admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:04:53 +00:00
parent 0ba68b87bf
commit 55e3c54248
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 4464 additions and 4464 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
2002/0xxx/CVE-2002-0016.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0016", "ID": "CVE-2002-0016",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

104
2002/0xxx/CVE-2002-0133.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0133", "ID": "CVE-2002-0133",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy." "value": "Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020117 Avirt Proxy Buffer Overflow Vulnerabilities", "name": "avirt-telnet-proxy-bo(7918)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://online.securityfocus.com/archive/1/251055" "url": "http://www.iss.net/security_center/static/7918.php"
}, },
{ {
"name" : "20020121 [resend] Avirt Gateway Telnet Vulnerability (and more?)", "name": "20020212 Avirt Gateway 4.2 remote buffer overflow: proof of concept",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101164598828092&w=2" "url": "http://marc.info/?l=bugtraq&m=101366658112809&w=2"
}, },
{ {
"name" : "20020220 Avirt 4.2 question", "name": "20020121 [resend] Avirt Gateway Telnet Vulnerability (and more?)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101424723728817&w=2" "url": "http://marc.info/?l=bugtraq&m=101164598828092&w=2"
}, },
{ {
"name" : "20020212 Avirt Gateway 4.2 remote buffer overflow: proof of concept", "name": "20020117 Avirt Proxy Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101366658112809&w=2" "url": "http://online.securityfocus.com/archive/1/251055"
}, },
{ {
"name" : "3904", "name": "avirt-http-proxy-bo(7916)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/3904" "url": "http://www.iss.net/security_center/static/7916.php"
}, },
{ {
"name" : "3905", "name": "3905",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/3905" "url": "http://www.securityfocus.com/bid/3905"
}, },
{ {
"name" : "avirt-http-proxy-bo(7916)", "name": "3904",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/7916.php" "url": "http://www.securityfocus.com/bid/3904"
}, },
{ {
"name" : "avirt-telnet-proxy-bo(7918)", "name": "20020220 Avirt 4.2 question",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/7918.php" "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"
} }
] ]
} }

68
2002/2xxx/CVE-2002-2350.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2350", "ID": "CVE-2002-2350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter." "value": "Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021010 XSS bug in Zorum 2.4", "name": "20021010 XSS bug in Zorum 2.4",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-10/0152.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0152.html"
}, },
{ {
"name" : "zorum-zusershow-xss(10337)", "name": "zorum-zusershow-xss(10337)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/10337.php" "url": "http://www.iss.net/security_center/static/10337.php"
} }
] ]
} }

80
2002/2xxx/CVE-2002-2360.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2360", "ID": "CVE-2002-2360",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests." "value": "The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020828 Webmin Vulnerability Leads to Remote Compromise (RPC CGI)", "name": "5591",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html" "url": "http://www.securityfocus.com/bid/5591"
}, },
{ {
"name" : "http://www.securiteam.com/unixfocus/5CP0R1P80G.html", "name": "20020828 Webmin Vulnerability Leads to Remote Compromise (RPC CGI)",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.securiteam.com/unixfocus/5CP0R1P80G.html" "url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html"
}, },
{ {
"name" : "5591", "name": "http://www.securiteam.com/unixfocus/5CP0R1P80G.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/5591" "url": "http://www.securiteam.com/unixfocus/5CP0R1P80G.html"
}, },
{ {
"name" : "webmin-cgi-improper-permissions(9983)", "name": "webmin-cgi-improper-permissions(9983)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/9983.php" "url": "http://www.iss.net/security_center/static/9983.php"
} }
] ]
} }

98
2005/0xxx/CVE-2005-0705.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-0705", "ID": "CVE-2005-0705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the \"ignore cipher bit\" option enabled. allows remote attackers to cause a denial of service (application crash)." "value": "The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the \"ignore cipher bit\" option enabled. allows remote attackers to cause a denial of service (application crash)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00018.html", "name": "GLSA-200503-16",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00018.html" "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml"
}, },
{ {
"name" : "FLSA-2006:152922", "name": "MDKSA-2005:053",
"refsource" : "FEDORA", "refsource": "MANDRAKE",
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:053"
}, },
{ {
"name" : "GLSA-200503-16", "name": "http://www.ethereal.com/appnotes/enpa-sa-00018.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-16.xml" "url": "http://www.ethereal.com/appnotes/enpa-sa-00018.html"
}, },
{ {
"name" : "MDKSA-2005:053", "name": "RHSA-2005:306",
"refsource" : "MANDRAKE", "refsource": "REDHAT",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:053" "url": "http://www.redhat.com/support/errata/RHSA-2005-306.html"
}, },
{ {
"name" : "RHSA-2005:306", "name": "oval:org.mitre.oval:def:10565",
"refsource" : "REDHAT", "refsource": "OVAL",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-306.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10565"
}, },
{ {
"name" : "12762", "name": "FLSA-2006:152922",
"refsource" : "BID", "refsource": "FEDORA",
"url" : "http://www.securityfocus.com/bid/12762" "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10565", "name": "12762",
"refsource" : "OVAL", "refsource": "BID",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10565" "url": "http://www.securityfocus.com/bid/12762"
} }
] ]
} }

80
2005/0xxx/CVE-2005-0961.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0961", "ID": "CVE-2005-0961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title." "value": "Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://lists.horde.org/archives/announce/2005/000176.html", "name": "http://lists.horde.org/archives/announce/2005/000176.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://lists.horde.org/archives/announce/2005/000176.html" "url": "http://lists.horde.org/archives/announce/2005/000176.html"
}, },
{ {
"name" : "http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.49&r2=1.515.2.93&ty=h", "name": "http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.49&r2=1.515.2.93&ty=h",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.49&r2=1.515.2.93&ty=h" "url": "http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.49&r2=1.515.2.93&ty=h"
}, },
{ {
"name" : "SUSE-SR:2005:016", "name": "SUSE-SR:2005:016",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_16_sr.html" "url": "http://www.novell.com/linux/security/advisories/2005_16_sr.html"
}, },
{ {
"name" : "14730", "name": "14730",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/14730" "url": "http://secunia.com/advisories/14730"
} }
] ]
} }

