mitre.oval:def:17413",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17413"
"name": "oval:org.mitre.oval:def:17413",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17413"
}
]
}

86
2011/0xxx/CVE-2011-0532.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0532",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0532",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
"lang": "eng",
"value": "The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=672468",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=672468"
"name": "1025102",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025102"
},
{
"name" : "RHSA-2011:0293",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0293.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=672468",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=672468"
},
{
"name" : "46489",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46489"
"name": "RHSA-2011:0293",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0293.html"
},
{
"name" : "1025102",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025102"
"name": "rhds-ldlibrarypath-priv-esc(65637)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65637"
},
{
"name" : "rhds-ldlibrarypath-priv-esc(65637)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65637"
"name": "46489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46489"
}
]
}

80
2011/0xxx/CVE-2011-0638.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0638",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0638",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer."
"lang": "eng",
"value": "Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://news.cnet.com/8301-27080_3-20028919-245.html",
"refsource" : "MISC",
"url" : "http://news.cnet.com/8301-27080_3-20028919-245.html"
"name": "http://news.cnet.com/8301-27080_3-20028919-245.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-27080_3-20028919-245.html"
},
{
"name" : "http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou",
"refsource" : "MISC",
"url" : "http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou"
"name": "oval:org.mitre.oval:def:12566",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12566"
},
{
"name" : "http://www.cs.gmu.edu/~astavrou/publications.html",
"refsource" : "MISC",
"url" : "http://www.cs.gmu.edu/~astavrou/publications.html"
"name": "http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou"
},
{
"name" : "oval:org.mitre.oval:def:12566",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12566"
"name": "http://www.cs.gmu.edu/~astavrou/publications.html",
"refsource": "MISC",
"url": "http://www.cs.gmu.edu/~astavrou/publications.html"
}
]
}

272
2011/0xxx/CVE-2011-0997.json
View File

@ -1,236 +1,236 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0997",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0997",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script."
"lang": "eng",
"value": "dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "37623",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37623/"
"name": "47176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47176"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=689832",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=689832"
"name": "ADV-2011-0886",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0886"
},
{
"name" : "https://www.isc.org/software/dhcp/advisories/cve-2011-0997",
"refsource" : "CONFIRM",
"url" : "https://www.isc.org/software/dhcp/advisories/cve-2011-0997"
"name": "44103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44103"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
"name": "RHSA-2011:0840",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0840.html"
},
{
"name" : "DSA-2216",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2216"
"name": "44037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44037"
},
{
"name" : "DSA-2217",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2217"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=689832",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=689832"
},
{
"name" : "FEDORA-2011-4897",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html"
"name": "ADV-2011-0926",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0926"
},
{
"name" : "FEDORA-2011-4934",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html"
"name": "HPSBMU02752",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133226187115472&w=2"
},
{
"name" : "GLSA-201301-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201301-06.xml"
"name": "44127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44127"
},
{
"name" : "HPSBMU02752",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133226187115472&w=2"
"name": "MDVSA-2011:073",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:073"
},
{
"name" : "SSRT100802",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133226187115472&w=2"
"name": "SSRT100802",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133226187115472&w=2"
},
{
"name" : "MDVSA-2011:073",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:073"
"name": "ADV-2011-0909",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0909"
},
{
"name" : "RHSA-2011:0428",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0428.html"
"name": "oval:org.mitre.oval:def:12812",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12812"
},
{
"name" : "RHSA-2011:0840",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0840.html"
"name": "71493",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/71493"
},
{
"name" : "SSA:2011-097-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345"
"name": "44090",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44090"
},
{
"name" : "USN-1108-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1108-1"
"name": "44048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44048"
},
{
"name" : "VU#107886",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/107886"
"name": "FEDORA-2011-4934",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html"
},
{
"name" : "47176",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47176"
"name": "https://www.isc.org/software/dhcp/advisories/cve-2011-0997",
"refsource": "CONFIRM",
"url": "https://www.isc.org/software/dhcp/advisories/cve-2011-0997"
},
{
"name" : "71493",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/71493"
"name": "iscdhcp-dhclient-command-execution(66580)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66580"
},
{
"name" : "oval:org.mitre.oval:def:12812",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12812"
"name": "ADV-2011-0879",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0879"
},
{
"name" : "1025300",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1025300"
"name": "VU#107886",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/107886"
},
{
"name" : "44037",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44037"
"name": "1025300",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025300"
},
{
"name" : "44048",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44048"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
},
{
"name" : "44089",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44089"
"name": "SSA:2011-097-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345"
},
{
"name" : "44090",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44090"
"name": "ADV-2011-1000",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1000"
},
{
"name" : "44103",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44103"
"name": "ADV-2011-0915",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0915"
},
{
"name" : "44127",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44127"
"name": "ADV-2011-0965",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0965"
},
{
"name" : "44180",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44180"
"name": "37623",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37623/"
},
{
"name" : "ADV-2011-0879",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0879"
"name": "GLSA-201301-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201301-06.xml"
},
{
"name" : "ADV-2011-0886",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0886"
"name": "44180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44180"
},
{
"name" : "ADV-2011-0909",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0909"
"name": "DSA-2217",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2217"
},
{
"name" : "ADV-2011-0915",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0915"
"name": "USN-1108-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1108-1"
},
{
"name" : "ADV-2011-0926",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0926"
"name": "DSA-2216",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2216"
},
{
"name" : "ADV-2011-0965",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0965"
"name": "FEDORA-2011-4897",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html"
},
{
"name" : "ADV-2011-1000",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/1000"
"name": "RHSA-2011:0428",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0428.html"
},
{
"name" : "iscdhcp-dhclient-command-execution(66580)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66580"
"name": "44089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44089"
}
]
}

