diff --git a/1999/0xxx/CVE-1999-0349.json b/1999/0xxx/CVE-1999-0349.json index 1905950a6a9..65e91f84de0 100644 --- a/1999/0xxx/CVE-1999-0349.json +++ b/1999/0xxx/CVE-1999-0349.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "IIS Remote FTP Exploit/DoS Attack", - "refsource" : "EEYE", - "url" : "http://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html" - }, - { - "name" : "MS99-003", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-003" - }, - { - "name" : "Q188348", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q188348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IIS Remote FTP Exploit/DoS Attack", + "refsource": "EEYE", + "url": "http://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html" + }, + { + "name": "Q188348", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q188348" + }, + { + "name": "MS99-003", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-003" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0920.json b/1999/0xxx/CVE-1999-0920.json index e1bbd7955a7..8fcb569a628 100644 --- a/1999/0xxx/CVE-1999-0920.json +++ b/1999/0xxx/CVE-1999-0920.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0920", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0920", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "283", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "283", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/283" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1081.json b/1999/1xxx/CVE-1999-1081.json index 52062ca73b0..082a23d4bc5 100644 --- a/1999/1xxx/CVE-1999-1081.json +++ b/1999/1xxx/CVE-1999-1081.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.w3.org/Security/Faq/wwwsf8.html#Q87", - "refsource" : "MISC", - "url" : "http://www.w3.org/Security/Faq/wwwsf8.html#Q87" - }, - { - "name" : "http://www.roxanne.org/faqs/www-secure/wwwsf4.html#Q35", - "refsource" : "MISC", - "url" : "http://www.roxanne.org/faqs/www-secure/wwwsf4.html#Q35" - }, - { - "name" : "http-nov-files(2054)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2054" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.w3.org/Security/Faq/wwwsf8.html#Q87", + "refsource": "MISC", + "url": "http://www.w3.org/Security/Faq/wwwsf8.html#Q87" + }, + { + "name": "http-nov-files(2054)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2054" + }, + { + "name": "http://www.roxanne.org/faqs/www-secure/wwwsf4.html#Q35", + "refsource": "MISC", + "url": "http://www.roxanne.org/faqs/www-secure/wwwsf4.html#Q35" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1065.json b/2000/1xxx/CVE-2000-1065.json index 7a5f83531a9..871253ee16e 100644 --- a/2000/1xxx/CVE-2000-1065.json +++ b/2000/1xxx/CVE-2000-1065.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001010 VIGILANTE-2000014: HP Jetdirect multiple DoS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97119729613778&w=2" - }, - { - "name" : "1775", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1775" - }, - { - "name" : "hp-jetdirect-ip-implementation(5354)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5354" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1775", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1775" + }, + { + "name": "hp-jetdirect-ip-implementation(5354)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5354" + }, + { + "name": "20001010 VIGILANTE-2000014: HP Jetdirect multiple DoS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97119729613778&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0787.json b/2007/0xxx/CVE-2007-0787.json index 5d8af250dc2..5facdce67fd 100644 --- a/2007/0xxx/CVE-2007-0787.json +++ b/2007/0xxx/CVE-2007-0787.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0787", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows remote attackers to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0787", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.simpleinvoices.org/index.php?news=25", - "refsource" : "CONFIRM", - "url" : "http://www.simpleinvoices.org/index.php?news=25" - }, - { - "name" : "22389", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22389" - }, - { - "name" : "ADV-2007-0481", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0481" - }, - { - "name" : "31796", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31796" - }, - { - "name" : "24040", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24040" - }, - { - "name" : "simpleinvoices-controller-file-include(32207)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32207" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows remote attackers to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31796", + "refsource": "OSVDB", + "url": "http://osvdb.org/31796" + }, + { + "name": "24040", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24040" + }, + { + "name": "http://www.simpleinvoices.org/index.php?news=25", + "refsource": "CONFIRM", + "url": "http://www.simpleinvoices.org/index.php?news=25" + }, + { + "name": "22389", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22389" + }, + { + "name": "simpleinvoices-controller-file-include(32207)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32207" + }, + { + "name": "ADV-2007-0481", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0481" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1258.json b/2007/1xxx/CVE-2007-1258.json index 50bbc51eb72..10225c342a1 100644 --- a/2007/1xxx/CVE-2007-1258.json +++ b/2007/1xxx/CVE-2007-1258.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070228 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070228-mpls.shtml" - }, - { - "name" : "oval:org.mitre.oval:def:5869", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5869" - }, - { - "name" : "ADV-2007-0782", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0782" - }, - { - "name" : "33067", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33067" - }, - { - "name" : "1017709", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017709" - }, - { - "name" : "24348", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24348" - }, - { - "name" : "cisco-catalyst-mpls-dos(32748)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32748" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:5869", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5869" + }, + { + "name": "33067", + "refsource": "OSVDB", + "url": "http://osvdb.org/33067" + }, + { + "name": "ADV-2007-0782", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0782" + }, + { + "name": "24348", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24348" + }, + { + "name": "cisco-catalyst-mpls-dos(32748)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32748" + }, + { + "name": "20070228 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-mpls.shtml" + }, + { + "name": "1017709", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017709" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1280.json b/2007/1xxx/CVE-2007-1280.json index 73d5d22c24d..dabd1ae6353 100644 --- a/2007/1xxx/CVE-2007-1280.json +++ b/2007/1xxx/CVE-2007-1280.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1280", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070511 Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468360/100/0/threaded" - }, - { - "name" : "http://www.devtarget.org/adobe-advisory-05-2007.txt", - "refsource" : "MISC", - "url" : "http://www.devtarget.org/adobe-advisory-05-2007.txt" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb07-10.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb07-10.html" - }, - { - "name" : "23878", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23878" - }, - { - "name" : "ADV-2007-1714", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1714" - }, - { - "name" : "35867", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35867" - }, - { - "name" : "1018020", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018020" - }, - { - "name" : "25211", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25211" - }, - { - "name" : "robohelp-files-xss(34181)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25211", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25211" + }, + { + "name": "23878", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23878" + }, + { + "name": "ADV-2007-1714", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1714" + }, + { + "name": "robohelp-files-xss(34181)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181" + }, + { + "name": "1018020", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018020" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb07-10.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb07-10.html" + }, + { + "name": "20070511 Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468360/100/0/threaded" + }, + { + "name": "35867", + "refsource": "OSVDB", + "url": "http://osvdb.org/35867" + }, + { + "name": "http://www.devtarget.org/adobe-advisory-05-2007.txt", + "refsource": "MISC", + "url": "http://www.devtarget.org/adobe-advisory-05-2007.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1511.json b/2007/1xxx/CVE-2007-1511.json index 7155ebf28ae..39382d9f6dc 100644 --- a/2007/1xxx/CVE-2007-1511.json +++ b/2007/1xxx/CVE-2007-1511.