164
2005/0xxx/CVE-2005-0989.json
View File

@ -1,146 +1,146 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0989", "ID": "CVE-2005-0989",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method." "value": "The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/mfsa2005-33.html", "name": "oval:org.mitre.oval:def:100025",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://www.mozilla.org/security/announce/mfsa2005-33.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100025"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=288688", "name": "RHSA-2005:386",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=288688" "url": "http://www.redhat.com/support/errata/RHSA-2005-386.html"
}, },
{ {
"name" : "GLSA-200504-18", "name": "12988",
"refsource" : "GENTOO", "refsource": "BID",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml" "url": "http://www.securityfocus.com/bid/12988"
}, },
{ {
"name" : "RHSA-2005:383", "name": "SCOSA-2005.49",
"refsource" : "REDHAT", "refsource": "SCO",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-383.html" "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
}, },
{ {
"name" : "RHSA-2005:386", "name": "14820",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-386.html" "url": "http://secunia.com/advisories/14820"
}, },
{ {
"name" : "RHSA-2005:384", "name": "19823",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-384.html" "url": "http://secunia.com/advisories/19823"
}, },
{ {
"name" : "RHSA-2005:601", "name": "15495",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-601.html" "url": "http://www.securityfocus.com/bid/15495"
}, },
{ {
"name" : "SCOSA-2005.49", "name": "1013635",
"refsource" : "SCO", "refsource": "SECTRACK",
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" "url": "http://securitytracker.com/id?1013635"
}, },
{ {
"name" : "SUSE-SA:2006:022", "name": "RHSA-2005:601",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html" "url": "http://www.redhat.com/support/errata/RHSA-2005-601.html"
}, },
{ {
"name" : "15495", "name": "GLSA-200504-18",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/15495" "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml"
}, },
{ {
"name" : "12988", "name": "1013643",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/12988" "url": "http://securitytracker.com/id?1013643"
}, },
{ {
"name" : "oval:org.mitre.oval:def:100025", "name": "oval:org.mitre.oval:def:11706",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100025" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11706"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11706", "name": "RHSA-2005:384",
"refsource" : "OVAL", "refsource": "REDHAT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11706" "url": "http://www.redhat.com/support/errata/RHSA-2005-384.html"
}, },
{ {
"name" : "1013635", "name": "RHSA-2005:383",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://securitytracker.com/id?1013635" "url": "http://www.redhat.com/support/errata/RHSA-2005-383.html"
}, },
{ {
"name" : "1013643", "name": "SUSE-SA:2006:022",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://securitytracker.com/id?1013643" "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
}, },
{ {
"name" : "14820", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=288688",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/14820" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=288688"
}, },
{ {
"name" : "14821", "name": "http://www.mozilla.org/security/announce/mfsa2005-33.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/14821" "url": "http://www.mozilla.org/security/announce/mfsa2005-33.html"
}, },
{ {
"name" : "19823", "name": "14821",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/19823" "url": "http://secunia.com/advisories/14821"
} }
] ]
} }

74
2005/1xxx/CVE-2005-1136.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1136", "ID": "CVE-2005-1136",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files." "value": "Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050415 [ECHO_ADV_12$2005] Vulnerabilities in sphpblog", "name": "http://echo.or.id/adv/adv12-y3dips-2005.txt",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://marc.info/?l=bugtraq&m=111359320312609&w=2" "url": "http://echo.or.id/adv/adv12-y3dips-2005.txt"
}, },
{ {
"name" : "http://echo.or.id/adv/adv12-y3dips-2005.txt", "name": "20050415 [ECHO_ADV_12$2005] Vulnerabilities in sphpblog",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://echo.or.id/adv/adv12-y3dips-2005.txt" "url": "http://marc.info/?l=bugtraq&m=111359320312609&w=2"
}, },
{ {
"name" : "http://www.waraxe.us/ftopict-651.html", "name": "http://www.waraxe.us/ftopict-651.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.waraxe.us/ftopict-651.html" "url": "http://www.waraxe.us/ftopict-651.html"
} }
] ]
} }

68
2005/1xxx/CVE-2005-1138.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1138", "ID": "CVE-2005-1138",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service (CPU consumption) via certain e-mail messages." "value": "Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service (CPU consumption) via certain e-mail messages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.kerio.com/kms_history.html", "name": "1013708",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.kerio.com/kms_history.html" "url": "http://securitytracker.com/id?1013708"
}, },
{ {
"name" : "1013708", "name": "http://www.kerio.com/kms_history.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1013708" "url": "http://www.kerio.com/kms_history.html"
} }
] ]
} }

68
2005/1xxx/CVE-2005-1402.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1402", "ID": "CVE-2005-1402",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison." "value": "Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050501 Clients format string and server crash in Mtp-Target 1.2.2", "name": "20050501 Clients format string and server crash in Mtp-Target 1.2.2",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.security-focus.com/archive/1/397304" "url": "http://www.security-focus.com/archive/1/397304"
}, },
{ {
"name" : "http://aluigi.altervista.org/adv/mtpbugs-adv.txt", "name": "http://aluigi.altervista.org/adv/mtpbugs-adv.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://aluigi.altervista.org/adv/mtpbugs-adv.txt" "url": "http://aluigi.altervista.org/adv/mtpbugs-adv.txt"
} }
] ]
} }

80
2005/1xxx/CVE-2005-1408.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1408", "ID": "CVE-2005-1408",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation." "value": "Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://remahl.se/david/vuln/016/", "name": "15508",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://remahl.se/david/vuln/016/" "url": "http://secunia.com/advisories/15508"
}, },
{ {
"name" : "APPLE-SA-2005-05-25", "name": "APPLE-SA-2005-05-25",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2005/May/msg00005.html" "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00005.html"
}, },
{ {
"name" : "1014053", "name": "http://remahl.se/david/vuln/016/",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://securitytracker.com/id?1014053" "url": "http://remahl.se/david/vuln/016/"
}, },
{ {
"name" : "15508", "name": "1014053",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/15508" "url": "http://securitytracker.com/id?1014053"
} }
] ]
} }

68
2005/1xxx/CVE-2005-1640.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1640", "ID": "CVE-2005-1640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions." "value": "mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ignition-project.com/security/20050414-hosts-delete-owner-access-entries", "name": "15388",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.ignition-project.com/security/20050414-hosts-delete-owner-access-entries" "url": "http://secunia.com/advisories/15388"
}, },
{ {
"name" : "15388", "name": "http://www.ignition-project.com/security/20050414-hosts-delete-owner-access-entries",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/15388" "url": "http://www.ignition-project.com/security/20050414-hosts-delete-owner-access-entries"
} }
] ]
} }

134
2005/1xxx/CVE-2005-1739.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1739", "ID": "CVE-2005-1739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask." "value": "The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "GLSA-200505-16", "name": "16775",
"refsource" : "GENTOO", "refsource": "OSVDB",
"url" : "http://security.gentoo.org/glsa/glsa-200505-16.xml" "url": "http://www.osvdb.org/16775"
}, },
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=90423", "name": "GLSA-200505-16",
"refsource" : "MISC", "refsource": "GENTOO",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=90423" "url": "http://security.gentoo.org/glsa/glsa-200505-16.xml"
}, },
{ {
"name" : "MDKSA-2005:107", "name": "MDKSA-2005:107",
"refsource" : "MANDRAKE", "refsource": "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107"
}, },
{ {
"name" : "RHSA-2005:480", "name": "13705",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-480.html" "url": "http://www.securityfocus.com/bid/13705"
}, },
{ {
"name" : "USN-132-1", "name": "16774",
"refsource" : "UBUNTU", "refsource": "OSVDB",
"url" : "https://usn.ubuntu.com/132-1/" "url": "http://www.osvdb.org/16774"
}, },
{ {
"name" : "13705", "name": "RHSA-2005:480",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/13705" "url": "http://www.redhat.com/support/errata/RHSA-2005-480.html"
}, },
{ {
"name" : "16774", "name": "USN-132-1",
"refsource" : "OSVDB", "refsource": "UBUNTU",
"url" : "http://www.osvdb.org/16774" "url": "https://usn.ubuntu.com/132-1/"
}, },
{ {
"name" : "16775", "name": "oval:org.mitre.oval:def:960",
"refsource" : "OSVDB", "refsource": "OVAL",
"url" : "http://www.osvdb.org/16775" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960"
}, },
{ {
"name" : "oval:org.mitre.oval:def:960", "name": "http://bugs.gentoo.org/show_bug.cgi?id=90423",
"refsource" : "OVAL", "refsource": "MISC",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960" "url": "http://bugs.gentoo.org/show_bug.cgi?id=90423"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11667", "name": "15429",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667" "url": "http://secunia.com/advisories/15429"
}, },
{ {
"name" : "15429", "name": "15446",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/15429" "url": "http://secunia.com/advisories/15446"
}, },
{ {
"name" : "15446", "name": "15453",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/15446" "url": "http://secunia.com/advisories/15453"
}, },
{ {
"name" : "15453", "name": "oval:org.mitre.oval:def:11667",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/15453" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667"
} }
] ]
} }