86
2011/1xxx/CVE-2011-1132.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1132",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1132",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
"lang": "eng",
"value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4723",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4723"
"name": "http://support.apple.com/kb/HT4723",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4723"
},
{
"name" : "http://support.apple.com/kb/HT4999",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4999"
"name": "APPLE-SA-2011-10-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
},
{
"name" : "APPLE-SA-2011-06-23-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
"name": "APPLE-SA-2011-06-23-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name" : "APPLE-SA-2011-10-12-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
"name": "48422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48422"
},
{
"name" : "48422",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48422"
"name": "http://support.apple.com/kb/HT4999",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4999"
}
]
}

22
2011/1xxx/CVE-2011-1600.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1600",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1600",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2011/1xxx/CVE-2011-1697.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1697",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1697",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

104
2011/1xxx/CVE-2011-1956.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1956",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1956",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic."
"lang": "eng",
"value": "The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110531 CVE request for Wireshark 1.4.5 TCP DoS issue",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/05/31/19"
"name": "http://www.wireshark.org/news/20110418.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/news/20110418.html"
},
{
"name" : "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.5 TCP DoS issue",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/06/01/9"
"name": "[oss-security] 20110531 CVE request for Wireshark 1.4.5 TCP DoS issue",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/05/31/19"
},
{
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html"
"name": "oval:org.mitre.oval:def:14943",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14943"
},
{
"name" : "http://www.wireshark.org/news/20110418.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/news/20110418.html"
"name": "wireshark-desegmenttcp-dos(67789)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67789"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837"
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.5 TCP DoS issue",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/06/01/9"
},
{
"name" : "oval:org.mitre.oval:def:14943",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14943"
"name": "44449",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44449"
},
{
"name" : "44449",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44449"
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html"
},
{
"name" : "wireshark-desegmenttcp-dos(67789)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67789"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837"
}
]
}

74
2011/4xxx/CVE-2011-4567.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4567",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4567",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.dognaedis.com/vulns/DGS-SEC-8.html",
"refsource" : "MISC",
"url" : "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
"name": "zencart-multipleparameters-xss(71519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"name" : "50787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50787"
"name": "https://www.dognaedis.com/vulns/DGS-SEC-8.html",
"refsource": "MISC",
"url": "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
},
{
"name" : "zencart-multipleparameters-xss(71519)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
"name": "50787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50787"
}
]
}

62
2011/4xxx/CVE-2011-4609.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4609",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4609",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections."
"lang": "eng",
"value": "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=767299",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=767299",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
}
]
}

68
2011/4xxx/CVE-2011-4786.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4786",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-4786",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4787."
"lang": "eng",
"value": "A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4787."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBPI02698",
"refsource" : "HP",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-01/0078.html"
"name": "HPSBPI02698",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0078.html"
},
{
"name" : "SSRT100404",
"refsource" : "HP",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-01/0078.html"
"name": "SSRT100404",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0078.html"
}
]
}

22
2011/4xxx/CVE-2011-4997.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4997",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4997",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

