From 5635bc37c63afab851a445f417e34754f2198d9c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:21:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2003/1xxx/CVE-2003-1258.json | 130 ++++----- 2004/0xxx/CVE-2004-0205.json | 200 ++++++------- 2004/0xxx/CVE-2004-0270.json | 170 +++++------ 2004/0xxx/CVE-2004-0520.json | 260 ++++++++--------- 2004/0xxx/CVE-2004-0654.json | 170 +++++------ 2004/0xxx/CVE-2004-0811.json | 180 ++++++------ 2004/1xxx/CVE-2004-1355.json | 180 ++++++------ 2004/1xxx/CVE-2004-1357.json | 180 ++++++------ 2004/1xxx/CVE-2004-1407.json | 160 +++++----- 2004/1xxx/CVE-2004-1536.json | 160 +++++----- 2004/1xxx/CVE-2004-1719.json | 230 +++++++-------- 2004/2xxx/CVE-2004-2547.json | 180 ++++++------ 2004/2xxx/CVE-2004-2557.json | 200 ++++++------- 2004/2xxx/CVE-2004-2647.json | 170 +++++------ 2008/2xxx/CVE-2008-2202.json | 160 +++++----- 2008/2xxx/CVE-2008-2246.json | 200 ++++++------- 2008/2xxx/CVE-2008-2386.json | 34 +-- 2008/2xxx/CVE-2008-2927.json | 420 +++++++++++++------------- 2008/3xxx/CVE-2008-3103.json | 520 ++++++++++++++++----------------- 2008/3xxx/CVE-2008-3671.json | 130 ++++----- 2008/3xxx/CVE-2008-3694.json | 290 +++++++++--------- 2008/6xxx/CVE-2008-6032.json | 140 ++++----- 2008/6xxx/CVE-2008-6705.json | 170 +++++------ 2008/6xxx/CVE-2008-6773.json | 150 +++++----- 2008/6xxx/CVE-2008-6829.json | 130 ++++----- 2008/6xxx/CVE-2008-6963.json | 150 +++++----- 2012/5xxx/CVE-2012-5231.json | 140 ++++----- 2012/5xxx/CVE-2012-5480.json | 150 +++++----- 2012/5xxx/CVE-2012-5576.json | 220 +++++++------- 2017/11xxx/CVE-2017-11087.json | 132 ++++----- 2017/11xxx/CVE-2017-11938.json | 34 +-- 2017/14xxx/CVE-2017-14673.json | 34 +-- 2017/14xxx/CVE-2017-14717.json | 130 ++++----- 2017/14xxx/CVE-2017-14750.json | 34 +-- 2017/14xxx/CVE-2017-14931.json | 130 ++++----- 2017/15xxx/CVE-2017-15021.json | 140 ++++----- 2017/15xxx/CVE-2017-15453.json | 34 +-- 2017/15xxx/CVE-2017-15462.json | 34 +-- 2017/15xxx/CVE-2017-15677.json | 34 +-- 2017/15xxx/CVE-2017-15720.json | 122 ++++---- 2017/3xxx/CVE-2017-3931.json | 34 +-- 2017/8xxx/CVE-2017-8030.json | 34 +-- 2017/8xxx/CVE-2017-8032.json | 120 ++++---- 2017/8xxx/CVE-2017-8228.json | 34 +-- 2017/8xxx/CVE-2017-8299.json | 34 +-- 2017/8xxx/CVE-2017-8716.json | 142 ++++----- 2018/12xxx/CVE-2018-12215.json | 122 ++++---- 2018/12xxx/CVE-2018-12275.json | 34 +-- 2018/12xxx/CVE-2018-12475.json | 34 +-- 2018/12xxx/CVE-2018-12667.json | 120 ++++---- 2018/12xxx/CVE-2018-12676.json | 34 +-- 2018/13xxx/CVE-2018-13080.json | 120 ++++---- 2018/13xxx/CVE-2018-13128.json | 130 ++++----- 2018/13xxx/CVE-2018-13408.json | 120 ++++---- 2018/13xxx/CVE-2018-13856.json | 34 +-- 2018/16xxx/CVE-2018-16348.json | 120 ++++---- 2018/16xxx/CVE-2018-16668.json | 130 ++++----- 2018/16xxx/CVE-2018-16758.json | 140 ++++----- 2018/17xxx/CVE-2018-17617.json | 130 ++++----- 2018/17xxx/CVE-2018-17708.json | 34 +-- 2018/4xxx/CVE-2018-4124.json | 170 +++++------ 2018/4xxx/CVE-2018-4564.json | 34 +-- 2018/4xxx/CVE-2018-4676.json | 34 +-- 63 files changed, 4185 insertions(+), 4185 deletions(-) diff --git a/2003/1xxx/CVE-2003-1258.json b/2003/1xxx/CVE-2003-1258.json index 6e9a56a3e4c..dc43b37a651 100644 --- a/2003/1xxx/CVE-2003-1258.json +++ b/2003/1xxx/CVE-2003-1258.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030110 vulnerability in versatile BulletinBoard Allows Gaining Administrative Privileges.", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0017.html" - }, - { - "name" : "vbb-unauthorized-privileges(11044)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/11044.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vbb-unauthorized-privileges(11044)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/11044.php" + }, + { + "name": "20030110 vulnerability in versatile BulletinBoard Allows Gaining Administrative Privileges.", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0017.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0205.json b/2004/0xxx/CVE-2004-0205.json index 87ed1c4b709..67acad4d02f 100644 --- a/2004/0xxx/CVE-2004-0205.json +++ b/2004/0xxx/CVE-2004-0205.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0205", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0205", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS04-021", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-021" - }, - { - "name" : "TA04-196A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA04-196A.html" - }, - { - "name" : "VU#717748", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/717748" - }, - { - "name" : "O-179", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/o-179.shtml" - }, - { - "name" : "10706", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10706" - }, - { - "name" : "7799", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7799" - }, - { - "name" : "oval:org.mitre.oval:def:2204", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2204" - }, - { - "name" : "12061", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12061" - }, - { - "name" : "iis-redirect-bo(16578)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16578" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA04-196A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA04-196A.html" + }, + { + "name": "10706", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10706" + }, + { + "name": "7799", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7799" + }, + { + "name": "12061", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12061" + }, + { + "name": "MS04-021", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-021" + }, + { + "name": "oval:org.mitre.oval:def:2204", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2204" + }, + { + "name": "iis-redirect-bo(16578)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16578" + }, + { + "name": "O-179", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/o-179.shtml" + }, + { + "name": "VU#717748", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/717748" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0270.json b/2004/0xxx/CVE-2004-0270.json index 4b9e5792833..b28a199b1dc 100644 --- a/2004/0xxx/CVE-2004-0270.json +++ b/2004/0xxx/CVE-2004-0270.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0270", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0270", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040209 clamav 0.65 remote DOS exploit", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107634700823822&w=2" - }, - { - "name" : "http://www.freebsd.org/cgi/query-pr.cgi?pr=62586", - "refsource" : "CONFIRM", - "url" : "http://www.freebsd.org/cgi/query-pr.cgi?pr=62586" - }, - { - "name" : "GLSA-200402-07", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200402-07.xml" - }, - { - "name" : "clam-antivirus-uuencoded-dos(15077)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15077" - }, - { - "name" : "9610", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9610" - }, - { - "name" : "3894", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200402-07", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200402-07.xml" + }, + { + "name": "http://www.freebsd.org/cgi/query-pr.cgi?pr=62586", + "refsource": "CONFIRM", + "url": "http://www.freebsd.org/cgi/query-pr.cgi?pr=62586" + }, + { + "name": "9610", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9610" + }, + { + "name": "20040209 clamav 0.65 remote DOS exploit", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107634700823822&w=2" + }, + { + "name": "3894", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3894" + }, + { + "name": "clam-antivirus-uuencoded-dos(15077)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15077" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0520.json b/2004/0xxx/CVE-2004-0520.json index 0284647eaa1..7ac454cd020 100644 --- a/2004/0xxx/CVE-2004-0520.json +++ b/2004/0xxx/CVE-2004-0520.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0520", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0520", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108611554415078&w=2" - }, - { - "name" : "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt", - "refsource" : "MISC", - "url" : "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" - }, - { - "name" : "[squirrelmail-cvs] 20040523 [SM-CVS] CVS: squirrelmail/functions mime.php,1.265.2.27,1.265.2.28", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=squirrelmail-cvs&m=108532891231712" - }, - { - "name" : "CLA-2004:858", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858" - }, - { - "name" : "DSA-535", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2004/dsa-535" - }, - { - "name" : "FEDORA-2004-1733", - "refsource" : "FEDORA", - "url" : "https://bugzilla.fedora.us/show_bug.cgi?id=1733" - }, - { - "name" : "FEDORA-2004-160", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/advisories/6827" - }, - { - "name" : "GLSA-200406-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" - }, - { - "name" : "RHSA-2004:240", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2004-240.html" - }, - { - "name" : "20040604-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" - }, - { - "name" : "10439", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10439" - }, - { - "name" : "oval:org.mitre.oval:def:1012", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" - }, - { - "name" : "oval:org.mitre.oval:def:10766", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" - }, - { - "name" : "11870", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11870" - }, - { - "name" : "12289", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12289" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt", + "refsource": "MISC", + "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" + }, + { + "name": "12289", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12289" + }, + { + "name": "oval:org.mitre.oval:def:1012", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" + }, + { + "name": "oval:org.mitre.oval:def:10766", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" + }, + { + "name": "GLSA-200406-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" + }, + { + "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108611554415078&w=2" + }, + { + "name": "FEDORA-2004-160", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/advisories/6827" + }, + { + "name": "11870", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11870" + }, + { + "name": "DSA-535", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2004/dsa-535" + }, + { + "name": "RHSA-2004:240", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" + }, + { + "name": "FEDORA-2004-1733", + "refsource": "FEDORA", + "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" + }, + { + "name": "10439", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10439" + }, + { + "name": "20040604-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" + }, + { + "name": "CLA-2004:858", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858" + }, + { + "name": "[squirrelmail-cvs] 20040523 [SM-CVS] CVS: squirrelmail/functions mime.php,1.265.2.27,1.265.2.28", + "refsource": "MLIST", + "url": "http://marc.info/?l=squirrelmail-cvs&m=108532891231712" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0654.json b/2004/0xxx/CVE-2004-0654.json index ca2ef097c67..190beab0ffe 100644 --- a/2004/0xxx/CVE-2004-0654.json +++ b/2004/0xxx/CVE-2004-0654.