182
2005/1xxx/CVE-2005-1983.json
View File

@ -1,161 +1,161 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2005-1983", "ID": "CVE-2005-1983",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm." "value": "Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS05-039", "name": "ADV-2005-1354",
"refsource" : "MS", "refsource": "VUPEN",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039" "url": "http://www.vupen.com/english/advisories/2005/1354"
}, },
{ {
"name" : "20050809 Windows Plug and Play Remote Compromise", "name": "oval:org.mitre.oval:def:497",
"refsource" : "ISS", "refsource": "OVAL",
"url" : "http://xforce.iss.net/xforce/alerts/id/202" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A497"
}, },
{ {
"name" : "TA05-221A", "name": "http://www.hsc.fr/ressources/presentations/null_sessions/",
"refsource" : "CERT", "refsource": "MISC",
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-221A.html" "url": "http://www.hsc.fr/ressources/presentations/null_sessions/"
}, },
{ {
"name" : "VU#998653", "name": "18605",
"refsource" : "CERT-VN", "refsource": "OSVDB",
"url" : "http://www.kb.cert.org/vuls/id/998653" "url": "http://www.osvdb.org/18605"
}, },
{ {
"name" : "P-266", "name": "http://www.frsirt.com/english/alerts/20050814.ZotobA.php",
"refsource" : "CIAC", "refsource": "MISC",
"url" : "http://www.ciac.org/ciac/bulletins/p-266.shtml" "url": "http://www.frsirt.com/english/alerts/20050814.ZotobA.php"
}, },
{ {
"name" : "http://www.hsc.fr/ressources/presentations/null_sessions/", "name": "20050811 Windows 2000 universal exploit for MS05-039",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://www.hsc.fr/ressources/presentations/null_sessions/" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html"
}, },
{ {
"name" : "http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html", "name": "VU#998653",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html" "url": "http://www.kb.cert.org/vuls/id/998653"
}, },
{ {
"name" : "http://www.frsirt.com/english/alerts/20050814.ZotobA.php", "name": "14513",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.frsirt.com/english/alerts/20050814.ZotobA.php" "url": "http://www.securityfocus.com/bid/14513"
}, },
{ {
"name" : "20050811 Windows 2000 universal exploit for MS05-039", "name": "oval:org.mitre.oval:def:267",
"refsource" : "FULLDISC", "refsource": "OVAL",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A267"
}, },
{ {
"name" : "14513", "name": "P-266",
"refsource" : "BID", "refsource": "CIAC",
"url" : "http://www.securityfocus.com/bid/14513" "url": "http://www.ciac.org/ciac/bulletins/p-266.shtml"
}, },
{ {
"name" : "ADV-2005-1354", "name": "1014640",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2005/1354" "url": "http://securitytracker.com/id?1014640"
}, },
{ {
"name" : "oval:org.mitre.oval:def:100073", "name": "win-plugandplay-bo(21602)",
"refsource" : "OVAL", "refsource": "XF",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100073" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21602"
}, },
{ {
"name" : "oval:org.mitre.oval:def:160", "name": "TA05-221A",
"refsource" : "OVAL", "refsource": "CERT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A160" "url": "http://www.us-cert.gov/cas/techalerts/TA05-221A.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:267", "name": "16372",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A267" "url": "http://secunia.com/advisories/16372"
}, },
{ {
"name" : "oval:org.mitre.oval:def:474", "name": "20050809 Windows Plug and Play Remote Compromise",
"refsource" : "OVAL", "refsource": "ISS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A474" "url": "http://xforce.iss.net/xforce/alerts/id/202"
}, },
{ {
"name" : "oval:org.mitre.oval:def:497", "name": "oval:org.mitre.oval:def:100073",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A497" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100073"
}, },
{ {
"name" : "oval:org.mitre.oval:def:783", "name": "MS05-039",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A783" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039"
}, },
{ {
"name" : "16372", "name": "oval:org.mitre.oval:def:160",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/16372" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A160"
}, },
{ {
"name" : "1014640", "name": "oval:org.mitre.oval:def:474",
"refsource" : "SECTRACK", "refsource": "OVAL",
"url" : "http://securitytracker.com/id?1014640" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A474"
}, },
{ {
"name" : "18605", "name": "oval:org.mitre.oval:def:783",
"refsource" : "OSVDB", "refsource": "OVAL",
"url" : "http://www.osvdb.org/18605" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A783"
}, },
{ {
"name" : "win-plugandplay-bo(21602)", "name": "http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21602" "url": "http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html"
} }
] ]
} }

92
2005/4xxx/CVE-2005-4165.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4165", "ID": "CVE-2005-4165",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum allow remote attackers to execute arbitrary SQL commands via the (1) forum_id parameter to forum.asp, (2) unspecified parameters to register.asp, and (3) the \"Search For\" field in search.asp." "value": "Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum allow remote attackers to execute arbitrary SQL commands via the (1) forum_id parameter to forum.asp, (2) unspecified parameters to register.asp, and (3) the \"Search For\" field in search.asp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "15858", "name": "21708",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/15858" "url": "http://www.osvdb.org/21708"
}, },
{ {
"name" : "21706", "name": "1015316",
"refsource" : "OSVDB", "refsource": "SECTRACK",
"url" : "http://www.osvdb.org/21706" "url": "http://securitytracker.com/id?1015316"
}, },
{ {
"name" : "21707", "name": "aspdevxmforum-multiple-sql-injection(23511)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/21707" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23511"
}, },
{ {
"name" : "21708", "name": "21706",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/21708" "url": "http://www.osvdb.org/21706"
}, },
{ {
"name" : "1015316", "name": "15858",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1015316" "url": "http://www.securityfocus.com/bid/15858"
}, },
{ {
"name" : "aspdevxmforum-multiple-sql-injection(23511)", "name": "21707",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23511" "url": "http://www.osvdb.org/21707"
} }
] ]
} }