22
2014/2xxx/CVE-2014-2072.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2072",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2072",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2014/2xxx/CVE-2014-2389.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2389",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2389",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network."
"lang": "eng",
"value": "Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140408 BlackBerry Z 10 - Buffer Overflow in qconnDoor [MZ-13-05]",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0036.html"
"name": "20140408 BlackBerry Z 10 - Buffer Overflow in qconnDoor [MZ-13-05]",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0036.html"
}
]
}

86
2014/3xxx/CVE-2014-3076.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3076",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3076",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote attackers to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page."
"lang": "eng",
"value": "IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote attackers to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679976",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679976"
"name": "60614",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60614"
},
{
"name" : "JR50760",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR50760"
"name": "1030666",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030666"
},
{
"name" : "1030666",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030666"
"name": "JR50760",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR50760"
},
{
"name" : "60614",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60614"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679976",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679976"
},
{
"name" : "ibm-filenet-cve20143076-info-disc(93822)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/93822"
"name": "ibm-filenet-cve20143076-info-disc(93822)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93822"
}
]
}

68
2014/3xxx/CVE-2014-3454.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3454",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3454",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Special:CreateCategory in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to hijack the authentication of users for requests that create categories via unspecified vectors."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Special:CreateCategory in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to hijack the authentication of users for requests that create categories via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[MediaWiki-announce] 20140114 MediaWiki Security Releases: 1.22.1, 1.21.4 and 1.19.10",
"refsource" : "MLIST",
"url" : "http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html"
"name": "[MediaWiki-announce] 20140114 MediaWiki Security Releases: 1.22.1, 1.21.4 and 1.19.10",
"refsource": "MLIST",
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html"
},
{
"name" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=57025",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=57025"
"name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=57025",
"refsource": "CONFIRM",
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=57025"
}
]
}

80
2014/6xxx/CVE-2014-6084.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6084",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6084",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SSL cipher."
"lang": "eng",
"value": "IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SSL cipher."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684475",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684475"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684475",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684475"
},
{
"name" : "IV67358",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358"
"name": "IV67358",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358"
},
{
"name" : "IV67581",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581"
"name": "IV67581",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581"
},
{
"name" : "ibm-sam-cve20146084-cipher(95811)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95811"
"name": "ibm-sam-cve20146084-cipher(95811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95811"
}
]
}

86
2014/6xxx/CVE-2014-6233.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6233",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6233",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010",
"refsource" : "MISC",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010"
"name": "flatmgr-unspecified-sql-injection(95703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95703"
},
{
"name" : "http://typo3.org/extensions/repository/view/flatmgr",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/flatmgr"
"name": "60876",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60876"
},
{
"name" : "69561",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69561"
"name": "69561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69561"
},
{
"name" : "60876",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60876"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010"
},
{
"name" : "flatmgr-unspecified-sql-injection(95703)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95703"
"name": "http://typo3.org/extensions/repository/view/flatmgr",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/flatmgr"
}
]
}

80
2014/6xxx/CVE-2014-6438.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6438",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6438",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string."
"lang": "eng",
"value": "The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150713 Re: Retroactive CVE request for Ruby 1.9.2-p330",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/07/13/6"
"name": "1032874",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032874"
},
{
"name" : "https://github.com/ruby/www.ruby-lang.org/issues/817",
"refsource" : "CONFIRM",
"url" : "https://github.com/ruby/www.ruby-lang.org/issues/817"
"name": "https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/",
"refsource": "CONFIRM",
"url": "https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/"
},
{
"name" : "https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/",
"refsource" : "CONFIRM",
"url" : "https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/"
"name": "https://github.com/ruby/www.ruby-lang.org/issues/817",
"refsource": "CONFIRM",
"url": "https://github.com/ruby/www.ruby-lang.org/issues/817"
},
{
"name" : "1032874",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032874"
"name": "[oss-security] 20150713 Re: Retroactive CVE request for Ruby 1.9.2-p330",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/13/6"
}
]
}

74
2014/6xxx/CVE-2014-6833.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6833",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6833",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The AuctionTrac Dealer (aka com.adesa.dealer.phone) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The AuctionTrac Dealer (aka com.adesa.dealer.phone) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#996889",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/996889"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#996889",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/996889"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/6xxx/CVE-2014-6980.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6980",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6980",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#431929",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/431929"
"name": "VU#431929",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/431929"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7053.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7053",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7053",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The City Star ME (aka com.citystarme) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The City Star ME (aka com.citystarme) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#548793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/548793"
},
{
"name" : "VU#548793",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/548793"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7082.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7082",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7082",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#808305",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/808305"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#808305",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/808305"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