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#901582", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/901582" - }, - { - "name" : "57497", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57497" - }, - { - "name" : "10594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10594" - }, - { - "name" : "oval:org.mitre.oval:def:2426", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2426" - }, - { - "name" : "11930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11930/" - }, - { - "name" : "solaris-bsm-audit-dos(16483)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:2426", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2426" + }, + { + "name": "VU#901582", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/901582" + }, + { + "name": "10594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10594" + }, + { + "name": "solaris-bsm-audit-dos(16483)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16483" + }, + { + "name": "11930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11930/" + }, + { + "name": "57497", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57497" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0811.json b/2004/0xxx/CVE-2004-0811.json index bc752baf92d..bcc80aef3cb 100644 --- a/2004/0xxx/CVE-2004-0811.json +++ b/2004/0xxx/CVE-2004-0811.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in Apache 2.0.51 prevents \"the merging of the Satisfy directive,\" which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.apacheweek.com/features/security-20", - "refsource" : "CONFIRM", - "url" : "http://www.apacheweek.com/features/security-20" - }, - { - "name" : "http://www.apache.org/dist/httpd/patches/apply_to_2.0.51/CAN-2004-0811.patch", - "refsource" : "CONFIRM", - "url" : "http://www.apache.org/dist/httpd/patches/apply_to_2.0.51/CAN-2004-0811.patch" - }, - { - "name" : "FEDORA-2004-313", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/updates/FEDORA-2004-313.shtml" - }, - { - "name" : "GLSA-200409-33", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200409-33.xml" - }, - { - "name" : "2004-0049", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2004/0049" - }, - { - "name" : "11239", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11239" - }, - { - "name" : "apache-satisfy-gain-access(17473)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17473" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in Apache 2.0.51 prevents \"the merging of the Satisfy directive,\" which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2004-0049", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2004/0049" + }, + { + "name": "http://www.apache.org/dist/httpd/patches/apply_to_2.0.51/CAN-2004-0811.patch", + "refsource": "CONFIRM", + "url": "http://www.apache.org/dist/httpd/patches/apply_to_2.0.51/CAN-2004-0811.patch" + }, + { + "name": "11239", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11239" + }, + { + "name": "FEDORA-2004-313", + "refsource": "FEDORA", + "url": "http://fedoranews.org/updates/FEDORA-2004-313.shtml" + }, + { + "name": "GLSA-200409-33", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200409-33.xml" + }, + { + "name": "apache-satisfy-gain-access(17473)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17473" + }, + { + "name": "http://www.apacheweek.com/features/security-20", + "refsource": "CONFIRM", + "url": "http://www.apacheweek.com/features/security-20" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1355.json b/2004/1xxx/CVE-2004-1355.json index da521f2d33b..d2ee117cda6 100644 --- a/2004/1xxx/CVE-2004-1355.json +++ b/2004/1xxx/CVE-2004-1355.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "57545", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57545-1&searchclause=%22category:security%22%20%20111313-02" - }, - { - "name" : "ESB-2004.0308", - "refsource" : "AUSCERT", - "url" : "http://www.auscert.org.au/render.html?it=4057" - }, - { - "name" : "oval:org.mitre.oval:def:2972", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2972" - }, - { - "name" : "11483", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11483/" - }, - { - "name" : "10216", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10216" - }, - { - "name" : "solaris-tcp-ip-dos(15955)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15955" - }, - { - "name" : "5665", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/displayvuln.php?osvdb_id=5665" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "solaris-tcp-ip-dos(15955)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15955" + }, + { + "name": "57545", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57545-1&searchclause=%22category:security%22%20%20111313-02" + }, + { + "name": "11483", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11483/" + }, + { + "name": "5665", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=5665" + }, + { + "name": "oval:org.mitre.oval:def:2972", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2972" + }, + { + "name": "ESB-2004.0308", + "refsource": "AUSCERT", + "url": "http://www.auscert.org.au/render.html?it=4057" + }, + { + "name": "10216", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10216" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1357.json b/2004/1xxx/CVE-2004-1357.json index 71412b6020f..dd2fa9c712d 100644 --- a/2004/1xxx/CVE-2004-1357.json +++ b/2004/1xxx/CVE-2004-1357.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1357", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1357", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "57538", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57538-1" - }, - { - "name" : "VU#737548", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/737548" - }, - { - "name" : "ESB-2004.0263", - "refsource" : "AUSCERT", - "url" : "http://www.auscert.org.au/render.html?it=4003" - }, - { - "name" : "oval:org.mitre.oval:def:3505", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3505" - }, - { - "name" : "11316", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11316/" - }, - { - "name" : "10080", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10080" - }, - { - "name" : "solaris-sshd-log-bypass(15784)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "57538", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57538-1" + }, + { + "name": "solaris-sshd-log-bypass(15784)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15784" + }, + { + "name": "VU#737548", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/737548" + }, + { + "name": "oval:org.mitre.oval:def:3505", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3505" + }, + { + "name": "10080", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10080" + }, + { + "name": "11316", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11316/" + }, + { + "name": "ESB-2004.0263", + "refsource": "AUSCERT", + "url": "http://www.auscert.org.au/render.html?it=4003" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1407.json b/2004/1xxx/CVE-2004-1407.json index b4f13045613..ae6a20b1b8a 100644 --- a/2004/1xxx/CVE-2004-1407.json +++ b/2004/1xxx/CVE-2004-1407.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041216 [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110323479715051&w=2" - }, - { - "name" : "http://www.security.org.sg/vuln/singapore0910.html", - "refsource" : "MISC", - "url" : "http://www.security.org.sg/vuln/singapore0910.html" - }, - { - "name" : "11990", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11990" - }, - { - "name" : "singapore-thumb-directory-traversal(18528)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18528" - }, - { - "name" : "singapore-adminclass-directory-traversal(18532)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20041216 [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110323479715051&w=2" + }, + { + "name": "singapore-thumb-directory-traversal(18528)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18528" + }, + { + "name": "singapore-adminclass-directory-traversal(18532)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18532" + }, + { + "name": "http://www.security.org.sg/vuln/singapore0910.html", + "refsource": "MISC", + "url": "http://www.security.org.sg/vuln/singapore0910.html" + }, + { + "name": "11990", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11990" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1536.json b/2004/1xxx/CVE-2004-1536.json index 905f328140b..7e312db48ae 100644 --- a/2004/1xxx/CVE-2004-1536.json +++ b/2004/1xxx/CVE-2004-1536.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1536", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1536", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041120 IpbProArace 2.5.x SQL injection.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110098512318132&w=2" - }, - { - "name" : "11719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11719" - }, - { - "name" : "1012292", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1012292" - }, - { - "name" : "13260", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13260" - }, - { - "name" : "ibproarcade-category-sql-injection(18180)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18180" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "13260", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13260" + }, + { + "name": "11719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11719" + }, + { + "name": "1012292", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1012292" + }, + { + "name": "ibproarcade-category-sql-injection(18180)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18180" + }, + { + "name": "20041120 IpbProArace 2.5.x SQL injection.