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070316 [NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7 ALL PLATFORMS][REMOTE BUFFER OVERFLOW CONDITION][LEVEL: EASY][RISK:MEDIUM]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463042/100/0/threade" - }, - { - "name" : "23007", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23007" - }, - { - "name" : "ADV-2007-0999", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0999" - }, - { - "name" : "34282", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34282" - }, - { - "name" : "24555", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24555" - }, - { - "name" : "2470", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2470" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34282", + "refsource": "OSVDB", + "url": "http://osvdb.org/34282" + }, + { + "name": "20070316 [NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7 ALL PLATFORMS][REMOTE BUFFER OVERFLOW CONDITION][LEVEL: EASY][RISK:MEDIUM]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463042/100/0/threade" + }, + { + "name": "24555", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24555" + }, + { + "name": "ADV-2007-0999", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0999" + }, + { + "name": "23007", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23007" + }, + { + "name": "2470", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2470" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5206.json b/2007/5xxx/CVE-2007-5206.json index 2ba22ac3d4d..f4dd09e7b4e 100644 --- a/2007/5xxx/CVE-2007-5206.json +++ b/2007/5xxx/CVE-2007-5206.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5206", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5206", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5245.json b/2007/5xxx/CVE-2007-5245.json index 38b923f63e5..c784ddca1be 100644 --- a/2007/5xxx/CVE-2007-5245.json +++ b/2007/5xxx/CVE-2007-5245.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071004 [RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481491/100/0/threaded" - }, - { - "name" : "http://risesecurity.org/advisory/RISE-2007003/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/advisory/RISE-2007003/" - }, - { - "name" : "http://risesecurity.org/blog/entry/3/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/blog/entry/3/" - }, - { - "name" : "http://risesecurity.org/exploit/18/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/18/" - }, - { - "name" : "http://www.risesecurity.org/advisory/RISE-2007003/", - "refsource" : "MISC", - "url" : "http://www.risesecurity.org/advisory/RISE-2007003/" - }, - { - "name" : "25917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25917" - }, - { - "name" : "25925", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25925" - }, - { - "name" : "ADV-2007-3380", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3380" - }, - { - "name" : "1018773", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018773" - }, - { - "name" : "27066", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27066" - }, - { - "name" : "28635", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28635" - }, - { - "name" : "firebird-attach-connect-bo(36957)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36957" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://risesecurity.org/advisory/RISE-2007003/", + "refsource": "MISC", + "url": "http://risesecurity.org/advisory/RISE-2007003/" + }, + { + "name": "25917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25917" + }, + { + "name": "28635", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28635" + }, + { + "name": "http://risesecurity.org/blog/entry/3/", + "refsource": "MISC", + "url": "http://risesecurity.org/blog/entry/3/" + }, + { + "name": "20071004 [RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481491/100/0/threaded" + }, + { + "name": "1018773", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018773" + }, + { + "name": "http://risesecurity.org/exploit/18/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/18/" + }, + { + "name": "firebird-attach-connect-bo(36957)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36957" + }, + { + "name": "ADV-2007-3380", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3380" + }, + { + "name": "25925", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25925" + }, + { + "name": "27066", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27066" + }, + { + "name": "http://www.risesecurity.org/advisory/RISE-2007003/", + "refsource": "MISC", + "url": "http://www.risesecurity.org/advisory/RISE-2007003/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5393.json b/2007/5xxx/CVE-2007-5393.json index fc01454509e..ac6ecbad97a 100644 --- a/2007/5xxx/CVE-2007-5393.json +++ b/2007/5xxx/CVE-2007-5393.json @@ -1,512 +1,512 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5393", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-5393", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483372" - }, - { - "name" : "http://secunia.com/secunia_research/2007-88/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-88/advisory/" - }, - { - "name" : "http://www.kde.org/info/security/advisory-20071107-1.txt", - "refsource" : "CONFIRM", - "url" : "http://www.kde.org/info/security/advisory-20071107-1.txt" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1926", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1926" - }, - { - "name" : "DSA-1408", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1408" - }, - { - "name" : "DSA-1480", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1480" - }, - { - "name" : "DSA-1509", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1509" - }, - { - "name" : "DSA-1537", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1537" - }, - { - "name" : "FEDORA-2007-3100", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" - }, - { - "name" : "FEDORA-2007-3031", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" - }, - { - "name" : "FEDORA-2007-3059", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" - }, - { - "name" : "FEDORA-2007-4031", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" - }, - { - "name" : "FEDORA-2007-3390", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" - }, - { - "name" : "FEDORA-2007-750", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" - }, - { - "name" : "GLSA-200711-22", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-22.xml" - }, - { - "name" : "GLSA-200711-34", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-34.xml" - }, - { - "name" : "GLSA-200805-13", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200805-13.xml" - }, - { - "name" : "MDKSA-2007:219", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" - }, - { - "name" : "MDKSA-2007:220", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" - }, - { - "name" : "MDKSA-2007:221", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" - }, - { - "name" : "MDKSA-2007:222", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" - }, - { - "name" : "MDKSA-2007:223", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" - }, - { - "name" : "MDKSA-2007:227", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" - }, - { - "name" : "MDKSA-2007:228", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" - }, - { - "name" : "MDKSA-2007:230", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" - }, - { - "name" : "RHSA-2007:1021", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1021.html" - }, - { - "name" : "RHSA-2007:1022", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1022.html" - }, - { - "name" : "RHSA-2007:1023", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1023.html" - }, - { - "name" : "RHSA-2007:1025", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1025.html" - }, - { - "name" : "RHSA-2007:1026", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1026.html" - }, - { - "name" : "RHSA-2007:1027", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1027.html" - }, - { - "name" : "RHSA-2007:1028", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1028.html" - }, - { - "name" : "RHSA-2007:1029", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1029.html" - }, - { - "name" : "RHSA-2007:1030", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1030.html" - }, - { - "name" : "RHSA-2007:1031", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1031.html" - }, - { - "name" : "RHSA-2007:1024", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1024.html" - }, - { - "name" : "RHSA-2007:1051", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1051.html" - }, - { - "name" : "SSA:2007-316-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882" - }, - { - "name" : "SUSE-SA:2007:060", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" - }, - { - "name" : "USN-542-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-542-1" - }, - { - "name" : "USN-542-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-542-2" - }, - { - "name" : "26367", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26367" - }, - { - "name" : "oval:org.mitre.oval:def:9839", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" - }, - { - "name" : "ADV-2007-3774", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3774" - }, - { - "name" : "ADV-2007-3775", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3775" - }, - { - "name" : "ADV-2007-3776", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3776" - }, - { - "name" : "ADV-2007-3779", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3779" - }, - { - "name" : "ADV-2007-3786", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3786" - }, - { - "name" : "1018905", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018905" - }, - { - "name" : "27260", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27260" - }, - { - "name" : "27553", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27553" - }, - { - "name" : "27573", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27573" - }, - { - "name" : "27574", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27574" - }, - { - "name" : "27575", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27575" - }, - { - "name" : "27577", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27577" - }, - { - "name" : "27578", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27578" - }, - { - "name" : "27579", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27579" - }, - { - "name" : "27615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27615" - }, - { - "name" : "27637", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