86
2005/4xxx/CVE-2005-4312.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4312", "ID": "CVE-2005-4312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://pridels0.blogspot.com/2005/12/almondsoft-products-sql-inj.html", "name": "http://pridels0.blogspot.com/2005/12/almondsoft-products-sql-inj.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/almondsoft-products-sql-inj.html" "url": "http://pridels0.blogspot.com/2005/12/almondsoft-products-sql-inj.html"
}, },
{ {
"name" : "15899", "name": "15899",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/15899" "url": "http://www.securityfocus.com/bid/15899"
}, },
{ {
"name" : "ADV-2005-2943", "name": "21783",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2005/2943" "url": "http://www.osvdb.org/21783"
}, },
{ {
"name" : "21783", "name": "ADV-2005-2943",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/21783" "url": "http://www.vupen.com/english/advisories/2005/2943"
}, },
{ {
"name" : "18094", "name": "18094",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/18094" "url": "http://secunia.com/advisories/18094"
} }
] ]
} }

80
2009/0xxx/CVE-2009-0380.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0380", "ID": "CVE-2009-0380",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither \"showbiz\" nor \"bid\" appears in the source code for SOBI2." "value": "** DISPUTED ** SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither \"showbiz\" nor \"bid\" appears in the source code for SOBI2."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7841", "name": "33378",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/7841" "url": "http://www.securityfocus.com/bid/33378"
}, },
{ {
"name" : "20090130 SOBI2 showbiz SQL injection - false, or site-specific", "name": "7841",
"refsource" : "VIM", "refsource": "EXPLOIT-DB",
"url" : "http://www.attrition.org/pipermail/vim/2009-January/002136.html" "url": "https://www.exploit-db.com/exploits/7841"
}, },
{ {
"name" : "33378", "name": "20090130 SOBI2 showbiz SQL injection - false, or site-specific",
"refsource" : "BID", "refsource": "VIM",
"url" : "http://www.securityfocus.com/bid/33378" "url": "http://www.attrition.org/pipermail/vim/2009-January/002136.html"
}, },
{ {
"name" : "sobi2-bid-sql-injection(48131)", "name": "sobi2-bid-sql-injection(48131)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48131" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48131"
} }
] ]
} }

98
2009/0xxx/CVE-2009-0635.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2009-0635", "ID": "CVE-2009-0635",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets." "value": "Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml", "name": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml" "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml"
}, },
{ {
"name" : "20090325 Cisco IOS cTCP Denial of Service Vulnerability", "name": "20090325 Cisco IOS cTCP Denial of Service Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90459.shtml" "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90459.shtml"
}, },
{ {
"name" : "34246", "name": "34438",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/34246" "url": "http://secunia.com/advisories/34438"
}, },
{ {
"name" : "1021895", "name": "34246",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1021895" "url": "http://www.securityfocus.com/bid/34246"
}, },
{ {
"name" : "34438", "name": "ios-ctcp-dos(49417)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/34438" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49417"
}, },
{ {
"name" : "ADV-2009-0851", "name": "1021895",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2009/0851" "url": "http://www.securitytracker.com/id?1021895"
}, },
{ {
"name" : "ios-ctcp-dos(49417)", "name": "ADV-2009-0851",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49417" "url": "http://www.vupen.com/english/advisories/2009/0851"
} }
] ]
} }

68
2009/1xxx/CVE-2009-1585.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1585", "ID": "CVE-2009-1585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." "value": "Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "54244", "name": "54244",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/54244" "url": "http://osvdb.org/54244"
}, },
{ {
"name" : "34983", "name": "34983",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34983" "url": "http://secunia.com/advisories/34983"
} }
] ]
} }

74
2009/1xxx/CVE-2009-1647.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1647", "ID": "CVE-2009-1647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service (application crash) via a long string in a +OK response. NOTE: some of these details are obtained from third party information." "value": "Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service (application crash) via a long string in a +OK response. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8526", "name": "ADV-2009-1170",
"refsource" : "EXPLOIT-DB", "refsource": "VUPEN",
"url" : "https://www.exploit-db.com/exploits/8526" "url": "http://www.vupen.com/english/advisories/2009/1170"
}, },
{ {
"name" : "34699", "name": "34699",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34699" "url": "http://www.securityfocus.com/bid/34699"
}, },
{ {
"name" : "ADV-2009-1170", "name": "8526",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2009/1170" "url": "https://www.exploit-db.com/exploits/8526"
} }
] ]
} }

74
2009/1xxx/CVE-2009-1746.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1746", "ID": "CVE-2009-1746",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action." "value": "SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8727", "name": "54658",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/8727" "url": "http://osvdb.org/54658"
}, },
{ {
"name" : "35016", "name": "8727",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/35016" "url": "https://www.exploit-db.com/exploits/8727"
}, },
{ {
"name" : "54658", "name": "35016",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/54658" "url": "http://www.securityfocus.com/bid/35016"
} }
] ]
} }

104
2009/1xxx/CVE-2009-1782.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1782", "ID": "CVE-2009-1782",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive." "value": "Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html", "name": "35008",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html" "url": "http://secunia.com/advisories/35008"
}, },
{ {
"name" : "34849", "name": "1022172",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/34849" "url": "http://www.securitytracker.com/id?1022172"
}, },
{ {
"name" : "1022170", "name": "ADV-2009-1262",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://www.securitytracker.com/id?1022170" "url": "http://www.vupen.com/english/advisories/2009/1262"
}, },
{ {
"name" : "1022171", "name": "1022170",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022171" "url": "http://www.securitytracker.com/id?1022170"
}, },
{ {
"name" : "1022172", "name": "fsecure-rar-zip-security-bypass(50346)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1022172" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50346"
}, },
{ {
"name" : "35008", "name": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/35008" "url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html"
}, },
{ {
"name" : "ADV-2009-1262", "name": "34849",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2009/1262" "url": "http://www.securityfocus.com/bid/34849"
}, },
{ {
"name" : "fsecure-rar-zip-security-bypass(50346)", "name": "1022171",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50346" "url": "http://www.securitytracker.com/id?1022171"
} }
] ]
} }

86
2009/1xxx/CVE-2009-1873.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1873", "ID": "CVE-2009-1873",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter." "value": "Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090817 [DSECRG-09-052] Adobe JRun 4 Directory Traversal Vulnerabilities", "name": "9443",
"refsource" : "BUGTRAQ", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/archive/1/505808/100/0/threaded" "url": "https://www.exploit-db.com/exploits/9443"
}, },
{ {
"name" : "9443", "name": "20090817 [DSECRG-09-052] Adobe JRun 4 Directory Traversal Vulnerabilities",
"refsource" : "EXPLOIT-DB", "refsource": "BUGTRAQ",
"url" : "https://www.exploit-db.com/exploits/9443" "url": "http://www.securityfocus.com/archive/1/505808/100/0/threaded"
}, },
{ {
"name" : "http://www.dsecrg.com/pages/vul/show.php?id=152", "name": "http://www.adobe.com/support/security/bulletins/apsb09-12.html",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.dsecrg.com/pages/vul/show.php?id=152" "url": "http://www.adobe.com/support/security/bulletins/apsb09-12.html"
}, },
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-12.html", "name": "57186",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-12.html" "url": "http://osvdb.org/57186"
}, },
{ {
"name" : "57186", "name": "http://www.dsecrg.com/pages/vul/show.php?id=152",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/57186" "url": "http://www.dsecrg.com/pages/vul/show.php?id=152"
} }
] ]
} }