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110098512318132&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1719.json b/2004/1xxx/CVE-2004-1719.json index 88d3e653913..1692a72f5ac 100644 --- a/2004/1xxx/CVE-2004-1719.json +++ b/2004/1xxx/CVE-2004-1719.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1719", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an tag, or (15) the subject of an e-mail message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1719", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040817 Vulnerabilities in Merak Webmail Server", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109279057326044&w=2" - }, - { - "name" : "http://packetstormsecurity.nl/0408-exploits/merak527.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.nl/0408-exploits/merak527.txt" - }, - { - "name" : "10966", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10966" - }, - { - "name" : "9037", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/9037" - }, - { - "name" : "9038", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/9038" - }, - { - "name" : "9039", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/9039" - }, - { - "name" : "9040", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/9040" - }, - { - "name" : "9041", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/9041" - }, - { - "name" : "9042", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/9042" - }, - { - "name" : "1010969", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1010969" - }, - { - "name" : "12269", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12269" - }, - { - "name" : "merak-xss(17024)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an tag, or (15) the subject of an e-mail message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.nl/0408-exploits/merak527.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.nl/0408-exploits/merak527.txt" + }, + { + "name": "10966", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10966" + }, + { + "name": "1010969", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1010969" + }, + { + "name": "20040817 Vulnerabilities in Merak Webmail Server", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109279057326044&w=2" + }, + { + "name": "9040", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/9040" + }, + { + "name": "9041", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/9041" + }, + { + "name": "9037", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/9037" + }, + { + "name": "9042", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/9042" + }, + { + "name": "12269", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12269" + }, + { + "name": "9038", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/9038" + }, + { + "name": "9039", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/9039" + }, + { + "name": "merak-xss(17024)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17024" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2547.json b/2004/2xxx/CVE-2004-2547.json index 3b2cb45259c..62a7715eac3 100644 --- a/2004/2xxx/CVE-2004-2547.json +++ b/2004/2xxx/CVE-2004-2547.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040603 Surgemail - Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0056.html" - }, - { - "name" : "http://www.exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt", - "refsource" : "MISC", - "url" : "http://www.exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt" - }, - { - "name" : "http://www.netwinsite.com/surgemail/help/updates.htm", - "refsource" : "CONFIRM", - "url" : "http://www.netwinsite.com/surgemail/help/updates.htm" - }, - { - "name" : "10483", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10483" - }, - { - "name" : "6745", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6745" - }, - { - "name" : "11772", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11772" - }, - { - "name" : "surgemail-invalid-path-disclosure(16319)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16319" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "surgemail-invalid-path-disclosure(16319)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16319" + }, + { + "name": "6745", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6745" + }, + { + "name": "10483", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10483" + }, + { + "name": "http://www.exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt", + "refsource": "MISC", + "url": "http://www.exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt" + }, + { + "name": "20040603 Surgemail - Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0056.html" + }, + { + "name": "11772", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11772" + }, + { + "name": "http://www.netwinsite.com/surgemail/help/updates.htm", + "refsource": "CONFIRM", + "url": "http://www.netwinsite.com/surgemail/help/updates.htm" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2557.json b/2004/2xxx/CVE-2004-2557.json index 6612d087dc9..d3b299e89fa 100644 --- a/2004/2xxx/CVE-2004-2557.json +++ b/2004/2xxx/CVE-2004-2557.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username \"superman\" and password \"21241036\", which allows remote attackers to modify the configuration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040603 Netgear WG602 Accesspoint vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2004-06/0036.html" - }, - { - "name" : "20040605 Re: Netgear WG602 Accesspoint vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/365230" - }, - { - "name" : "http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172", - "refsource" : "MISC", - "url" : "http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172" - }, - { - "name" : "http://kbserver.netgear.com/kb_web_files/n101383.asp", - "refsource" : "CONFIRM", - "url" : "http://kbserver.netgear.com/kb_web_files/n101383.asp" - }, - { - "name" : "O-159", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/o-159.shtml" - }, - { - "name" : "10459", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10459" - }, - { - "name" : "6743", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6743" - }, - { - "name" : "11773", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11773" - }, - { - "name" : "netgearwg602-default-account(16312)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16312" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username \"superman\" and password \"21241036\", which allows remote attackers to modify the configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040605 Re: Netgear WG602 Accesspoint vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/365230" + }, + { + "name": "10459", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10459" + }, + { + "name": "20040603 Netgear WG602 Accesspoint vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0036.html" + }, + { + "name": "netgearwg602-default-account(16312)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16312" + }, + { + "name": "http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172", + "refsource": "MISC", + "url": "http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172" + }, + { + "name": "http://kbserver.netgear.com/kb_web_files/n101383.asp", + "refsource": "CONFIRM", + "url": "http://kbserver.netgear.com/kb_web_files/n101383.asp" + }, + { + "name": "6743", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6743" + }, + { + "name": "O-159", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/o-159.shtml" + }, + { + "name": "11773", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11773" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2647.json b/2004/2xxx/CVE-2004-2647.json index 7331f1a8fec..c41cbd11a05 100644 --- a/2004/2xxx/CVE-2004-2647.json +++ b/2004/2xxx/CVE-2004-2647.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040804 Multiple Vulnerabilities in Free Web Chat", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109164397601049&w=2" - }, - { - "name" : "20040804 Multiple Vulnerabilities in Free Web Chat", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0102.html" - }, - { - "name" : "10863", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10863" - }, - { - "name" : "8370", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/8370" - }, - { - "name" : "1010851", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/alerts/2004/Aug/1010851.html" - }, - { - "name" : "freewebchat-mult-connection-dos(16901)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16901" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040804 Multiple Vulnerabilities in Free Web Chat", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109164397601049&w=2" + }, + { + "name": "10863", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10863" + }, + { + "name": "1010851", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/alerts/2004/Aug/1010851.html" + }, + { + "name": "freewebchat-mult-connection-dos(16901)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16901" + }, + { + "name": "20040804 Multiple Vulnerabilities in Free Web Chat", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0102.html" + }, + { + "name": "8370", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/8370" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2202.json b/2008/2xxx/CVE-2008-2202.json index eed5c1dd04d..63a184e8d86 100644 --- a/2008/2xxx/CVE-2008-2202.json +++ b/2008/2xxx/CVE-2008-2202.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080505 Maian Uploader v4.0 XSS Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/491599/100/0/threaded" - }, - { - "name" : "29051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29051" - }, - { - "name" : "30096", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30096" - }, - { - "name" : "3882", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3882" - }, - { - "name" : "maian-uploader-index-header-xss(42203)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080505 Maian Uploader v4.0 XSS Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/491599/100/0/threaded" + }, + { + "name": "30096", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30096" + }, + { + "name": "3882", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3882" + }, + { + "name": "maian-uploader-index-header-xss(42203)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42203" + }, + { + "name": "29051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29051" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2246.json b/2008/2xxx/CVE-2008-2246.json index 7549eb69263..d64fd9f2ce0 100644 --- a/2008/2xxx/CVE-2008-2246.json +++ b/2008/2xxx/CVE-2008-2246.