27637" - }, - { - "name" : "27599", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27599" - }, - { - "name" : "26503", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26503" - }, - { - "name" : "27618", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27618" - }, - { - "name" : "27619", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27619" - }, - { - "name" : "27640", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27640" - }, - { - "name" : "27641", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27641" - }, - { - "name" : "27642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27642" - }, - { - "name" : "27656", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27656" - }, - { - "name" : "27632", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27632" - }, - { - "name" : "27645", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27645" - }, - { - "name" : "27636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27636" - }, - { - "name" : "27634", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27634" - }, - { - "name" : "27658", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27658" - }, - { - "name" : "27705", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27705" - }, - { - "name" : "27721", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27721" - }, - { - "name" : "27724", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27724" - }, - { - "name" : "27743", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27743" - }, - { - "name" : "27772", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27772" - }, - { - "name" : "27856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27856" - }, - { - "name" : "28043", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28043" - }, - { - "name" : "27718", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27718" - }, - { - "name" : "28812", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28812" - }, - { - "name" : "29104", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29104" - }, - { - "name" : "29604", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29604" - }, - { - "name" : "30168", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30168" - }, - { - "name" : "xpdf-ccittfaxstreamlookchar-bo(38304)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27579", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27579" + }, + { + "name": "SUSE-SA:2007:060", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" + }, + { + "name": "27632", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27632" + }, + { + "name": "27743", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27743" + }, + { + "name": "MDKSA-2007:222", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" + }, + { + "name": "ADV-2007-3774", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3774" + }, + { + "name": "xpdf-ccittfaxstreamlookchar-bo(38304)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" + }, + { + "name": "27260", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27260" + }, + { + "name": "27856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27856" + }, + { + "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" + }, + { + "name": "27636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27636" + }, + { + "name": "29604", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29604" + }, + { + "name": "MDKSA-2007:223", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" + }, + { + "name": "27721", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27721" + }, + { + "name": "27724", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27724" + }, + { + "name": "ADV-2007-3776", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3776" + }, + { + "name": "FEDORA-2007-3059", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" + }, + { + "name": "27577", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27577" + }, + { + "name": "29104", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29104" + }, + { + "name": "FEDORA-2007-3031", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" + }, + { + "name": "oval:org.mitre.oval:def:9839", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" + }, + { + "name": "27618", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27618" + }, + { + "name": "27642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27642" + }, + { + "name": "FEDORA-2007-4031", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" + }, + { + "name": "27656", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27656" + }, + { + "name": "http://secunia.com/secunia_research/2007-88/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-88/advisory/" + }, + { + "name": "FEDORA-2007-3100", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" + }, + { + "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" + }, + { + "name": "RHSA-2007:1026", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" + }, + { + "name": "DSA-1509", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1509" + }, + { + "name": "RHSA-2007:1022", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" + }, + { + "name": "27573", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27573" + }, + { + "name": "RHSA-2007:1029", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" + }, + { + "name": "27641", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27641" + }, + { + "name": "GLSA-200805-13", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" + }, + { + "name": "28812", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28812" + }, + { + "name": "DSA-1537", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1537" + }, + { + "name": "FEDORA-2007-750", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" + }, + { + "name": "RHSA-2007:1031", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" + }, + { + "name": "27772", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27772" + }, + { + "name": "SSA:2007-316-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882" + }, + { + "name": "26367", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26367" + }, + { + "name": "27615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27615" + }, + { + "name": "RHSA-2007:1021", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" + }, + { + "name": "ADV-2007-3786", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3786" + }, + { + "name": "27645", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27645" + }, + { + "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483372" + }, + { + "name": "30168", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30168" + }, + { + "name": "27574", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27574" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1926", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1926" + }, + { + "name": "26503", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26503" + }, + { + "name": "MDKSA-2007:219", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" + }, + { + "name": "DSA-1480", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1480" + }, + { + "name": "GLSA-200711-22", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" + }, + { + "name": "27634", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27634" + }, + { + "name": "MDKSA-2007:227", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" + }, + { + "name": "http://www.kde.org/info/security/advisory-20071107-1.txt", + "refsource": "CONFIRM", + "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" + }, + { + "name": "28043", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28043" + }, + { + "name": "27619", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27619" + }, + { + "name": "MDKSA-2007:220", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" + }, + { + "name": "27705", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27705" + }, + { + "name": "27578", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27578" + }, + { + "name": "27640", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27640" + }, + { + "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" + }, + { + "name": "RHSA-2007:1023", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html" + }, + { + "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" + }, + { + "name": "27718", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27718" + }, + { + "name": "GLSA-200711-34", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" + }, + { + "name": "27599", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27599" + }, + { + "name": "27575", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27575" + }, + { + "name": "RHSA-2007:1028", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html" + }, + { + "name": "1018905", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018905" + }, + { + "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" + }, + { + "name": "FEDORA-2007-3390", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" + }, + { + "name": "MDKSA-2007:228", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" + }, + { + "name": "ADV-2007-3775", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3775" + }, + { + "name": "RHSA-2007:1027", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" + }, + { + "name": "RHSA-2007:1030", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" + }, + { + "name": "USN-542-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-542-1" + }, + { + "name": "27658", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27658" + }, + { + "name": "RHSA-2007:1024", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" + }, + { + "name": "MDKSA-2007:230", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" + }, + { + "name": "USN-542-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-542-2" + }, + { + "name": "RHSA-2007:1025", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" + }, + { + "name": "ADV-2007-3779", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3779" + }, + { + "name": "DSA-1408", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1408" + }, + { + "name": "RHSA-2007:1051", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html" + }, + { + "name": "MDKSA-2007:221", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" + }, + { + "name": "27553", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27553" + }, + { + "name": "27637", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27637" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5432.json b/2007/5xxx/CVE-2007-5432.json index 10bc859d463..ef2ceb56346 100644 --- a/2007/5xxx/CVE-2007-5432.json +++ b/2007/5xxx/CVE-2007-5432.