86
2009/1xxx/CVE-2009-1972.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2009-1972", "ID": "CVE-2009-1972",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL." "value": "Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "name": "37027",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" "url": "http://secunia.com/advisories/37027"
}, },
{ {
"name" : "TA09-294A", "name": "1023057",
"refsource" : "CERT", "refsource": "SECTRACK",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" "url": "http://www.securitytracker.com/id?1023057"
}, },
{ {
"name" : "36758", "name": "TA09-294A",
"refsource" : "BID", "refsource": "CERT",
"url" : "http://www.securityfocus.com/bid/36758" "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html"
}, },
{ {
"name" : "1023057", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1023057" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html"
}, },
{ {
"name" : "37027", "name": "36758",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/37027" "url": "http://www.securityfocus.com/bid/36758"
} }
] ]
} }

80
2009/4xxx/CVE-2009-4175.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4175", "ID": "CVE-2009-4175",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to obtain sensitive information via an invalid date value in the from_date_day parameter to search.php, which reveals the installation path in an error message." "value": "CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to obtain sensitive information via an invalid date value in the from_date_day parameter to search.php, which reveals the installation path in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20091110 [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News", "name": "cutenews-search-path-disclosure(54235)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/507782/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54235"
}, },
{ {
"name" : "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt", "name": "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt" "url": "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt"
}, },
{ {
"name" : "36971", "name": "20091110 [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/36971" "url": "http://www.securityfocus.com/archive/1/507782/100/0/threaded"
}, },
{ {
"name" : "cutenews-search-path-disclosure(54235)", "name": "36971",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54235" "url": "http://www.securityfocus.com/bid/36971"
} }
] ]
} }

128
2009/4xxx/CVE-2009-4313.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4313", "ID": "CVE-2009-4313",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file." "value": "ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20091208 Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability", "name": "955759",
"refsource" : "IDEFENSE", "refsource": "MSKB",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=835" "url": "http://support.microsoft.com/kb/955759"
}, },
{ {
"name" : "http://www.microsoft.com/technet/security/advisory/954157.mspx", "name": "60858",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.microsoft.com/technet/security/advisory/954157.mspx" "url": "http://www.osvdb.org/60858"
}, },
{ {
"name" : "954157", "name": "1023302",
"refsource" : "MSKB", "refsource": "SECTRACK",
"url" : "http://support.microsoft.com/kb/954157" "url": "http://securitytracker.com/id?1023302"
}, },
{ {
"name" : "955759", "name": "37251",
"refsource" : "MSKB", "refsource": "BID",
"url" : "http://support.microsoft.com/kb/955759" "url": "http://www.securityfocus.com/bid/37251"
}, },
{ {
"name" : "976138", "name": "oval:org.mitre.oval:def:12242",
"refsource" : "MSKB", "refsource": "OVAL",
"url" : "http://support.microsoft.com/kb/976138" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12242"
}, },
{ {
"name" : "37251", "name": "http://www.microsoft.com/technet/security/advisory/954157.mspx",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/37251" "url": "http://www.microsoft.com/technet/security/advisory/954157.mspx"
}, },
{ {
"name" : "60858", "name": "976138",
"refsource" : "OSVDB", "refsource": "MSKB",
"url" : "http://www.osvdb.org/60858" "url": "http://support.microsoft.com/kb/976138"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12242", "name": "ADV-2009-3440",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12242" "url": "http://www.vupen.com/english/advisories/2009/3440"
}, },
{ {
"name" : "1023302", "name": "954157",
"refsource" : "SECTRACK", "refsource": "MSKB",
"url" : "http://securitytracker.com/id?1023302" "url": "http://support.microsoft.com/kb/954157"
}, },
{ {
"name" : "37592", "name": "20091208 Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability",
"refsource" : "SECUNIA", "refsource": "IDEFENSE",
"url" : "http://secunia.com/advisories/37592" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=835"
}, },
{ {
"name" : "ADV-2009-3440", "name": "ms-ie-content-code-execution(54645)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2009/3440" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54645"
}, },
{ {
"name" : "ms-ie-content-code-execution(54645)", "name": "37592",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54645" "url": "http://secunia.com/advisories/37592"
} }
] ]
} }

80
2009/4xxx/CVE-2009-4656.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4656", "ID": "CVE-2009-4656",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls) containing a long string. NOTE: some of these details are obtained from third party information." "value": "Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls) containing a long string. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "9691", "name": "ADV-2009-2681",
"refsource" : "EXPLOIT-DB", "refsource": "VUPEN",
"url" : "http://www.exploit-db.com/exploits/9691" "url": "http://www.vupen.com/english/advisories/2009/2681"
}, },
{ {
"name" : "36728", "name": "36728",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/36728" "url": "http://secunia.com/advisories/36728"
}, },
{ {
"name" : "ADV-2009-2681", "name": "djstudio-pls-dos(53310)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2009/2681" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53310"
}, },
{ {
"name" : "djstudio-pls-dos(53310)", "name": "9691",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53310" "url": "http://www.exploit-db.com/exploits/9691"
} }
] ]
} }

68
2009/4xxx/CVE-2009-4670.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4670", "ID": "CVE-2009-4670",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote attackers to (1) delete arbitrary users via the user parameter or (2) delete arbitrary rooms via the room parameter." "value": "admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote attackers to (1) delete arbitrary users via the user parameter or (2) delete arbitrary rooms via the room parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8797", "name": "35237",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "http://www.exploit-db.com/exploits/8797" "url": "http://secunia.com/advisories/35237"
}, },
{ {
"name" : "35237", "name": "8797",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/35237" "url": "http://www.exploit-db.com/exploits/8797"
} }
] ]
} }

68
2009/5xxx/CVE-2009-5021.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-5021", "ID": "CVE-2009-5021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password." "value": "Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz", "name": "cobbler-password-weak-security(64734)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64734"
}, },
{ {
"name" : "cobbler-password-weak-security(64734)", "name": "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64734" "url": "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz"
} }
] ]
} }

80
2012/2xxx/CVE-2012-2206.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-2206", "ID": "CVE-2012-2206",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI." "value": "The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20478", "name": "20478",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/20478/" "url": "http://www.exploit-db.com/exploits/20478/"
}, },
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21607481", "name": "http://www.ibm.com/support/docview.wss?uid=swg21607481",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21607481" "url": "http://www.ibm.com/support/docview.wss?uid=swg21607481"
}, },
{ {
"name" : "IC82761", "name": "wmq-ftewg-security-bypass(77095)",
"refsource" : "AIXAPAR", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC82761" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77095"
}, },
{ {
"name" : "wmq-ftewg-security-bypass(77095)", "name": "IC82761",
"refsource" : "XF", "refsource": "AIXAPAR",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77095" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC82761"
} }
] ]
} }