86
2014/7xxx/CVE-2014-7275.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7275",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7275",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20141007 Re: CVE Request(s): Getmail 4",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/10/07/33"
"name": "openSUSE-SU-2014:1315",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html"
},
{
"name" : "http://pyropus.ca/software/getmail/CHANGELOG",
"refsource" : "CONFIRM",
"url" : "http://pyropus.ca/software/getmail/CHANGELOG"
"name": "[oss-security] 20141007 Re: CVE Request(s): Getmail 4",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/10/07/33"
},
{
"name" : "DSA-3091",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3091"
"name": "DSA-3091",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3091"
},
{
"name" : "openSUSE-SU-2014:1315",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html"
"name": "61229",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61229"
},
{
"name" : "61229",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61229"
"name": "http://pyropus.ca/software/getmail/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://pyropus.ca/software/getmail/CHANGELOG"
}
]
}

22
2014/7xxx/CVE-2014-7645.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7645",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-7645",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

74
2014/7xxx/CVE-2014-7694.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7694",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7694",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Corvette Museum (aka com.app_corvettemuseum.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Corvette Museum (aka com.app_corvettemuseum.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#138185",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/138185"
},
{
"name" : "VU#138185",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/138185"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

86
2014/7xxx/CVE-2014-7979.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7979",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7979",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the \"administer themes\" permission to inject arbitrary web script or HTML via vectors related to theme settings."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the \"administer themes\" permission to inject arbitrary web script or HTML via vectors related to theme settings."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://drupal.org/node/2236811",
"refsource" : "MISC",
"url" : "https://drupal.org/node/2236811"
"name": "https://drupal.org/node/2236811",
"refsource": "MISC",
"url": "https://drupal.org/node/2236811"
},
{
"name" : "https://www.drupal.org/node/2236255",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2236255"
"name": "https://www.drupal.org/node/2236255",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2236255"
},
{
"name" : "66768",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66768"
"name": "66768",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66768"
},
{
"name" : "57828",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57828"
"name": "simplecorp-drupal-xss(92530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92530"
},
{
"name" : "simplecorp-drupal-xss(92530)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92530"
"name": "57828",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57828"
}
]
}

98
2016/2xxx/CVE-2016-2386.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2386",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2386",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079."
"lang": "eng",
"value": "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "39840",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39840/"
"name": "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/"
},
{
"name" : "43495",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43495/"
"name": "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html"
},
{
"name" : "20160523 [ERPSCAN-16-011] SAP NetWeaver AS JAVA - SQL injection vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/May/56"
"name": "39840",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39840/"
},
{
"name" : "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/",
"refsource" : "MISC",
"url" : "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/"
"name": "https://github.com/vah13/SAP_exploit",
"refsource": "MISC",
"url": "https://github.com/vah13/SAP_exploit"
},
{
"name" : "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"refsource" : "MISC",
"url" : "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
"name": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"name" : "https://github.com/vah13/SAP_exploit",
"refsource" : "MISC",
"url" : "https://github.com/vah13/SAP_exploit"
"name": "43495",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43495/"
},
{
"name" : "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html"
"name": "20160523 [ERPSCAN-16-011] SAP NetWeaver AS JAVA - SQL injection vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/May/56"
}
]
}

70
2017/0xxx/CVE-2017-0668.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-07-05T00:00:00",
"ID" : "CVE-2017-0668",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-07-05T00:00:00",
"ID": "CVE-2017-0668",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2"
"version_value": "Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579."
"lang": "eng",
"value": "A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01"
"name": "99470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99470"
},
{
"name" : "99470",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99470"
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
}
]
}

22
2017/0xxx/CVE-2017-0875.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0875",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0875",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/0xxx/CVE-2017-0999.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0999",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0999",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/18xxx/CVE-2017-18163.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18163",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18163",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1358.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1358",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1358",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1815.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1815",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1815",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/1xxx/CVE-2017-1818.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1818",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1818",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/1xxx/CVE-2017-1891.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1891",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1891",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