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5432", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stride 1.0 has a default administrator username of \"scott\" with the password \"running\", which allows remote attackers to obtain administrative access through login.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 Vulnerabilities digest", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" - }, - { - "name" : "http://securityvulns.ru/Sdocument4.html", - "refsource" : "MISC", - "url" : "http://securityvulns.ru/Sdocument4.html" - }, - { - "name" : "43485", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43485" - }, - { - "name" : "3216", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stride 1.0 has a default administrator username of \"scott\" with the password \"running\", which allows remote attackers to obtain administrative access through login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071010 Vulnerabilities digest", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded" + }, + { + "name": "3216", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3216" + }, + { + "name": "http://securityvulns.ru/Sdocument4.html", + "refsource": "MISC", + "url": "http://securityvulns.ru/Sdocument4.html" + }, + { + "name": "43485", + "refsource": "OSVDB", + "url": "http://osvdb.org/43485" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5575.json b/2007/5xxx/CVE-2007-5575.json index 6ce03e49809..8a138763c74 100644 --- a/2007/5xxx/CVE-2007-5575.json +++ b/2007/5xxx/CVE-2007-5575.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5575", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file containing PHP code and (2) unspecified use of the forum component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5575", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "27259", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27259" - }, - { - "name" : "1024cms-unspecified-csfr(37267)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37267" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file containing PHP code and (2) unspecified use of the forum component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27259", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27259" + }, + { + "name": "1024cms-unspecified-csfr(37267)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37267" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5597.json b/2007/5xxx/CVE-2007-5597.json index 0b4d89c5c87..3bb63ad781e 100644 --- a/2007/5xxx/CVE-2007-5597.json +++ b/2007/5xxx/CVE-2007-5597.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5597", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by (1) Organic groups and (2) Subscriptions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5597", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/184354", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/184354" - }, - { - "name" : "FEDORA-2007-2649", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00328.html" - }, - { - "name" : "26119", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26119" - }, - { - "name" : "ADV-2007-3546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3546" - }, - { - "name" : "27292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27292" - }, - { - "name" : "27352", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27352" - }, - { - "name" : "drupal-api-information-disclosure(37296)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37296" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by (1) Organic groups and (2) Subscriptions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3546" + }, + { + "name": "http://drupal.org/node/184354", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/184354" + }, + { + "name": "drupal-api-information-disclosure(37296)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37296" + }, + { + "name": "27292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27292" + }, + { + "name": "FEDORA-2007-2649", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00328.html" + }, + { + "name": "27352", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27352" + }, + { + "name": "26119", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26119" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5909.json b/2007/5xxx/CVE-2007-5909.json index ff0d5b5a29d..85ab23bd402 100644 --- a/2007/5xxx/CVE-2007-5909.json +++ b/2007/5xxx/CVE-2007-5909.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5909", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5909", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482664" - }, - { - "name" : "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483102/100/0/threaded" - }, - { - "name" : "http://vuln.sg/lotusnotes702-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/lotusnotes702-en.html" - }, - { - "name" : "http://vuln.sg/lotusnotes702doc-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/lotusnotes702doc-en.html" - }, - { - "name" : "http://vuln.sg/lotusnotes702mif-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/lotusnotes702mif-en.html" - }, - { - "name" : "http://vuln.sg/lotusnotes702sam-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/lotusnotes702sam-en.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html" - }, - { - "name" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html", - "refsource" : "CONFIRM", - "url" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836" - }, - { - "name" : "26175", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26175" - }, - { - "name" : "ADV-2007-3596", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3596" - }, - { - "name" : "ADV-2007-3697", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3697" - }, - { - "name" : "1018853", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018853" - }, - { - "name" : "1018886", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018886" - }, - { - "name" : "27304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27304" - }, - { - "name" : "3357", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3357" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3357", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3357" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111" + }, + { + "name": "1018853", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018853" + }, + { + "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482664" + }, + { + "name": "ADV-2007-3697", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3697" + }, + { + "name": "26175", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26175" + }, + { + "name": "http://vuln.sg/lotusnotes702sam-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/lotusnotes702sam-en.html" + }, + { + "name": "http://vuln.sg/lotusnotes702mif-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/lotusnotes702mif-en.html" + }, + { + "name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded" + }, + { + "name": "27304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27304" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836" + }, + { + "name": "http://vuln.sg/lotusnotes702-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/lotusnotes702-en.html" + }, + { + "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html", + "refsource": "CONFIRM", + "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html" + }, + { + "name": "1018886", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018886" + }, + { + "name": "ADV-2007-3596", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3596" + }, + { + "name": "http://vuln.sg/lotusnotes702doc-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/lotusnotes702doc-en.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3006.json b/2015/3xxx/CVE-2015-3006.json index 3886f707c94..fa6970a4092 100644 --- a/2015/3xxx/CVE-2015-3006.json +++ b/2015/3xxx/CVE-2015-3006.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3006", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3006", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3296.json b/2015/3xxx/CVE-2015-3296.json index 88951cac088..632ecf6e7fe 100644 --- a/2015/3xxx/CVE-2015-3296.json +++ b/2015/3xxx/CVE-2015-3296.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3296", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript: or (2) data: URLs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3296", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150410 Re: CVE request - NodeBB Persistent XSS through Markdown", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/10/10" - }, - { - "name" : "https://github.com/julianlam/nodebb-plugin-markdown/commit/ab7f2684750882f7baefbfa31db8d5aac71e6ec3", - "refsource" : "CONFIRM", - "url" : "https://github.com/julianlam/nodebb-plugin-markdown/commit/ab7f2684750882f7baefbfa31db8d5aac71e6ec3" - }, - { - "name" : "71824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71824" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript: or (2) data: URLs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150410 Re: CVE request - NodeBB Persistent XSS through Markdown", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/10/10" + }, + { + "name": "71824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71824" + }, + { + "name": "https://github.com/julianlam/nodebb-plugin-markdown/commit/ab7f2684750882f7baefbfa31db8d5aac71e6ec3", + "refsource": "CONFIRM", + "url": "https://github.com/julianlam/nodebb-plugin-markdown/commit/ab7f2684750882f7baefbfa31db8d5aac71e6ec3" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3846.json b/2015/3xxx/CVE-2015-3846.json index e2823a4c82e..7b0b1d5e298 100644 --- a/2015/3xxx/CVE-2015-3846.json +++ b/2015/3xxx/CVE-2015-3846.