86
2012/2xxx/CVE-2012-2710.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2710", "ID": "CVE-2012-2710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x before 6.x-1.1 for Drupal, when \"Append the content title to the end of the breadcrumb\" is enabled, allows remote attackers to inject arbitrary web script or HTML via the content title in a breadcrumb." "value": "Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x before 6.x-1.1 for Drupal, when \"Append the content title to the end of the breadcrumb\" is enabled, allows remote attackers to inject arbitrary web script or HTML via the content title in a breadcrumb."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules", "name": "http://drupal.org/node/628480",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3" "url": "http://drupal.org/node/628480"
}, },
{ {
"name" : "http://drupal.org/node/1585960", "name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://drupal.org/node/1585960" "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
}, },
{ {
"name" : "http://drupal.org/node/628480", "name": "53573",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://drupal.org/node/628480" "url": "http://www.securityfocus.com/bid/53573"
}, },
{ {
"name" : "53573", "name": "http://drupal.org/node/1585960",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/53573" "url": "http://drupal.org/node/1585960"
}, },
{ {
"name" : "zen-breadcrumb-xss(75711)", "name": "zen-breadcrumb-xss(75711)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75711" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75711"
} }
] ]
} }

116
2012/2xxx/CVE-2012-2738.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2738", "ID": "CVE-2012-2738",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value." "value": "The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120522 Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher", "name": "FEDORA-2012-9575",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/23/6" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083403.html"
}, },
{ {
"name" : "[oss-security] 20120615 Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher", "name": "https://bugzilla.gnome.org/show_bug.cgi?id=676090",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/15/11" "url": "https://bugzilla.gnome.org/show_bug.cgi?id=676090"
}, },
{ {
"name" : "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.changes", "name": "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.changes",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.changes" "url": "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.changes"
}, },
{ {
"name" : "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.news", "name": "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.news",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.news" "url": "http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.news"
}, },
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=676090", "name": "54281",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=676090" "url": "http://www.securityfocus.com/bid/54281"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "name": "[oss-security] 20120615 Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" "url": "http://www.openwall.com/lists/oss-security/2012/06/15/11"
}, },
{ {
"name" : "FEDORA-2012-9546", "name": "[oss-security] 20120522 Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083398.html" "url": "http://www.openwall.com/lists/oss-security/2012/05/23/6"
}, },
{ {
"name" : "FEDORA-2012-9575", "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083403.html" "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
}, },
{ {
"name" : "openSUSE-SU-2012:0931", "name": "openSUSE-SU-2012:0931",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2012-08/msg00001.html" "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00001.html"
}, },
{ {
"name" : "54281", "name": "FEDORA-2012-9546",
"refsource" : "BID", "refsource": "FEDORA",
"url" : "http://www.securityfocus.com/bid/54281" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083398.html"
} }
] ]
} }

22
2012/3xxx/CVE-2012-3092.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3092", "ID": "CVE-2012-3092",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

98
2012/3xxx/CVE-2012-3449.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-3449", "ID": "CVE-2012-3449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files." "value": "Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120802 openvswitch world writable directories (CVE-2012-3449)", "name": "54789",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2012/08/02/6" "url": "http://www.securityfocus.com/bid/54789"
}, },
{ {
"name" : "[oss-security] 20120803 Re: openvswitch world writable directories (CVE-2012-3449)", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=845350",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2012/08/03/6" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=845350"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=845350", "name": "54794",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=845350" "url": "http://www.securityfocus.com/bid/54794"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683665", "name": "[oss-security] 20120803 Re: openvswitch world writable directories (CVE-2012-3449)",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683665" "url": "http://www.openwall.com/lists/oss-security/2012/08/03/6"
}, },
{ {
"name" : "54789", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683665",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/54789" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683665"
}, },
{ {
"name" : "54794", "name": "openvswitch-privilege-escalation(77417)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/54794" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77417"
}, },
{ {
"name" : "openvswitch-privilege-escalation(77417)", "name": "[oss-security] 20120802 openvswitch world writable directories (CVE-2012-3449)",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77417" "url": "http://www.openwall.com/lists/oss-security/2012/08/02/6"
} }
] ]
} }

80
2012/3xxx/CVE-2012-3747.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3747", "ID": "CVE-2012-3747",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." "value": "WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5503", "name": "APPLE-SA-2012-09-19-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5503" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-1", "name": "http://support.apple.com/kb/HT5503",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "url": "http://support.apple.com/kb/HT5503"
}, },
{ {
"name" : "85631", "name": "85631",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/85631" "url": "http://osvdb.org/85631"
}, },
{ {
"name" : "apple-ios-webkit-cve20123747(78725)", "name": "apple-ios-webkit-cve20123747(78725)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78725" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78725"
} }
] ]
} }

92
2012/3xxx/CVE-2012-3796.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3796", "ID": "CVE-2012-3796",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode." "value": "Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://aluigi.org/adv/proservrex_1-adv.txt", "name": "https://www.hmisource.com/otasuke/news/2012/0606.html",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://aluigi.org/adv/proservrex_1-adv.txt" "url": "https://www.hmisource.com/otasuke/news/2012/0606.html"
}, },
{ {
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01", "name": "https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01" "url": "https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt"
}, },
{ {
"name" : "https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt", "name": "http://aluigi.org/adv/proservrex_1-adv.txt",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.hmisource.com/otasuke/download/update/server_ex/server_ex/Readme_E.txt" "url": "http://aluigi.org/adv/proservrex_1-adv.txt"
}, },
{ {
"name" : "https://www.hmisource.com/otasuke/news/2012/0606.html", "name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.hmisource.com/otasuke/news/2012/0606.html" "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-179-01"
}, },
{ {
"name" : "53499", "name": "53499",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/53499" "url": "http://www.securityfocus.com/bid/53499"
}, },
{ {
"name" : "49172", "name": "49172",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/49172" "url": "http://secunia.com/advisories/49172"
} }
] ]
} }

62
2012/4xxx/CVE-2012-4651.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-4651", "ID": "CVE-2012-4651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451." "value": "Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf", "name": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf" "url": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf"
} }
] ]
} }

22
2012/6xxx/CVE-2012-6374.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6374", "ID": "CVE-2012-6374",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/6xxx/CVE-2012-6486.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6486", "ID": "CVE-2012-6486",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2012/6xxx/CVE-2012-6588.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6588", "ID": "CVE-2012-6588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter." "value": "SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "22711", "name": "22711",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/22711/" "url": "http://www.exploit-db.com/exploits/22711/"
} }
] ]
} }

74
2015/5xxx/CVE-2015-5063.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5063", "ID": "CVE-2015-5063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter to install.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter to install.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20150609 SilverStripe CMS Unvalidated Redirect & XSS vulnerabilities", "name": "http://packetstormsecurity.com/files/132223/SilverStripe-CMS-3.1.13-XSS-Open-Redirect.html",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/535716/100/0/threaded" "url": "http://packetstormsecurity.com/files/132223/SilverStripe-CMS-3.1.13-XSS-Open-Redirect.html"
}, },
{ {
"name" : "http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt", "name": "http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt" "url": "http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/132223/SilverStripe-CMS-3.1.13-XSS-Open-Redirect.html", "name": "20150609 SilverStripe CMS Unvalidated Redirect & XSS vulnerabilities",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://packetstormsecurity.com/files/132223/SilverStripe-CMS-3.1.13-XSS-Open-Redirect.html" "url": "http://www.securityfocus.com/archive/1/535716/100/0/threaded"
} }
] ]
} }