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2246", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2008-2246", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBST02360", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=121915960406986&w=2" - }, - { - "name" : "SSRT080117", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=121915960406986&w=2" - }, - { - "name" : "MS08-047", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-047" - }, - { - "name" : "TA08-225A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-225A.html" - }, - { - "name" : "30634", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30634" - }, - { - "name" : "oval:org.mitre.oval:def:6060", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6060" - }, - { - "name" : "ADV-2008-2351", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2351" - }, - { - "name" : "1020678", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020678" - }, - { - "name" : "31411", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31411" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:6060", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6060" + }, + { + "name": "TA08-225A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html" + }, + { + "name": "HPSBST02360", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2" + }, + { + "name": "SSRT080117", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2" + }, + { + "name": "31411", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31411" + }, + { + "name": "MS08-047", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-047" + }, + { + "name": "ADV-2008-2351", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2351" + }, + { + "name": "1020678", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020678" + }, + { + "name": "30634", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30634" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2386.json b/2008/2xxx/CVE-2008-2386.json index d2a85915ad6..98869085f36 100644 --- a/2008/2xxx/CVE-2008-2386.json +++ b/2008/2xxx/CVE-2008-2386.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2386", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2386", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2927.json b/2008/2xxx/CVE-2008-2927.json index 3e6d7431577..37cb65878f7 100644 --- a/2008/2xxx/CVE-2008-2927.json +++ b/2008/2xxx/CVE-2008-2927.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2927", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-2927", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080625 Pidgin 2.4.1 Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/493682" - }, - { - "name" : "20080806 rPSA-2008-0246-1 gaim", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/495165/100/0/threaded" - }, - { - "name" : "20080828 ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/495818/100/0/threaded" - }, - { - "name" : "[oss-security] 20080703 Re: Re: CVE Request (pidgin)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2008/07/04/1" - }, - { - "name" : "[oss-security] 20080704 Re: Re: CVE Request (pidgin)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2008/07/03/6" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-054", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-054" - }, - { - "name" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c", - "refsource" : "CONFIRM", - "url" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c" - }, - { - "name" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c", - "refsource" : "CONFIRM", - "url" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=453764", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=453764" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2647", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2647" - }, - { - "name" : "http://www.pidgin.im/news/security/?id=25", - "refsource" : "CONFIRM", - "url" : "http://www.pidgin.im/news/security/?id=25" - }, - { - "name" : "DSA-1610", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1610" - }, - { - "name" : "MDVSA-2008:143", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143" - }, - { - "name" : "MDVSA-2009:127", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127" - }, - { - "name" : "RHSA-2008:0584", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0584.html" - }, - { - "name" : "USN-675-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-675-1" - }, - { - "name" : "USN-675-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-675-2" - }, - { - "name" : "29956", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29956" - }, - { - "name" : "oval:org.mitre.oval:def:11695", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695" - }, - { - "name" : "oval:org.mitre.oval:def:17972", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972" - }, - { - "name" : "32859", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32859" - }, - { - "name" : "32861", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32861" - }, - { - "name" : "ADV-2008-2032", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2032/references" - }, - { - "name" : "1020451", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020451" - }, - { - "name" : "30971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30971" - }, - { - "name" : "31016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31016" - }, - { - "name" : "31105", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31105" - }, - { - "name" : "31387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31387" - }, - { - "name" : "31642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31642" - }, - { - "name" : "adium-msnprotocol-code-execution(44774)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-675-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-675-2" + }, + { + "name": "[oss-security] 20080703 Re: Re: CVE Request (pidgin)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2008/07/04/1" + }, + { + "name": "RHSA-2008:0584", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0584.html" + }, + { + "name": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c", + "refsource": "CONFIRM", + "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c" + }, + { + "name": "32861", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32861" + }, + { + "name": "1020451", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020451" + }, + { + "name": "30971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30971" + }, + { + "name": "oval:org.mitre.oval:def:11695", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695" + }, + { + "name": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c", + "refsource": "CONFIRM", + "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c" + }, + { + "name": "29956", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29956" + }, + { + "name": "MDVSA-2008:143", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143" + }, + { + "name": "oval:org.mitre.oval:def:17972", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2647", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2647" + }, + { + "name": "MDVSA-2009:127", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127" + }, + { + "name": "[oss-security] 20080704 Re: Re: CVE Request (pidgin)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2008/07/03/6" + }, + { + "name": "31105", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31105" + }, + { + "name": "http://www.pidgin.im/news/security/?id=25", + "refsource": "CONFIRM", + "url": "http://www.pidgin.im/news/security/?id=25" + }, + { + "name": "USN-675-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-675-1" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-054", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-054" + }, + { + "name": "31642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31642" + }, + { + "name": "32859", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32859" + }, + { + "name": "31387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31387" + }, + { + "name": "DSA-1610", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1610" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=453764", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764" + }, + { + "name": "31016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31016" + }, + { + "name": "20080828 ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/495818/100/0/threaded" + }, + { + "name": "adium-msnprotocol-code-execution(44774)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774" + }, + { + "name": "ADV-2008-2032", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2032/references" + }, + { + "name": "20080625 Pidgin 2.4.1 Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/493682" + }, + { + "name": "20080806 rPSA-2008-0246-1 gaim", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/495165/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3103.json b/2008/3xxx/CVE-2008-3103.json index b5faeb5db26..a82b5cbd3d8 100644 --- a/2008/3xxx/CVE-2008-3103.json +++ b/2008/3xxx/CVE-2008-3103.json @@ -1,262 +1,262 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=122331139823057&w=2" - }, - { - "name" : "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497041/100/0/threaded" - }, - { - "name" : "http://support.apple.com/kb/HT3178", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3178" - }, - { - "name" : "http://support.apple.com/kb/HT3179", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3179" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0016.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0016.