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3846", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3846", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4318.json b/2015/4xxx/CVE-2015-4318.json index 608b52528f9..32ea6621ef3 100644 --- a/2015/4xxx/CVE-2015-4318.json +++ b/2015/4xxx/CVE-2015-4318.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4318", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4318", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150813 Cisco TelePresence Video Communication Server Expressway Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40443" - }, - { - "name" : "76347", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76347" - }, - { - "name" : "1033281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150813 Cisco TelePresence Video Communication Server Expressway Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40443" + }, + { + "name": "1033281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033281" + }, + { + "name": "76347", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76347" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4598.json b/2015/4xxx/CVE-2015-4598.json index 6e345b0eaad..1342c33e27a 100644 --- a/2015/4xxx/CVE-2015-4598.json +++ b/2015/4xxx/CVE-2015-4598.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4598", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\\0.html attack that bypasses an intended configuration in which client users may write to only .html files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-4598", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150616 Re: CVE Request: various issues in PHP", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/06/16/12" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=69719", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=69719" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3344", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3344" - }, - { - "name" : "RHSA-2015:1187", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" - }, - { - "name" : "RHSA-2015:1135", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" - }, - { - "name" : "RHSA-2015:1186", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" - }, - { - "name" : "RHSA-2015:1218", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" - }, - { - "name" : "RHSA-2015:1219", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1219.html" - }, - { - "name" : "75244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75244" - }, - { - "name" : "1032709", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032709" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\\0.html attack that bypasses an intended configuration in which client users may write to only .html files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1187", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" + }, + { + "name": "1032709", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032709" + }, + { + "name": "RHSA-2015:1186", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" + }, + { + "name": "DSA-3344", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3344" + }, + { + "name": "RHSA-2015:1219", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=69719", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=69719" + }, + { + "name": "[oss-security] 20150616 Re: CVE Request: various issues in PHP", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12" + }, + { + "name": "75244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75244" + }, + { + "name": "RHSA-2015:1135", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" + }, + { + "name": "RHSA-2015:1218", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7156.json b/2015/7xxx/CVE-2015-7156.json index b318b9e360e..07312db3436 100644 --- a/2015/7xxx/CVE-2015-7156.json +++ b/2015/7xxx/CVE-2015-7156.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7156", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7156", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7564.json b/2015/7xxx/CVE-2015-7564.json index 4fdc33660c6..371b0e73c7c 100644 --- a/2015/7xxx/CVE-2015-7564.json +++ b/2015/7xxx/CVE-2015-7564.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7564", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7564", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39559", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39559/" - }, - { - "name" : "https://github.com/nilsteampassnet/TeamPass/pull/1140", - "refsource" : "CONFIRM", - "url" : "https://github.com/nilsteampassnet/TeamPass/pull/1140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39559", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39559/" + }, + { + "name": "https://github.com/nilsteampassnet/TeamPass/pull/1140", + "refsource": "CONFIRM", + "url": "https://github.com/nilsteampassnet/TeamPass/pull/1140" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7777.json b/2015/7xxx/CVE-2015-7777.json index 4cb6702d7c6..f41db4d3e6b 100644 --- a/2015/7xxx/CVE-2015-7777.json +++ b/2015/7xxx/CVE-2015-7777.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02 allows remote attackers to inject arbitrary web script or HTML via a crafted URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/josephernest/void/commit/84b9615ae7fe233c40a80bf749085caaef6f4919", - "refsource" : "CONFIRM", - "url" : "https://github.com/josephernest/void/commit/84b9615ae7fe233c40a80bf749085caaef6f4919" - }, - { - "name" : "JVN#20649799", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN20649799/index.html" - }, - { - "name" : "JVNDB-2015-000184", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000184" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02 allows remote attackers to inject arbitrary web script or HTML via a crafted URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#20649799", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN20649799/index.html" + }, + { + "name": "JVNDB-2015-000184", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000184" + }, + { + "name": "https://github.com/josephernest/void/commit/84b9615ae7fe233c40a80bf749085caaef6f4919", + "refsource": "CONFIRM", + "url": "https://github.com/josephernest/void/commit/84b9615ae7fe233c40a80bf749085caaef6f4919" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8104.json b/2015/8xxx/CVE-2015-8104.json index a77e516733f..f706efe024e 100644 --- a/2015/8xxx/CVE-2015-8104.json +++ b/2015/8xxx/CVE-2015-8104.json @@ -1,267 +1,267 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8104", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8104", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151110 CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/10/5" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d" - }, - { - "name" : "http://xenbits.xen.org/xsa/advisory-156.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-156.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1278496", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1278496" - }, - { - "name" : "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d" - }, - { - "name" : "http://support.citrix.com/article/CTX203879", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX203879" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://support.citrix.com/article/CTX202583", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX202583" - }, - { - "name" : "https://kb.juniper.net/JSA10783", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/JSA10783" - }, - { - "name" : "DSA-3426", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3426" - }, - { - "name" : "DSA-3454", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3454" - }, - { - "name" : "DSA-3414", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3414" - }, - { - "name" : "FEDORA-2015-394835a3f6", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html" - }, - { - "name" : "FEDORA-2015-668d213dc3", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html" - }, - { - "name" : "FEDORA-2015-f150b2a8c8", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html" - }, - { - "name" : "RHSA-2016:0046", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0046.html" - }, - { - "name" : "RHSA-2015:2636", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2636.html" - }, - { - "name" : "RHSA-2015:2645", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2645.html" - }, - { - "name" : "SUSE-SU-2016:2074", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" - }, - { - "name" : "openSUSE-SU-2016:1008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" - }, - { - "name" : "SUSE-SU-2016:0354", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" - }, - { - "name" : "SUSE-SU-2015:2108", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" - }, - { - "name" : "SUSE-SU-2015:2194", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" - }, - { - "name" : "SUSE-SU-2015:2339", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" - }, - { - "name" : "SUSE-SU-2015:2350", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" - }, - { - "name" : "openSUSE-SU-2015:2232", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" - }, - { - "name" : "openSUSE-SU-2015:2250", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html" - }, - { - "name" : "USN-2841-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