74
2015/5xxx/CVE-2015-5685.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5685", "ID": "CVE-2015-5685",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet, related to \"improper indexing.\"" "value": "The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet, related to \"improper indexing.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-366/", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-366/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-366/" "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-366/"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-367/", "name": "https://github.com/bittorrent/bootstrap-dht/commit/e809ea80e3527e32c40756eddd8b2ae44bc3af1a",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-367/" "url": "https://github.com/bittorrent/bootstrap-dht/commit/e809ea80e3527e32c40756eddd8b2ae44bc3af1a"
}, },
{ {
"name" : "https://github.com/bittorrent/bootstrap-dht/commit/e809ea80e3527e32c40756eddd8b2ae44bc3af1a", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-367/",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://github.com/bittorrent/bootstrap-dht/commit/e809ea80e3527e32c40756eddd8b2ae44bc3af1a" "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-367/"
} }
] ]
} }

74
2015/5xxx/CVE-2015-5853.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5853", "ID": "CVE-2015-5853",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors." "value": "AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT205267", "name": "1033703",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT205267" "url": "http://www.securitytracker.com/id/1033703"
}, },
{ {
"name" : "APPLE-SA-2015-09-30-3", "name": "APPLE-SA-2015-09-30-3",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
}, },
{ {
"name" : "1033703", "name": "https://support.apple.com/HT205267",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1033703" "url": "https://support.apple.com/HT205267"
} }
] ]
} }

22
2015/5xxx/CVE-2015-5881.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-5881", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2015-5881",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7760, CVE-2015-7761. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2015-7760 and CVE-2015-7761 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7760, CVE-2015-7761. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2015-7760 and CVE-2015-7761 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

22
2015/5xxx/CVE-2015-5974.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-5974", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2015-5974",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }

74
2018/11xxx/CVE-2018-11504.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11504", "ID": "CVE-2018-11504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html." "value": "The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180908 [SECURITY] [DLA 1499-1] discount security update", "name": "https://github.com/Orc/discount/issues/189#issuecomment-392247798",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00009.html" "url": "https://github.com/Orc/discount/issues/189#issuecomment-392247798"
}, },
{ {
"name" : "https://github.com/Orc/discount/issues/189#issuecomment-392247798", "name": "[debian-lts-announce] 20180908 [SECURITY] [DLA 1499-1] discount security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://github.com/Orc/discount/issues/189#issuecomment-392247798" "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00009.html"
}, },
{ {
"name" : "DSA-4293", "name": "DSA-4293",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4293" "url": "https://www.debian.org/security/2018/dsa-4293"
} }
] ]
} }

22
2018/11xxx/CVE-2018-11566.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11566", "ID": "CVE-2018-11566",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

118
2018/11xxx/CVE-2018-11763.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2018-09-25T00:00:00", "DATE_PUBLIC": "2018-09-25T00:00:00",
"ID" : "CVE-2018-11763", "ID": "CVE-2018-11763",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache HTTP Server", "product_name": "Apache HTTP Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.4.17 to 2.4.34" "version_value": "2.4.17 to 2.4.34"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol." "value": "In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "mod_http2, DoS via continuous SETTINGS frames" "value": "mod_http2, DoS via continuous SETTINGS frames"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://httpd.apache.org/security/vulnerabilities_24.html", "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://httpd.apache.org/security/vulnerabilities_24.html" "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}, },
{ {
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "RHSA-2018:3558",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "url": "https://access.redhat.com/errata/RHSA-2018:3558"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20190204-0004/", "name": "105414",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://security.netapp.com/advisory/ntap-20190204-0004/" "url": "http://www.securityfocus.com/bid/105414"
}, },
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us" "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us"
}, },
{ {
"name" : "RHSA-2018:3558", "name": "https://security.netapp.com/advisory/ntap-20190204-0004/",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558" "url": "https://security.netapp.com/advisory/ntap-20190204-0004/"
}, },
{ {
"name" : "RHSA-2019:0366", "name": "RHSA-2019:0367",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366" "url": "https://access.redhat.com/errata/RHSA-2019:0367"
}, },
{ {
"name" : "RHSA-2019:0367", "name": "USN-3783-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367" "url": "https://usn.ubuntu.com/3783-1/"
}, },
{ {
"name" : "USN-3783-1", "name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/3783-1/" "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}, },
{ {
"name" : "105414", "name": "1041713",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/105414" "url": "http://www.securitytracker.com/id/1041713"
}, },
{ {
"name" : "1041713", "name": "RHSA-2019:0366",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1041713" "url": "https://access.redhat.com/errata/RHSA-2019:0366"
} }
] ]
} }

22
2018/11xxx/CVE-2018-11972.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11972", "ID": "CVE-2018-11972",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/14xxx/CVE-2018-14121.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14121", "ID": "CVE-2018-14121",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/14xxx/CVE-2018-14258.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-14258", "ID": "CVE-2018-14258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.1049" "version_value": "9.0.1.1049"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getPageNthWord method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6021." "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getPageNthWord method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6021."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')" "value": "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-718", "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-718" "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}, },
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "name": "https://zerodayinitiative.com/advisories/ZDI-18-718",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "url": "https://zerodayinitiative.com/advisories/ZDI-18-718"
} }
] ]
} }

22
2018/14xxx/CVE-2018-14874.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14874", "ID": "CVE-2018-14874",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/15xxx/CVE-2018-15090.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15090", "ID": "CVE-2018-15090",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/15xxx/CVE-2018-15190.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15190", "ID": "CVE-2018-15190",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First Name, Last Name, or Address field." "value": "PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First Name, Last Name, or Address field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://gkaim.com/cve-2018-15190-vikas-chaudhary/", "name": "https://gkaim.com/cve-2018-15190-vikas-chaudhary/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://gkaim.com/cve-2018-15190-vikas-chaudhary/" "url": "https://gkaim.com/cve-2018-15190-vikas-chaudhary/"
} }
] ]
} }

62
2018/15xxx/CVE-2018-15199.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15199", "ID": "CVE-2018-15199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AuraCMS 2.3 allows XSS via a Bukutamu -> AddGuestbook action." "value": "AuraCMS 2.3 allows XSS via a Bukutamu -> AddGuestbook action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/auracms/AuraCMS/issues/1", "name": "https://github.com/auracms/AuraCMS/issues/1",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/auracms/AuraCMS/issues/1" "url": "https://github.com/auracms/AuraCMS/issues/1"
} }
] ]
} }

88
2018/15xxx/CVE-2018-15424.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2018-10-03T16:00:00-0500", "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
"ID" : "CVE-2018-15424", "ID": "CVE-2018-15424",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Multiple Vulnerabilities in Cisco Identity Services Engine" "TITLE": "Multiple Vulnerabilities in Cisco Identity Services Engine"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Identity Services Engine Software ", "product_name": "Cisco Identity Services Engine Software ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server." "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : { "cvss": {
"baseScore" : "4.7", "baseScore": "4.7",
"version" : "3.0" "version": "3.0"
} }
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-20" "value": "CWE-20"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20181003 Multiple Vulnerabilities in Cisco Identity Services Engine", "name": "20181003 Multiple Vulnerabilities in Cisco Identity Services Engine",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ise-mult-vulns" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ise-mult-vulns"
}, },
{ {
"name" : "1041792", "name": "1041792",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041792" "url": "http://www.securitytracker.com/id/1041792"
} }
] ]
}, },
"source" : { "source": {
"advisory" : "cisco-sa-20181003-ise-mult-vulns", "advisory": "cisco-sa-20181003-ise-mult-vulns",
"defect" : [ "defect": [
[ [
"CSCvj62592", "CSCvj62592",
"CSCvj62614" "CSCvj62614"
] ]
], ],
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