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm" - }, - { - "name" : "APPLE-SA-2008-09-24", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" - }, - { - "name" : "GLSA-200911-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" - }, - { - "name" : "RHSA-2008:0594", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0594.html" - }, - { - "name" : "RHSA-2008:0595", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0595.html" - }, - { - "name" : "RHSA-2008:0891", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0891.html" - }, - { - "name" : "RHSA-2008:1044", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-1044.html" - }, - { - "name" : "RHSA-2008:1045", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-1045.html" - }, - { - "name" : "RHSA-2008:0906", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0906.html" - }, - { - "name" : "RHSA-2009:0466", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2009-0466.html" - }, - { - "name" : "238965", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238965-1" - }, - { - "name" : "SUSE-SA:2008:042", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html" - }, - { - "name" : "SUSE-SR:2008:022", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html" - }, - { - "name" : "TA08-193A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-193A.html" - }, - { - "name" : "30146", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30146" - }, - { - "name" : "oval:org.mitre.oval:def:10920", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10920" - }, - { - "name" : "34972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34972" - }, - { - "name" : "37386", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37386" - }, - { - "name" : "ADV-2008-2056", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2056/references" - }, - { - "name" : "ADV-2008-2740", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2740" - }, - { - "name" : "1020458", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020458" - }, - { - "name" : "31010", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31010" - }, - { - "name" : "31055", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31055" - }, - { - "name" : "31497", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31497" - }, - { - "name" : "31600", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31600" - }, - { - "name" : "32018", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32018" - }, - { - "name" : "32180", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32180" - }, - { - "name" : "32179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32179" - }, - { - "name" : "32436", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32436" - }, - { - "name" : "32437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32437" - }, - { - "name" : "33237", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33237" - }, - { - "name" : "33238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33238" - }, - { - "name" : "32394", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32394" - }, - { - "name" : "sun-jmx-security-bypass(43669)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43669" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to \"perform unauthorized operations\" via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1020458", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020458" + }, + { + "name": "RHSA-2008:1044", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html" + }, + { + "name": "32394", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32394" + }, + { + "name": "APPLE-SA-2008-09-24", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" + }, + { + "name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=122331139823057&w=2" + }, + { + "name": "32436", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32436" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm" + }, + { + "name": "sun-jmx-security-bypass(43669)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43669" + }, + { + "name": "31600", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31600" + }, + { + "name": "SUSE-SA:2008:042", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html" + }, + { + "name": "32018", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32018" + }, + { + "name": "GLSA-200911-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" + }, + { + "name": "32179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32179" + }, + { + "name": "ADV-2008-2740", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2740" + }, + { + "name": "33237", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33237" + }, + { + "name": "ADV-2008-2056", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2056/references" + }, + { + "name": "31055", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31055" + }, + { + "name": "32180", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32180" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html" + }, + { + "name": "34972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34972" + }, + { + "name": "RHSA-2009:0466", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2009-0466.html" + }, + { + "name": "238965", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238965-1" + }, + { + "name": "http://support.apple.com/kb/HT3178", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3178" + }, + { + "name": "RHSA-2008:0594", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html" + }, + { + "name": "32437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32437" + }, + { + "name": "SUSE-SR:2008:022", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html" + }, + { + "name": "31497", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31497" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm" + }, + { + "name": "RHSA-2008:0891", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0891.html" + }, + { + "name": "RHSA-2008:1045", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-1045.html" + }, + { + "name": "30146", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30146" + }, + { + "name": "33238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33238" + }, + { + "name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded" + }, + { + "name": "RHSA-2008:0906", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html" + }, + { + "name": "TA08-193A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html" + }, + { + "name": "37386", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37386" + }, + { + "name": "http://support.apple.com/kb/HT3179", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3179" + }, + { + "name": "oval:org.mitre.oval:def:10920", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10920" + }, + { + "name": "RHSA-2008:0595", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html" + }, + { + "name": "31010", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31010" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3671.json b/2008/3xxx/CVE-2008-3671.json index 93e5889364a..676f1127f54 100644 --- a/2008/3xxx/CVE-2008-3671.json +++ b/2008/3xxx/CVE-2008-3671.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3671", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3671", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "30456", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30456" - }, - { - "name" : "30856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30856" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30456", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30456" + }, + { + "name": "30856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30856" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3694.json b/2008/3xxx/CVE-2008-3694.json index 85567e44fea..e2b360ac657 100644 --- a/2008/3xxx/CVE-2008-3694.json +++ b/2008/3xxx/CVE-2008-3694.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3694", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3694", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/495869/100/0/threaded" - }, - { - "name" : "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" - }, - { - "name" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" - }, - { - "name" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" - }, - { - "name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" - }, - { - "name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" - }, - { - "name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" - }, - { - "name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" - }, - { - "name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" - }, - { - "name" : "30934", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30934" - }, - { - "name" : "ADV-2008-2466", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2466" - }, - { - "name" : "1020791", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020791" - }, - { - "name" : "31707", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31707" - }, - { - "name" : "31708", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31708" - }, - { - "name" : "31709", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31709" - }, - { - "name" : "31710", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31710" - }, - { - "name" : "4202", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4202" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" + }, + { + "name": "31709", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31709" + }, + { + "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" + }, + { + "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" + }, + { + "name": "1020791", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020791" + }, + { + "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" + }, + { + "name": "31710", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31710" + }, + { + "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" + }, + { + "name": "30934", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30934" + }, + { + "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" + }, + { + "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" + }, + { + "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" + }, + { + "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" + }, + { + "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" + }, + { + "name": "31707", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31707" + }, + { + "name": "31708", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31708" + }, + { + "name": "4202", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4202" + }, + { + "name": "ADV-2008-2466", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2466" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6032.json b/2008/6xxx/CVE-2008-6032.json index 9f7e4ab2385..73aba4fc409 100644 --- a/2008/6xxx/CVE-2008-6032.json +++ b/2008/6xxx/CVE-2008-6032.