2841-1" - }, - { - "name" : "USN-2841-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2841-2" - }, - { - "name" : "USN-2842-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-1" - }, - { - "name" : "USN-2842-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-2" - }, - { - "name" : "USN-2843-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-1" - }, - { - "name" : "USN-2843-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-2" - }, - { - "name" : "USN-2844-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2844-1" - }, - { - "name" : "USN-2840-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2840-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "77524", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77524" - }, - { - "name" : "1034105", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2636", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "USN-2841-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2841-2" + }, + { + "name": "FEDORA-2015-f150b2a8c8", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html" + }, + { + "name": "SUSE-SU-2015:2350", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" + }, + { + "name": "https://kb.juniper.net/JSA10783", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA10783" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1278496", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278496" + }, + { + "name": "DSA-3454", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3454" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "RHSA-2015:2645", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html" + }, + { + "name": "USN-2840-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2840-1" + }, + { + "name": "77524", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77524" + }, + { + "name": "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d" + }, + { + "name": "openSUSE-SU-2015:2250", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "[oss-security] 20151110 CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/10/5" + }, + { + "name": "USN-2843-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-1" + }, + { + "name": "SUSE-SU-2015:2194", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "USN-2844-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2844-1" + }, + { + "name": "openSUSE-SU-2015:2232", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" + }, + { + "name": "USN-2842-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-2" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-156.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-156.html" + }, + { + "name": "SUSE-SU-2016:0354", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" + }, + { + "name": "USN-2843-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-2" + }, + { + "name": "FEDORA-2015-668d213dc3", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html" + }, + { + "name": "SUSE-SU-2015:2339", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" + }, + { + "name": "SUSE-SU-2015:2108", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "USN-2842-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-1" + }, + { + "name": "FEDORA-2015-394835a3f6", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html" + }, + { + "name": "DSA-3414", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3414" + }, + { + "name": "http://support.citrix.com/article/CTX202583", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX202583" + }, + { + "name": "1034105", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034105" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "SUSE-SU-2016:2074", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" + }, + { + "name": "USN-2841-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2841-1" + }, + { + "name": "http://support.citrix.com/article/CTX203879", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX203879" + }, + { + "name": "DSA-3426", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3426" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d" + }, + { + "name": "RHSA-2016:0046", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html" + }, + { + "name": "openSUSE-SU-2016:1008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8285.json b/2015/8xxx/CVE-2015-8285.json index 43fe0831e49..198f7f367cf 100644 --- a/2015/8xxx/CVE-2015-8285.json +++ b/2015/8xxx/CVE-2015-8285.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8285", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-8285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39475", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39475/" - }, - { - "name" : "97996", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97996" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39475", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39475/" + }, + { + "name": "97996", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97996" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8898.json b/2015/8xxx/CVE-2015-8898.json index 101a1452bfe..5453be665cf 100644 --- a/2015/8xxx/CVE-2015-8898.json +++ b/2015/8xxx/CVE-2015-8898.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8898", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8898", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160602 Re: ImageMagick CVEs", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/pull/34", - "refsource" : "MISC", - "url" : "https://github.com/ImageMagick/ImageMagick/pull/34" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "RHSA-2016:1237", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1237" - }, - { - "name" : "91039", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91039" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1237", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1237" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/pull/34", + "refsource": "MISC", + "url": "https://github.com/ImageMagick/ImageMagick/pull/34" + }, + { + "name": "91039", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91039" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44" + }, + { + "name": "[oss-security] 20160602 Re: ImageMagick CVEs", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9085.json b/2015/9xxx/CVE-2015-9085.json index 4f43a026a98..5e0b1597246 100644 --- a/2015/9xxx/CVE-2015-9085.json +++ b/2015/9xxx/CVE-2015-9085.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9085", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9085", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0209.json b/2016/0xxx/CVE-2016-0209.json index f72c8fa3da9..6e38a2c9186 100644 --- a/2016/0xxx/CVE-2016-0209.json +++ b/2016/0xxx/CVE-2016-0209.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0209", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0209", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21974564", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21974564" - }, - { - "name" : "1034844", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034844" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034844", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034844" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21974564", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974564" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1531.json b/2016/1xxx/CVE-2016-1531.json index 62bf8eab5a9..ba2117d18ac 100644 --- a/2016/1xxx/CVE-2016-1531.json +++ b/2016/1xxx/CVE-2016-1531.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1531", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1531", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39535", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39535/" - }, - { - "name" : "39702", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39702/" - }, - { - "name" : "39549", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39549/" - }, - { - "name" : "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup" - }, - { - "name" : "http://www.exim.org/static/doc/CVE-2016-1531.txt", - "refsource" : "CONFIRM", - "url" : "http://www.exim.org/static/doc/CVE-2016-1531.txt" - }, - { - "name" : "DSA-3517", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3517" - }, - { - "name" : "openSUSE-SU-2016:0721", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html" - }, - { - "name" : "USN-2933-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2933-1" - }, - { - "name" : "1035512", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035512" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3517", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3517" + }, + { + "name": "39535", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39535/" + }, + { + "name": "1035512", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035512" + }, + { + "name": "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html" + }, + { + "name": "openSUSE-SU-2016:0721", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html" + }, + { + "name": "39702", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39702/" + }, + { + "name": "USN-2933-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2933-1" + }, + { + "name": "http://www.exim.org/static/doc/CVE-2016-1531.txt", + "refsource": "CONFIRM", + "url": "http://www.exim.org/static/doc/CVE-2016-1531.txt" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup" + }, + { + "name": "39549", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39549/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1893.json b/2016/1xxx/CVE-2016-1893.json index 7bd89d050a1..4e354697b4f 100644 --- a/2016/1xxx/CVE-2016-1893.json +++ b/2016/1xxx/CVE-2016-1893.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1893", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1893", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1901.json b/2016/1xxx/CVE-2016-1901.json index 058e568b56c..2ff2cbcbd0c 100644 --- a/2016/1xxx/CVE-2016-1901.json +++ b/2016/1xxx/CVE-2016-1901.