From 547f737b3320e42863562a519120b7e7275997ec Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 6 Sep 2019 19:01:03 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/7xxx/CVE-2016-7398.json | 58 ++++++++++++++++++++++++- 2019/11xxx/CVE-2019-11926.json | 8 ++-- 2019/15xxx/CVE-2019-15846.json | 5 +++ 2019/15xxx/CVE-2019-15952.json | 5 +++ 2019/16xxx/CVE-2019-16059.json | 62 +++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16060.json | 62 +++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9854.json | 77 +++++++++++++++++++++++++++++++--- 2019/9xxx/CVE-2019-9855.json | 77 +++++++++++++++++++++++++++++++--- 8 files changed, 336 insertions(+), 18 deletions(-) create mode 100644 2019/16xxx/CVE-2019-16059.json create mode 100644 2019/16xxx/CVE-2019-16060.json diff --git a/2016/7xxx/CVE-2016-7398.json b/2016/7xxx/CVE-2016-7398.json index a06bd476f35..7fba7db678a 100644 --- a/2016/7xxx/CVE-2016-7398.json +++ b/2016/7xxx/CVE-2016-7398.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7398", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.php.net/bug.php?id=73055", + "refsource": "MISC", + "name": "https://bugs.php.net/bug.php?id=73055" + }, + { + "url": "https://github.com/m6w6/ext-http/commit/17137d4ab1ce81a2cee0fae842340a344ef3da83", + "refsource": "MISC", + "name": "https://github.com/m6w6/ext-http/commit/17137d4ab1ce81a2cee0fae842340a344ef3da83" + }, + { + "refsource": "MISC", + "name": "https://bugs.php.net/bug.php?id=73055&edit=1", + "url": "https://bugs.php.net/bug.php?id=73055&edit=1" } ] } diff --git a/2019/11xxx/CVE-2019-11926.json b/2019/11xxx/CVE-2019-11926.json index 0d834ce7353..7b8e17f1057 100644 --- a/2019/11xxx/CVE-2019-11926.json +++ b/2019/11xxx/CVE-2019-11926.json @@ -120,13 +120,13 @@ "reference_data": [ { "refsource": "CONFIRM", - "name": "https://github.com/facebook/hhvm/commit/f9680d21beaa9eb39d166e8810e29fbafa51ad15", - "url": "https://github.com/facebook/hhvm/commit/f9680d21beaa9eb39d166e8810e29fbafa51ad15" + "name": "https://hhvm.com/blog/2019/09/03/security-update.html", + "url": "https://hhvm.com/blog/2019/09/03/security-update.html" }, { "refsource": "CONFIRM", - "name": "https://hhvm.com/blog/2019/09/03/security-update.html", - "url": "https://hhvm.com/blog/2019/09/03/security-update.html" + "name": "https://github.com/facebook/hhvm/commit/f9680d21beaa9eb39d166e8810e29fbafa51ad15", + "url": "https://github.com/facebook/hhvm/commit/f9680d21beaa9eb39d166e8810e29fbafa51ad15" }, { "refsource": "CONFIRM", diff --git a/2019/15xxx/CVE-2019-15846.json b/2019/15xxx/CVE-2019-15846.json index 404f0b15dbf..bc64ea843ef 100644 --- a/2019/15xxx/CVE-2019-15846.json +++ b/2019/15xxx/CVE-2019-15846.json @@ -86,6 +86,11 @@ "refsource": "UBUNTU", "name": "USN-4124-1", "url": "https://usn.ubuntu.com/4124-1/" + }, + { + "refsource": "CERT-VN", + "name": "VU#672565", + "url": "https://www.kb.cert.org/vuls/id/672565" } ] } diff --git a/2019/15xxx/CVE-2019-15952.json b/2019/15xxx/CVE-2019-15952.json index 340f253eb25..cf48c2621b2 100644 --- a/2019/15xxx/CVE-2019-15952.json +++ b/2019/15xxx/CVE-2019-15952.json @@ -61,6 +61,11 @@ "url": "https://github.com/beerpwn/CVE/blob/master/Totaljs_disclosure_report/report_final.pdf", "refsource": "MISC", "name": "https://github.com/beerpwn/CVE/blob/master/Totaljs_disclosure_report/report_final.pdf" + }, + { + "refsource": "FULLDISC", + "name": "20190906 Re: Totaljs CMS authenticated path traversal (could lead to RCE)", + "url": "http://seclists.org/fulldisclosure/2019/Sep/11" } ] } diff --git a/2019/16xxx/CVE-2019-16059.json b/2019/16xxx/CVE-2019-16059.json new file mode 100644 index 00000000000..71e884d139b --- /dev/null +++ b/2019/16xxx/CVE-2019-16059.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sentrifugo 3.2 lacks CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code at index.php/dashboard/viewprofile via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sevenlayers.com/index.php/246-sentrifugo-3-2-csrf", + "refsource": "MISC", + "name": "https://www.sevenlayers.com/index.php/246-sentrifugo-3-2-csrf" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16060.json b/2019/16xxx/CVE-2019-16060.json new file mode 100644 index 00000000000..9c378b379f4 --- /dev/null +++ b/2019/16xxx/CVE-2019-16060.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 (also, 4.2.2 and earlier are unaffected)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/airbrake/airbrake-ruby/issues/468", + "refsource": "MISC", + "name": "https://github.com/airbrake/airbrake-ruby/issues/468" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9854.json b/2019/9xxx/CVE-2019-9854.json index aea93d5105d..e424b1ec028 100644 --- a/2019/9xxx/CVE-2019-9854.json +++ b/2019/9xxx/CVE-2019-9854.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@documentfoundation.org", + "DATE_PUBLIC": "2019-09-06T00:00:00.000Z", "ID": "CVE-2019-9854", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Unsafe URL assembly flaw in allowed script location check" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "LibreOffice", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2", + "version_value": "6.2.7" + }, + { + "version_affected": "<", + "version_name": "6.3", + "version_value": "6.3.1" + } + ] + } + } + ] + }, + "vendor_name": "Document Foundation" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks to RiceX(@ricex_cc) for reporting this issue" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.7" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unsafe URL assembly flaw in allowed script location check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/", + "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9855.json b/2019/9xxx/CVE-2019-9855.json index 6d76d0b5418..90569d92f21 100644 --- a/2019/9xxx/CVE-2019-9855.json +++ b/2019/9xxx/CVE-2019-9855.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@documentfoundation.org", + "DATE_PUBLIC": "2019-09-06T00:00:00.000Z", "ID": "CVE-2019-9855", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Windows 8.3 path equivalence handling flaw allows LibreLogo script execution" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "LibreOffice", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2", + "version_value": "6.2.7" + }, + { + "version_affected": "<", + "version_name": "6.3", + "version_value": "6.3.1" + } + ] + } + } + ] + }, + "vendor_name": "Document Foundation" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks to alex (@insertscript) for reporting this issue" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.7" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Windows 8.3 path equivalence handling flaw" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/", + "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file