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6529", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6529" - }, - { - "name" : "ADV-2008-2656", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2656" - }, - { - "name" : "wsnlinks-id-sql-injection(48534)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48534" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wsnlinks-id-sql-injection(48534)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48534" + }, + { + "name": "6529", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6529" + }, + { + "name": "ADV-2008-2656", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2656" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6705.json b/2008/6xxx/CVE-2008-6705.json index 3d04de2180b..b285b5668a7 100644 --- a/2008/6xxx/CVE-2008-6705.json +++ b/2008/6xxx/CVE-2008-6705.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080628 Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/493765" - }, - { - "name" : "http://aluigi.altervista.org/adv/stalker39x-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/stalker39x-adv.txt" - }, - { - "name" : "29997", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29997" - }, - { - "name" : "46628", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46628" - }, - { - "name" : "30891", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30891" - }, - { - "name" : "stalker-multipacketreceiver-dos(43458)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43458" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://aluigi.altervista.org/adv/stalker39x-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/stalker39x-adv.txt" + }, + { + "name": "46628", + "refsource": "OSVDB", + "url": "http://osvdb.org/46628" + }, + { + "name": "20080628 Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/493765" + }, + { + "name": "stalker-multipacketreceiver-dos(43458)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43458" + }, + { + "name": "29997", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29997" + }, + { + "name": "30891", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30891" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6773.json b/2008/6xxx/CVE-2008-6773.json index 5f754dbe25b..79bd9b983a6 100644 --- a/2008/6xxx/CVE-2008-6773.json +++ b/2008/6xxx/CVE-2008-6773.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary PHP code into user/internettoolbar/index.php via the (1) fav1_url, (2) fav1_name, (3) fav2_url, (4) fav2_name, (5) fav3_url, (6) fav3_name, (7) fav4_url, (8) fav4_name, (9) fav5_url, or (10) fav5_name parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7545", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7545" - }, - { - "name" : "32971", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32971" - }, - { - "name" : "33272", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33272" - }, - { - "name" : "yourplace-edit-code-execution(47562)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47562" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary PHP code into user/internettoolbar/index.php via the (1) fav1_url, (2) fav1_name, (3) fav2_url, (4) fav2_name, (5) fav3_url, (6) fav3_name, (7) fav4_url, (8) fav4_name, (9) fav5_url, or (10) fav5_name parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32971", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32971" + }, + { + "name": "7545", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7545" + }, + { + "name": "33272", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33272" + }, + { + "name": "yourplace-edit-code-execution(47562)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47562" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6829.json b/2008/6xxx/CVE-2008-6829.json index 6a39cce5101..9c16db6d7eb 100644 --- a/2008/6xxx/CVE-2008-6829.json +++ b/2008/6xxx/CVE-2008-6829.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6829", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a \"/\\/\" (forward slash, backward slash, forward slash). NOTE: this might be the same issue as CVE-2008-2031." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6829", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6834", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6834" - }, - { - "name" : "ADV-2008-2927", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a \"/\\/\" (forward slash, backward slash, forward slash). NOTE: this might be the same issue as CVE-2008-2031." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6834", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6834" + }, + { + "name": "ADV-2008-2927", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2927" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6963.json b/2008/6xxx/CVE-2008-6963.json index 9867f3f7271..2947bfb7938 100644 --- a/2008/6xxx/CVE-2008-6963.json +++ b/2008/6xxx/CVE-2008-6963.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7118", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7118" - }, - { - "name" : "32302", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32302" - }, - { - "name" : "49868", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/49868" - }, - { - "name" : "32732", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32732" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32732", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32732" + }, + { + "name": "49868", + "refsource": "OSVDB", + "url": "http://osvdb.org/49868" + }, + { + "name": "7118", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7118" + }, + { + "name": "32302", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32302" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5231.json b/2012/5xxx/CVE-2012-5231.json index a16bea0c1d7..dfde898eae4 100644 --- a/2012/5xxx/CVE-2012-5231.json +++ b/2012/5xxx/CVE-2012-5231.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5231", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) update.php when writing files to content/, or (b) updatenews.php when writing files to content/news/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "18410", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18410" - }, - { - "name" : "51612", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/51612" - }, - { - "name" : "minicms-content-code-injection(72645)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72645" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) update.php when writing files to content/, or (b) updatenews.php when writing files to content/news/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18410", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18410" + }, + { + "name": "minicms-content-code-injection(72645)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72645" + }, + { + "name": "51612", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/51612" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5480.json b/2012/5xxx/CVE-2012-5480.json index 496ab7dd870..ac5cce2ba72 100644 --- a/2012/5xxx/CVE-2012-5480.json +++ b/2012/5xxx/CVE-2012-5480.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-5480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20121119 Moodle security notifications public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2012/11/19/1" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=216160", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=216160" - }, - { - "name" : "56505", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56505" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56505", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56505" + }, + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=216160", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=216160" + }, + { + "name": "[oss-security] 20121119 Moodle security notifications public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2012/11/19/1" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5576.json b/2012/5xxx/CVE-2012-5576.json index 3019c42af6a..ab638875090 100644 --- a/2012/5xxx/CVE-2012-5576.json +++ b/2012/5xxx/CVE-2012-5576.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5576", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-5576", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20121126 Re: CVE Request: Gimp memory corruption vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/11/27/1" - }, - { - "name" : "http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=687392", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=687392" - }, - { - "name" : "MDVSA-2013:082", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:082" - }, - { - "name" : "openSUSE-SU-2012:1623", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html" - }, - { - "name" : "openSUSE-SU-2013:0123", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html" - }, - { - "name" : "USN-1659-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1659-1" - }, - { - "name" : "56647", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56647" - }, - { - "name" : "50296", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50296" - }, - { - "name" : "51479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51479" - }, - { - "name" : "51528", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "51479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51479" + }, + { + "name": "51528", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51528" + }, + { + "name": "http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1" + }, + { + "name": "[oss-security] 20121126 Re: CVE Request: Gimp memory corruption vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/11/27/1" + }, + { + "name": "MDVSA-2013:082", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:082" + }, + { + "name": "USN-1659-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1659-1" + }, + { + "name": "56647", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56647" + }, + { + "name": "openSUSE-SU-2013:0123", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html" + }, + { + "name": "openSUSE-SU-2012:1623", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html" + }, + { + "name": "50296", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50296" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=687392", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=687392" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11087.json b/2017/11xxx/CVE-2017-11087.json index e9f856cf318..1ae37943bfe 100644 --- a/2017/11xxx/CVE-2017-11087.json +++ b/2017/11xxx/CVE-2017-11087.