74
2018/15xxx/CVE-2018-15494.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15494", "ID": "CVE-2018-15494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid." "value": "In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180903 [SECURITY] [DLA 1492-1] dojo security update", "name": "https://dojotoolkit.org/blog/dojo-1-14-released",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00002.html" "url": "https://dojotoolkit.org/blog/dojo-1-14-released"
}, },
{ {
"name" : "https://dojotoolkit.org/blog/dojo-1-14-released", "name": "[debian-lts-announce] 20180903 [SECURITY] [DLA 1492-1] dojo security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://dojotoolkit.org/blog/dojo-1-14-released" "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00002.html"
}, },
{ {
"name" : "https://github.com/dojo/dojox/pull/283", "name": "https://github.com/dojo/dojox/pull/283",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/dojo/dojox/pull/283" "url": "https://github.com/dojo/dojox/pull/283"
} }
] ]
} }

158
2018/8xxx/CVE-2018-8287.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8287", "ID": "CVE-2018-8287",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ChakraCore", "product_name": "ChakraCore",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ChakraCore" "version_value": "ChakraCore"
} }
] ]
} }
}, },
{ {
"product_name" : "Internet Explorer 11", "product_name": "Internet Explorer 11",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 for 32-bit Systems" "version_value": "Windows 10 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 for x64-based Systems" "version_value": "Windows 10 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1607 for 32-bit Systems" "version_value": "Windows 10 Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1607 for x64-based Systems" "version_value": "Windows 10 Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for 32-bit Systems" "version_value": "Windows 10 Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for x64-based Systems" "version_value": "Windows 10 Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for 32-bit Systems" "version_value": "Windows 10 Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for x64-based Systems" "version_value": "Windows 10 Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for 32-bit Systems" "version_value": "Windows 10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for x64-based Systems" "version_value": "Windows 10 Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 7 for 32-bit Systems Service Pack 1" "version_value": "Windows 7 for 32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "Windows 7 for x64-based Systems Service Pack 1" "version_value": "Windows 7 for x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "Windows 8.1 for 32-bit systems" "version_value": "Windows 8.1 for 32-bit systems"
}, },
{ {
"version_value" : "Windows 8.1 for x64-based systems" "version_value": "Windows 8.1 for x64-based systems"
}, },
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
}, },
{ {
"version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "Windows Server 2012 R2" "version_value": "Windows Server 2012 R2"
}, },
{ {
"version_value" : "Windows Server 2016" "version_value": "Windows Server 2016"
} }
] ]
} }
}, },
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 for 32-bit Systems" "version_value": "Windows 10 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 for x64-based Systems" "version_value": "Windows 10 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1607 for 32-bit Systems" "version_value": "Windows 10 Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1607 for x64-based Systems" "version_value": "Windows 10 Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for 32-bit Systems" "version_value": "Windows 10 Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for x64-based Systems" "version_value": "Windows 10 Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for 32-bit Systems" "version_value": "Windows 10 Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for x64-based Systems" "version_value": "Windows 10 Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for 32-bit Systems" "version_value": "Windows 10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for x64-based Systems" "version_value": "Windows 10 Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Windows Server 2016" "version_value": "Windows Server 2016"
} }
] ]
} }
}, },
{ {
"product_name" : "Internet Explorer 10", "product_name": "Internet Explorer 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows Server 2012" "version_value": "Windows Server 2012"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298." "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287", "name": "1041256",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287" "url": "http://www.securitytracker.com/id/1041256"
}, },
{ {
"name" : "104634", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/104634" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287"
}, },
{ {
"name" : "1041256", "name": "104634",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1041256" "url": "http://www.securityfocus.com/bid/104634"
}, },
{ {
"name" : "1041258", "name": "1041258",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041258" "url": "http://www.securitytracker.com/id/1041258"
} }
] ]
} }

182
2018/8xxx/CVE-2018-8393.json
View File

@ -1,215 +1,215 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8393", "ID": "CVE-2018-8393",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 7", "product_name": "Windows 7",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 1" "version_value": "32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012 R2", "product_name": "Windows Server 2012 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows RT 8.1", "product_name": "Windows RT 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008", "product_name": "Windows Server 2008",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 2" "version_value": "32-bit Systems Service Pack 2"
}, },
{ {
"version_value" : "32-bit Systems Service Pack 2 (Server Core installation)" "version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
}, },
{ {
"version_value" : "Itanium-Based Systems Service Pack 2" "version_value": "Itanium-Based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2" "version_value": "x64-based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2 (Server Core installation)" "version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012", "product_name": "Windows Server 2012",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 8.1", "product_name": "Windows 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit systems" "version_value": "32-bit systems"
}, },
{ {
"version_value" : "x64-based systems" "version_value": "x64-based systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008 R2", "product_name": "Windows Server 2008 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Itanium-Based Systems Service Pack 1" "version_value": "Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1 (Server Core installation)" "version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems" "version_value": "32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "x64-based Systems" "version_value": "x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8392." "value": "A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8392."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8393", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8393",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8393" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8393"
}, },
{ {
"name" : "105214", "name": "105214",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/105214" "url": "http://www.securityfocus.com/bid/105214"
}, },
{ {
"name" : "1041625", "name": "1041625",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041625" "url": "http://www.securitytracker.com/id/1041625"
} }
] ]
} }

22
2018/8xxx/CVE-2018-8667.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8667", "ID": "CVE-2018-8667",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/8xxx/CVE-2018-8753.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8753", "ID": "CVE-2018-8753",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack." "value": "The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html", "name": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html" "url": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html"
}, },
{ {
"name" : "https://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1", "name": "https://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1" "url": "https://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1"
} }
] ]
} }

88
2018/8xxx/CVE-2018-8855.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-07-19T00:00:00", "DATE_PUBLIC": "2018-07-19T00:00:00",
"ID" : "CVE-2018-8855", "ID": "CVE-2018-8855",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SmartServer 1", "product_name": "SmartServer 1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions" "version_value": "all versions"
} }
] ]
} }
}, },
{ {
"product_name" : "SmartServer 2", "product_name": "SmartServer 2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions prior to release 4.11.007" "version_value": "all versions prior to release 4.11.007"
} }
] ]
} }
}, },
{ {
"product_name" : "i.LON 100", "product_name": "i.LON 100",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions" "version_value": "all versions"
} }
] ]
} }
}, },
{ {
"product_name" : "i.LON 600", "product_name": "i.LON 600",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions" "version_value": "all versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Echelon" "vendor_name": "Echelon"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware updates by unsecure FTP." "value": "Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware updates by unsecure FTP."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319" "value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03"
} }
] ]
} }