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released", - "refsource" : "MLIST", - "url" : "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html" - }, - { - "name" : "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/14/3" - }, - { - "name" : "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/14/6" - }, - { - "name" : "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763", - "refsource" : "CONFIRM", - "url" : "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763" - }, - { - "name" : "DSA-3545", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3545" - }, - { - "name" : "FEDORA-2016-215b507409", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html" - }, - { - "name" : "FEDORA-2016-e5a5fb196f", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html" - }, - { - "name" : "openSUSE-SU-2016:0196", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html" - }, - { - "name" : "openSUSE-SU-2016:0218", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/3" + }, + { + "name": "openSUSE-SU-2016:0218", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html" + }, + { + "name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released", + "refsource": "MLIST", + "url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html" + }, + { + "name": "FEDORA-2016-e5a5fb196f", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html" + }, + { + "name": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763", + "refsource": "CONFIRM", + "url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763" + }, + { + "name": "openSUSE-SU-2016:0196", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html" + }, + { + "name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/6" + }, + { + "name": "DSA-3545", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3545" + }, + { + "name": "FEDORA-2016-215b507409", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1947.json b/2016/1xxx/CVE-2016-1947.json index fffa12dbd5b..aeba2fb75be 100644 --- a/2016/1xxx/CVE-2016-1947.json +++ b/2016/1xxx/CVE-2016-1947.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-1947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-11.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-11.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1237103", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1237103" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "openSUSE-SU-2016:0306", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html" - }, - { - "name" : "openSUSE-SU-2016:0309", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html" - }, - { - "name" : "USN-2880-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2880-1" - }, - { - "name" : "USN-2880-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2880-2" - }, - { - "name" : "81949", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81949" - }, - { - "name" : "1034825", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034825" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-11.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-11.html" + }, + { + "name": "1034825", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034825" + }, + { + "name": "81949", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81949" + }, + { + "name": "USN-2880-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2880-1" + }, + { + "name": "USN-2880-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2880-2" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1237103", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1237103" + }, + { + "name": "openSUSE-SU-2016:0309", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "openSUSE-SU-2016:0306", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5130.json b/2016/5xxx/CVE-2016-5130.json index 05d19dac241..e549db872e1 100644 --- a/2016/5xxx/CVE-2016-5130.json +++ b/2016/5xxx/CVE-2016-5130.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5130", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5130", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=626838", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=626838" - }, - { - "name" : "https://codereview.chromium.org/2134493002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2134493002/" - }, - { - "name" : "https://codereview.chromium.org/2144823002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2144823002" - }, - { - "name" : "https://crbug.com/623319", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/623319" - }, - { - "name" : "DSA-3637", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3637" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:1485", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1485.html" - }, - { - "name" : "openSUSE-SU-2016:1865", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" - }, - { - "name" : "openSUSE-SU-2016:1868", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" - }, - { - "name" : "openSUSE-SU-2016:1869", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" - }, - { - "name" : "openSUSE-SU-2016:1918", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" - }, - { - "name" : "USN-3041-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3041-1" - }, - { - "name" : "92053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92053" - }, - { - "name" : "1036428", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://crbug.com/623319", + "refsource": "CONFIRM", + "url": "https://crbug.com/623319" + }, + { + "name": "openSUSE-SU-2016:1868", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" + }, + { + "name": "openSUSE-SU-2016:1869", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" + }, + { + "name": "92053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92053" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" + }, + { + "name": "USN-3041-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3041-1" + }, + { + "name": "openSUSE-SU-2016:1918", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=626838", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=626838" + }, + { + "name": "https://codereview.chromium.org/2134493002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2134493002/" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "openSUSE-SU-2016:1865", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" + }, + { + "name": "https://codereview.chromium.org/2144823002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2144823002" + }, + { + "name": "RHSA-2016:1485", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html" + }, + { + "name": "1036428", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036428" + }, + { + "name": "DSA-3637", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3637" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5180.json b/2016/5xxx/CVE-2016-5180.json index 61a29fe6b3b..8d2d3a6f6ef 100644 --- a/2016/5xxx/CVE-2016-5180.json +++ b/2016/5xxx/CVE-2016-5180.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://c-ares.haxx.se/CVE-2016-5180.patch", - "refsource" : "CONFIRM", - "url" : "https://c-ares.haxx.se/CVE-2016-5180.patch" - }, - { - "name" : "https://c-ares.haxx.se/adv_20160929.html", - "refsource" : "CONFIRM", - "url" : "https://c-ares.haxx.se/adv_20160929.html" - }, - { - "name" : "https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html", - "refsource" : "CONFIRM", - "url" : "https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html" - }, - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "DSA-3682", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3682" - }, - { - "name" : "GLSA-201701-28", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-28" - }, - { - "name" : "RHSA-2017:0002", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0002.html" - }, - { - "name" : "USN-3143-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3143-1" - }, - { - "name" : "93243", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "93243", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93243" + }, + { + "name": "USN-3143-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3143-1" + }, + { + "name": "GLSA-201701-28", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-28" + }, + { + "name": "DSA-3682", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3682" + }, + { + "name": "https://c-ares.haxx.se/adv_20160929.html", + "refsource": "CONFIRM", + "url": "https://c-ares.haxx.se/adv_20160929.html" + }, + { + "name": "https://c-ares.haxx.se/CVE-2016-5180.patch", + "refsource": "CONFIRM", + "url": "https://c-ares.haxx.se/CVE-2016-5180.patch" + }, + { + "name": "https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html", + "refsource": "CONFIRM", + "url": "https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html" + }, + { + "name": "RHSA-2017:0002", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0002.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2023.json b/2018/2xxx/CVE-2018-2023.json index ee3bf409f00..ae6c6e9d0b6 100644 --- a/2018/2xxx/CVE-2018-2023.json +++ b/2018/2xxx/CVE-2018-2023.