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-03-26T00:00:00", - "ID" : "CVE-2017-11087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the \"filled length\", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Over-read in Video" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-03-26T00:00:00", + "ID": "CVE-2017-11087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android for MSM, Firefox OS for MSM, QRD Android", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2018-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2018-02-01" - }, - { - "name" : "103669", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103669" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the \"filled length\", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Over-read in Video" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2018-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2018-02-01" + }, + { + "name": "103669", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103669" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11938.json b/2017/11xxx/CVE-2017-11938.json index d0147c8604a..e6347c9abbb 100644 --- a/2017/11xxx/CVE-2017-11938.json +++ b/2017/11xxx/CVE-2017-11938.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11938", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11938", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14673.json b/2017/14xxx/CVE-2017-14673.json index cc6cfc18fd7..ebfacb70a7f 100644 --- a/2017/14xxx/CVE-2017-14673.json +++ b/2017/14xxx/CVE-2017-14673.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14673", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-14673", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14717.json b/2017/14xxx/CVE-2017-14717.json index 81263f736a4..f248abf4c5a 100644 --- a/2017/14xxx/CVE-2017-14717.json +++ b/2017/14xxx/CVE-2017-14717.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14717", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42950", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42950/" - }, - { - "name" : "https://forum.epesibim.com/d/4956-security-issue-multiple-stored-xss-in-epesi-version-1-8-2-rev20170830", - "refsource" : "MISC", - "url" : "https://forum.epesibim.com/d/4956-security-issue-multiple-stored-xss-in-epesi-version-1-8-2-rev20170830" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://forum.epesibim.com/d/4956-security-issue-multiple-stored-xss-in-epesi-version-1-8-2-rev20170830", + "refsource": "MISC", + "url": "https://forum.epesibim.com/d/4956-security-issue-multiple-stored-xss-in-epesi-version-1-8-2-rev20170830" + }, + { + "name": "42950", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42950/" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14750.json b/2017/14xxx/CVE-2017-14750.json index bc583f3ca47..cf49c96c277 100644 --- a/2017/14xxx/CVE-2017-14750.json +++ b/2017/14xxx/CVE-2017-14750.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14750", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14750", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14931.json b/2017/14xxx/CVE-2017-14931.json index 12688e4b77b..59f2f44503c 100644 --- a/2017/14xxx/CVE-2017-14931.json +++ b/2017/14xxx/CVE-2017-14931.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14931", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted JPEG file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14931", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://seclists.org/fulldisclosure/2017/Sep/34", - "refsource" : "MISC", - "url" : "http://seclists.org/fulldisclosure/2017/Sep/34" - }, - { - "name" : "https://github.com/skysider/openexif_vulnerabilities", - "refsource" : "MISC", - "url" : "https://github.com/skysider/openexif_vulnerabilities" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted JPEG file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/skysider/openexif_vulnerabilities", + "refsource": "MISC", + "url": "https://github.com/skysider/openexif_vulnerabilities" + }, + { + "name": "http://seclists.org/fulldisclosure/2017/Sep/34", + "refsource": "MISC", + "url": "http://seclists.org/fulldisclosure/2017/Sep/34" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15021.json b/2017/15xxx/CVE-2017-15021.json index e0045089e0c..448a8bfd79a 100644 --- a/2017/15xxx/CVE-2017-15021.json +++ b/2017/15xxx/CVE-2017-15021.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15021", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15021", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22197", - "refsource" : "MISC", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22197" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d", - "refsource" : "MISC", - "url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22197", + "refsource": "MISC", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22197" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d", + "refsource": "MISC", + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15453.json b/2017/15xxx/CVE-2017-15453.json index 609b0e2dad8..649ede9f79b 100644 --- a/2017/15xxx/CVE-2017-15453.json +++ b/2017/15xxx/CVE-2017-15453.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15453", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-15453", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15462.json b/2017/15xxx/CVE-2017-15462.json index cb28392752c..e577407dc5a 100644 --- a/2017/15xxx/CVE-2017-15462.json +++ b/2017/15xxx/CVE-2017-15462.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15462", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-15462", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15677.json b/2017/15xxx/CVE-2017-15677.json index 3da55b9ae93..27d8acb0635 100644 --- a/2017/15xxx/CVE-2017-15677.json +++ b/2017/15xxx/CVE-2017-15677.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15677", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15677", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15720.json b/2017/15xxx/CVE-2017-15720.json index b97b0c11b7c..5637fafb8ef 100644 --- a/2017/15xxx/CVE-2017-15720.json +++ b/2017/15xxx/CVE-2017-15720.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2019-01-08T00:00:00", - "ID" : "CVE-2017-15720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache Airflow", - "version" : { - "version_data" : [ - { - "version_value" : "Apache Airflow <= 1.8.2" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Apache Airflow 1.8.2 and earlier, an authenticated user can execute code remotely on the Airflow webserver by creating a special object." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote code execution (RCE)" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "DATE_PUBLIC": "2019-01-08T00:00:00", + "ID": "CVE-2017-15720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Airflow", + "version": { + "version_data": [ + { + "version_value": "Apache Airflow <= 1.8.2" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://lists.apache.org/thread.html/ade4d54ebf614f68dc81a08891755e60ea58ba88e0209233eeea5f57@%3Cdev.airflow.apache.org%3E", - "refsource" : "MISC", - "url" : "https://lists.apache.org/thread.html/ade4d54ebf614f68dc81a08891755e60ea58ba88e0209233eeea5f57@%3Cdev.airflow.apache.org%3E" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Apache Airflow 1.8.2 and earlier, an authenticated user can execute code remotely on the Airflow webserver by creating a special object." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution (RCE)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://lists.apache.org/thread.html/ade4d54ebf614f68dc81a08891755e60ea58ba88e0209233eeea5f57@%3Cdev.airflow.apache.org%3E", + "refsource": "MISC", + "url": "https://lists.apache.org/thread.html/ade4d54ebf614f68dc81a08891755e60ea58ba88e0209233eeea5f57@%3Cdev.airflow.apache.org%3E" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3931.json b/2017/3xxx/CVE-2017-3931.json index 41e460d6a68..7e679dac779 100644 --- a/2017/3xxx/CVE-2017-3931.json +++ b/2017/3xxx/CVE-2017-3931.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3931", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-3931", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8030.json b/2017/8xxx/CVE-2017-8030.json index 0ff04c8ce70..7d700c28acd 100644 --- a/2017/8xxx/CVE-2017-8030.json +++ b/2017/8xxx/CVE-2017-8030.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8030", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-8030", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8032.json b/2017/8xxx/CVE-2017-8032.json index b2116a64e50..7b22d859f03 100644 --- a/2017/8xxx/CVE-2017-8032.json +++ b/2017/8xxx/CVE-2017-8032.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2017-8032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Foundry", - "version" : { - "version_data" : [ - { - "version_value" : "Cloud Foundry" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Admin Privilege Escalation" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2017-8032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cloud Foundry", + "version": { + "version_data": [ + { + "version_value": "Cloud Foundry" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.cloudfoundry.org/cve-2017-8032/", - "refsource" : "CONFIRM", - "url" : "https://www.cloudfoundry.org/cve-2017-8032/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Admin Privilege Escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cloudfoundry.org/cve-2017-8032/", + "refsource": "CONFIRM", + "url": "https://www.cloudfoundry.org/cve-2017-8032/" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8228.json b/2017/8xxx/CVE-2017-8228.json index 659929e2bcf..1a69e4504eb 100644 --- a/2017/8xxx/CVE-2017-8228.json +++ b/2017/8xxx/CVE-2017-8228.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8228", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8228", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8299.json b/2017/8xxx/CVE-2017-8299.json index c135edb6514..b72bbcfcc17 100644 --- a/2017/8xxx/CVE-2017-8299.json +++ b/2017/8xxx/CVE-2017-8299.