92
2017/5xxx/CVE-2017-5038.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5038",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5038",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 57.0.2987.98 for Linux, Windows and Mac",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 57.0.2987.98 for Linux, Windows and Mac",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 57.0.2987.98 for Linux, Windows and Mac"
"version_value": "Google Chrome prior to 57.0.2987.98 for Linux, Windows and Mac"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension."
"lang": "eng",
"value": "Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "use after free"
"lang": "eng",
"value": "use after free"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html"
"name": "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html"
},
{
"name" : "https://crbug.com/695476",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/695476"
"name": "GLSA-201704-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201704-02"
},
{
"name" : "DSA-3810",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3810"
"name": "https://crbug.com/695476",
"refsource": "CONFIRM",
"url": "https://crbug.com/695476"
},
{
"name" : "GLSA-201704-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201704-02"
"name": "DSA-3810",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3810"
},
{
"name" : "RHSA-2017:0499",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0499.html"
"name": "96767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96767"
},
{
"name" : "96767",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96767"
"name": "RHSA-2017:0499",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0499.html"
}
]
}

98
2017/5xxx/CVE-2017-5087.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5087",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5087",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 59.0.3071.104 for Mac, Windows and Linux, and 59.0.3071.117 for Android",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 59.0.3071.104 for Mac, Windows and Linux, and 59.0.3071.117 for Android",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 59.0.3071.104 for Mac, Windows and Linux, and 59.0.3071.117 for Android"
"version_value": "Google Chrome prior to 59.0.3071.104 for Mac, Windows and Linux, and 59.0.3071.117 for Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape."
"lang": "eng",
"value": "A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Use after free"
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html",
"refsource" : "MISC",
"url" : "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html"
"name": "1038765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038765"
},
{
"name" : "https://crbug.com/725032",
"refsource" : "MISC",
"url" : "https://crbug.com/725032"
"name": "99096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99096"
},
{
"name" : "DSA-3926",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3926"
"name": "DSA-3926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3926"
},
{
"name" : "GLSA-201706-20",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-20"
"name": "https://crbug.com/725032",
"refsource": "MISC",
"url": "https://crbug.com/725032"
},
{
"name" : "RHSA-2017:1495",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1495"
"name": "RHSA-2017:1495",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1495"
},
{
"name" : "99096",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99096"
"name": "GLSA-201706-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-20"
},
{
"name" : "1038765",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038765"
"name": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html"
}
]
}

74
2017/5xxx/CVE-2017-5174.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-5174",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5174",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Geutebruck IP Cameras",
"version" : {
"version_data" : [
"product_name": "Geutebruck IP Cameras",
"version": {
"version_data": [
{
"version_value" : "Geutebruck IP Cameras"
"version_value": "Geutebruck IP Cameras"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution."
"lang": "eng",
"value": "An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-288"
"lang": "eng",
"value": "CWE-288"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41360",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41360/"
"name": "96209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96209"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02"
},
{
"name" : "96209",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96209"
"name": "41360",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41360/"
}
]
}

116
2017/5xxx/CVE-2017-5386.json
View File

@ -1,108 +1,108 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2017-5386",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2017-5386",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "45.7"
"version_affected": "<",
"version_value": "45.7"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "51"
"version_affected": "<",
"version_value": "51"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
"vendor_name": "Mozilla"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebExtension scripts can use the \"data:\" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51."
"lang": "eng",
"value": "WebExtension scripts can use the \"data:\" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "WebExtensions can use data: protocol to affect other extensions"
"lang": "eng",
"value": "WebExtensions can use data: protocol to affect other extensions"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1319070",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1319070"
"name": "https://www.mozilla.org/security/advisories/mfsa2017-02/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-02/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-01/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-01/"
"name": "GLSA-201702-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-22"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-02/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-02/"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319070",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319070"
},
{
"name" : "DSA-3771",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2017/dsa-3771"
"name": "DSA-3771",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3771"
},
{
"name" : "GLSA-201702-22",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-22"
"name": "1037693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037693"
},
{
"name" : "RHSA-2017:0190",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0190.html"
"name": "https://www.mozilla.org/security/advisories/mfsa2017-01/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-01/"
},
{
"name" : "95769",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95769"
"name": "RHSA-2017:0190",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html"
},
{
"name" : "1037693",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037693"
"name": "95769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95769"
}
]
}