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2023", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2023", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2773.json b/2018/2xxx/CVE-2018-2773.json index 2876d952f0a..de7467be17a 100644 --- a/2018/2xxx/CVE-2018-2773.json +++ b/2018/2xxx/CVE-2018-2773.json @@ -1,121 +1,121 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.5.59 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.6.39 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.21 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.5.59 and prior" + }, + { + "version_affected": "=", + "version_value": "5.6.39 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.21 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" - }, - { - "name" : "DSA-4176", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4176" - }, - { - "name" : "RHSA-2018:1254", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1254" - }, - { - "name" : "RHSA-2018:3655", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3655" - }, - { - "name" : "USN-3629-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-1/" - }, - { - "name" : "USN-3629-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-2/" - }, - { - "name" : "USN-3629-3", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-3/" - }, - { - "name" : "103811", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103811" - }, - { - "name" : "1040698", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040698" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040698", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040698" + }, + { + "name": "RHSA-2018:1254", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1254" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180419-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180419-0002/" + }, + { + "name": "DSA-4176", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4176" + }, + { + "name": "103811", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103811" + }, + { + "name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html" + }, + { + "name": "RHSA-2018:3655", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3655" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "USN-3629-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-1/" + }, + { + "name": "USN-3629-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-2/" + }, + { + "name": "USN-3629-3", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-3/" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2988.json b/2018/2xxx/CVE-2018-2988.json index 7080853288a..76c0b29431b 100644 --- a/2018/2xxx/CVE-2018-2988.json +++ b/2018/2xxx/CVE-2018-2988.json @@ -1,101 +1,101 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2988", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Marketing", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "12.1.1" - }, - { - "version_affected" : "=", - "version_value" : "12.1.2" - }, - { - "version_affected" : "=", - "version_value" : "12.1.3" - }, - { - "version_affected" : "=", - "version_value" : "12.2.3" - }, - { - "version_affected" : "=", - "version_value" : "12.2.4" - }, - { - "version_affected" : "=", - "version_value" : "12.2.5" - }, - { - "version_affected" : "=", - "version_value" : "12.2.6" - }, - { - "version_affected" : "=", - "version_value" : "12.2.7" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Products). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert or delete access to some of Oracle Marketing accessible data. CVSS 3.0 Base Score 6.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert or delete access to some of Oracle Marketing accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2988", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Marketing", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.1.1" + }, + { + "version_affected": "=", + "version_value": "12.1.2" + }, + { + "version_affected": "=", + "version_value": "12.1.3" + }, + { + "version_affected": "=", + "version_value": "12.2.3" + }, + { + "version_affected": "=", + "version_value": "12.2.4" + }, + { + "version_affected": "=", + "version_value": "12.2.5" + }, + { + "version_affected": "=", + "version_value": "12.2.6" + }, + { + "version_affected": "=", + "version_value": "12.2.7" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "104841", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104841" - }, - { - "name" : "1041309", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041309" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Products). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert or delete access to some of Oracle Marketing accessible data. CVSS 3.0 Base Score 6.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert or delete access to some of Oracle Marketing accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "104841", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104841" + }, + { + "name": "1041309", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041309" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0366.json b/2019/0xxx/CVE-2019-0366.json index 9ff28b8cb43..f2e53371791 100644 --- a/2019/0xxx/CVE-2019-0366.json +++ b/2019/0xxx/CVE-2019-0366.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0366", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0366", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0502.json b/2019/0xxx/CVE-2019-0502.json index 34e7eeb95f7..a867793f47c 100644 --- a/2019/0xxx/CVE-2019-0502.json +++ b/2019/0xxx/CVE-2019-0502.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0502", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0502", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1351.json b/2019/1xxx/CVE-2019-1351.json index b4c777726c0..504f5f0b50d 100644 --- a/2019/1xxx/CVE-2019-1351.json +++ b/2019/1xxx/CVE-2019-1351.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1351", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1351", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1477.json b/2019/1xxx/CVE-2019-1477.json index 55d751f4b5f..3c7bb265658 100644 --- a/2019/1xxx/CVE-2019-1477.json +++ b/2019/1xxx/CVE-2019-1477.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1477", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1477", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1754.json b/2019/1xxx/CVE-2019-1754.json index cdeeb6e5667..e2cea6b44a0 100644 --- a/2019/1xxx/CVE-2019-1754.json +++ b/2019/1xxx/CVE-2019-1754.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1754", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1754", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1868.json b/2019/1xxx/CVE-2019-1868.json index 3f03621c785..a8eca639b43 100644 --- a/2019/1xxx/CVE-2019-1868.json +++ b/2019/1xxx/CVE-2019-1868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4203.json b/2019/4xxx/CVE-2019-4203.json index 989947e94e5..0a7bf18b2f8 100644 --- a/2019/4xxx/CVE-2019-4203.json +++ b/2019/4xxx/CVE-2019-4203.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4203", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4203", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4435.json b/2019/4xxx/CVE-2019-4435.json index 7a2b021bdc6..ff22fe8c26a 100644 --- a/2019/4xxx/CVE-2019-4435.json +++ b/2019/4xxx/CVE-2019-4435.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4435", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4435", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4732.json b/2019/4xxx/CVE-2019-4732.json index 8e7ad28b7fc..e2e4d605408 100644 --- a/2019/4xxx/CVE-2019-4732.json +++ b/2019/4xxx/CVE-2019-4732.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4732", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4732", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4807.json b/2019/4xxx/CVE-2019-4807.json index 4549fd95ab7..dd25070102f 100644 --- a/2019/4xxx/CVE-2019-4807.json +++ b/2019/4xxx/CVE-2019-4807.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4807", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4807", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5062.json b/2019/5xxx/CVE-2019-5062.json index a2f9fa826fc..ca18f6d7f47 100644 --- a/2019/5xxx/CVE-2019-5062.json +++ b/2019/5xxx/CVE-2019-5062.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5062", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5062", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5115.json b/2019/5xxx/CVE-2019-5115.json index 70312f19512..0faba2d7863 100644 --- a/2019/5xxx/CVE-2019-5115.json +++ b/2019/5xxx/CVE-2019-5115.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5115", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5115", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5479.json b/2019/5xxx/CVE-2019-5479.json index 72a3cb0c763..7212fa1e172 100644 --- a/2019/5xxx/CVE-2019-5479.json +++ b/2019/5xxx/CVE-2019-5479.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5479", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5479", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9309.json b/2019/9xxx/CVE-2019-9309.json index ed21f89a4c0..a8dcd2e24ca 100644 --- a/2019/9xxx/CVE-2019-9309.json +++ b/2019/9xxx/CVE-2019-9309.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9309", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9309", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9342.json b/2019/9xxx/CVE-2019-9342.json index c7e17b1eeca..4264c23c87e 100644 --- a/2019/9xxx/CVE-2019-9342.json +++ b/2019/9xxx/CVE-2019-9342.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9342", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9342", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9482.json b/2019/9xxx/CVE-2019-9482.json index 24bc1ff86b0..8d12825c49c 100644 --- a/2019/9xxx/CVE-2019-9482.json +++ b/2019/9xxx/CVE-2019-9482.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9482", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Exploiting this requires access to the event that has received the sighting. The issue affects instances with restrictive sighting settings (event only / sighting reported only)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9482", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155", - "refsource" : "MISC", - "url" : "https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Exploiting this requires access to the event that has received the sighting. The issue affects instances with restrictive sighting settings (event only / sighting reported only)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155", + "refsource": "MISC", + "url": "https://github.com/MISP/MISP/commit/c69969329d197bcdd04832b03310fa73f4eb7155" + } + ] + } +} \ No newline at end of file