130
2017/5xxx/CVE-2017-5535.json
View File

@ -1,114 +1,114 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@tibco.com",
"DATE_PUBLIC" : "2018-05-01T16:00:00.000Z",
"ID" : "CVE-2017-5535",
"STATE" : "PUBLIC",
"TITLE" : "TIBCO DataSynapse GridServer improper use of encryption"
"CVE_data_meta": {
"ASSIGNER": "security@tibco.com",
"DATE_PUBLIC": "2018-05-01T16:00:00.000Z",
"ID": "CVE-2017-5535",
"STATE": "PUBLIC",
"TITLE": "TIBCO DataSynapse GridServer improper use of encryption"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "TIBCO DataSynapse GridServer Manager",
"version" : {
"version_data" : [
"product_name": "TIBCO DataSynapse GridServer Manager",
"version": {
"version_data": [
{
"affected" : "<=",
"version_value" : "5.1.3"
"affected": "<=",
"version_value": "5.1.3"
},
{
"affected" : "=",
"version_value" : "6.0.0"
"affected": "=",
"version_value": "6.0.0"
},
{
"affected" : "=",
"version_value" : "6.0.1"
"affected": "=",
"version_value": "6.0.1"
},
{
"affected" : "=",
"version_value" : "6.0.2"
"affected": "=",
"version_value": "6.0.2"
},
{
"affected" : "=",
"version_value" : "6.1.0"
"affected": "=",
"version_value": "6.1.0"
},
{
"affected" : "=",
"version_value" : "6.1.1"
"affected": "=",
"version_value": "6.1.1"
},
{
"affected" : "=",
"version_value" : "6.2.0"
"affected": "=",
"version_value": "6.2.0"
}
]
}
}
]
},
"vendor_name" : "TIBCO Software Inc."
"vendor_name": "TIBCO Software Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0."
"lang": "eng",
"value": "The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 6.8,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "A user with access to network traffic between the affected components could potentially examine that traffic, including passwords used to encrypt further communications."
"lang": "eng",
"value": "A user with access to network traffic between the affected components could potentially examine that traffic, including passwords used to encrypt further communications."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.tibco.com/support/advisories/2018/05/security-advisory-may-1-2018-tibco-datasynapse-gridserver-2017-5535",
"refsource" : "CONFIRM",
"url" : "https://www.tibco.com/support/advisories/2018/05/security-advisory-may-1-2018-tibco-datasynapse-gridserver-2017-5535"
"name": "https://www.tibco.com/support/advisories/2018/05/security-advisory-may-1-2018-tibco-datasynapse-gridserver-2017-5535",
"refsource": "CONFIRM",
"url": "https://www.tibco.com/support/advisories/2018/05/security-advisory-may-1-2018-tibco-datasynapse-gridserver-2017-5535"
}
]
},
"solution" : [
"solution": [
{
"lang" : "eng",
"value" : "TIBCO has released updated versions of the affected components which address these issues. For each affected system, update to the corresponding software versions:\n\nTIBCO DataSynapse GridServer Manager versions 5.1.3 and below update to version 5.2.0 or higher\nTIBCO DataSynapse GridServer Manager versions 6.0.0, 6.0.1, and 6.0.2 update to version 6.3.0 or higher\nTIBCO DataSynapse GridServer Manager versions 6.1.0, and 6.1.1 update to version 6.3.0 or higher\nTIBCO DataSynapse GridServer Manager version 6.2.0 update to version 6.3.0 or higher"
"lang": "eng",
"value": "TIBCO has released updated versions of the affected components which address these issues. For each affected system, update to the corresponding software versions:\n\nTIBCO DataSynapse GridServer Manager versions 5.1.3 and below update to version 5.2.0 or higher\nTIBCO DataSynapse GridServer Manager versions 6.0.0, 6.0.1, and 6.0.2 update to version 6.3.0 or higher\nTIBCO DataSynapse GridServer Manager versions 6.1.0, and 6.1.1 update to version 6.3.0 or higher\nTIBCO DataSynapse GridServer Manager version 6.2.0 update to version 6.3.0 or higher"
}
],
"source" : {
"discovery" : "UNKNOWN"
"source": {
"discovery": "UNKNOWN"
}
}

64
2017/5xxx/CVE-2017-5721.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2017-10-06T00:00:00",
"ID" : "CVE-2017-5721",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2017-10-06T00:00:00",
"ID": "CVE-2017-5721",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "NUC Kits",
"version" : {
"version_data" : [
"product_name": "NUC Kits",
"version": {
"version_data": [
{
"version_value" : "BN0049 and below"
"version_value": "BN0049 and below"
}
]
}
}
]
},
"vendor_name" : "Intel Corporation"
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory."
"lang": "eng",
"value": "Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr",
"refsource" : "CONFIRM",
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr"
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr"
}
]
}