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8299", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8299", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8716.json b/2017/8xxx/CVE-2017-8716.json index d253f71141a..a6aa4ddbbdf 100644 --- a/2017/8xxx/CVE-2017-8716.json +++ b/2017/8xxx/CVE-2017-8716.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2017-09-12T00:00:00", - "ID" : "CVE-2017-8716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows Control Flow Guard", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Windows 10 Version 1703" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles objects in memory, aka \"Windows Security Feature Bypass Vulnerability\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2017-09-12T00:00:00", + "ID": "CVE-2017-8716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows Control Flow Guard", + "version": { + "version_data": [ + { + "version_value": "Microsoft Windows 10 Version 1703" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8716", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8716" - }, - { - "name" : "100802", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100802" - }, - { - "name" : "1039325", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles objects in memory, aka \"Windows Security Feature Bypass Vulnerability\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "100802", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100802" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8716", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8716" + }, + { + "name": "1039325", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039325" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12215.json b/2018/12xxx/CVE-2018-12215.json index 34772b113e4..5c500ad1b2d 100644 --- a/2018/12xxx/CVE-2018-12215.json +++ b/2018/12xxx/CVE-2018-12215.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2019-03-12T00:00:00", - "ID" : "CVE-2018-12215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Intel(R) Graphics Driver for Windows", - "version" : { - "version_data" : [ - { - "version_value" : "Multiple versions." - } - ] - } - } - ] - }, - "vendor_name" : "Intel Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2019-03-12T00:00:00", + "ID": "CVE-2018-12215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Driver for Windows", + "version": { + "version_data": [ + { + "version_value": "Multiple versions." + } + ] + } + } + ] + }, + "vendor_name": "Intel Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12275.json b/2018/12xxx/CVE-2018-12275.json index 0e0906c1dc4..7d74982859c 100644 --- a/2018/12xxx/CVE-2018-12275.json +++ b/2018/12xxx/CVE-2018-12275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12275", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12275", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12475.json b/2018/12xxx/CVE-2018-12475.json index d138cfa1737..c06245de7a9 100644 --- a/2018/12xxx/CVE-2018-12475.json +++ b/2018/12xxx/CVE-2018-12475.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12475", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12475", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12667.json b/2018/12xxx/CVE-2018-12667.json index 52476fae9eb..da91372aac7 100644 --- a/2018/12xxx/CVE-2018-12667.json +++ b/2018/12xxx/CVE-2018-12667.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the configuration. The vulnerability affects all versions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/", - "refsource" : "MISC", - "url" : "https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the configuration. The vulnerability affects all versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/", + "refsource": "MISC", + "url": "https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12676.json b/2018/12xxx/CVE-2018-12676.json index 5731feb2f3f..37cfa5a6eb3 100644 --- a/2018/12xxx/CVE-2018-12676.json +++ b/2018/12xxx/CVE-2018-12676.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12676", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12676", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13080.json b/2018/13xxx/CVE-2018-13080.json index 617a7592ebe..8ef1f4ba244 100644 --- a/2018/13xxx/CVE-2018-13080.json +++ b/2018/13xxx/CVE-2018-13080.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13080", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for Goutex (GTX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13080", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/VenusADLab/EtherTokens/blob/master/Goutex/Goutex.md", - "refsource" : "MISC", - "url" : "https://github.com/VenusADLab/EtherTokens/blob/master/Goutex/Goutex.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for Goutex (GTX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/VenusADLab/EtherTokens/blob/master/Goutex/Goutex.md", + "refsource": "MISC", + "url": "https://github.com/VenusADLab/EtherTokens/blob/master/Goutex/Goutex.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13128.json b/2018/13xxx/CVE-2018-13128.json index d2b06e0a818..2097877b8e4 100644 --- a/2018/13xxx/CVE-2018-13128.json +++ b/2018/13xxx/CVE-2018-13128.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/dwfault/AirTokens/blob/master/SPXToken/mint%20interger%20overflow.md", - "refsource" : "MISC", - "url" : "https://github.com/dwfault/AirTokens/blob/master/SPXToken/mint%20interger%20overflow.md" - }, - { - "name" : "https://github.com/dwfault/AirTokens/tree/master/ETY", - "refsource" : "MISC", - "url" : "https://github.com/dwfault/AirTokens/tree/master/ETY" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/dwfault/AirTokens/blob/master/SPXToken/mint%20interger%20overflow.md", + "refsource": "MISC", + "url": "https://github.com/dwfault/AirTokens/blob/master/SPXToken/mint%20interger%20overflow.md" + }, + { + "name": "https://github.com/dwfault/AirTokens/tree/master/ETY", + "refsource": "MISC", + "url": "https://github.com/dwfault/AirTokens/tree/master/ETY" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13408.json b/2018/13xxx/CVE-2018-13408.json index 86104e38e21..4b4c1f41e33 100644 --- a/2018/13xxx/CVE-2018-13408.json +++ b/2018/13xxx/CVE-2018-13408.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13408", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Jirafeau before 3.4.1. The \"search file by link\" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.bishopfox.com/news/2018/06/jirafeau-version-3-3-0-multiple-vulnerabilities/", - "refsource" : "MISC", - "url" : "https://www.bishopfox.com/news/2018/06/jirafeau-version-3-3-0-multiple-vulnerabilities/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Jirafeau before 3.4.1. The \"search file by link\" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.bishopfox.com/news/2018/06/jirafeau-version-3-3-0-multiple-vulnerabilities/", + "refsource": "MISC", + "url": "https://www.bishopfox.com/news/2018/06/jirafeau-version-3-3-0-multiple-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13856.json b/2018/13xxx/CVE-2018-13856.json index fb40e6fc1a5..fdefb3be60e 100644 --- a/2018/13xxx/CVE-2018-13856.json +++ b/2018/13xxx/CVE-2018-13856.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13856", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13856", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16348.json b/2018/16xxx/CVE-2018-16348.json index 534e6ed7382..92d2cab5304 100644 --- a/2018/16xxx/CVE-2018-16348.json +++ b/2018/16xxx/CVE-2018-16348.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Jas0nwhy/vulnerability/blob/master/Seacmsxss.md", - "refsource" : "MISC", - "url" : "https://github.com/Jas0nwhy/vulnerability/blob/master/Seacmsxss.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Jas0nwhy/vulnerability/blob/master/Seacmsxss.md", + "refsource": "MISC", + "url": "https://github.com/Jas0nwhy/vulnerability/blob/master/Seacmsxss.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16668.json b/2018/16xxx/CVE-2018-16668.json index 9807626c826..8e23818149c 100644 --- a/2018/16xxx/CVE-2018-16668.json +++ b/2018/16xxx/CVE-2018-16668.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16668", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16668", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45384", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45384/" - }, - { - "name" : "https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life", - "refsource" : "MISC", - "url" : "https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45384", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45384/" + }, + { + "name": "https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life", + "refsource": "MISC", + "url": "https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16758.json b/2018/16xxx/CVE-2018-16758.json index 07a91d66c6b..1e018491480 100644 --- a/2018/16xxx/CVE-2018-16758.json +++ b/2018/16xxx/CVE-2018-16758.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tinc-vpn.org/security/", - "refsource" : "CONFIRM", - "url" : "http://tinc-vpn.org/security/" - }, - { - "name" : "http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=e97943b7cc9c851ae36f5a41e2b6102faa74193f", - "refsource" : "CONFIRM", - "url" : "http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=e97943b7cc9c851ae36f5a41e2b6102faa74193f" - }, - { - "name" : "DSA-4312", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4312" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://tinc-vpn.org/security/", + "refsource": "CONFIRM", + "url": "http://tinc-vpn.org/security/" + }, + { + "name": "http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=e97943b7cc9c851ae36f5a41e2b6102faa74193f", + "refsource": "CONFIRM", + "url": "http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=e97943b7cc9c851ae36f5a41e2b6102faa74193f" + }, + { + "name": "DSA-4312", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4312" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17617.json b/2018/17xxx/CVE-2018-17617.json index ade21443cc4..f2a4c09c9ad 100644 --- a/2018/17xxx/CVE-2018-17617.json +++ b/2018/17xxx/CVE-2018-17617.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "zdi-disclosures@trendmicro.com", - "ID" : "CVE-2018-17617", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Foxit Reader", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.1.5096" - } - ] - } - } - ] - }, - "vendor_name" : "Foxit" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of onFocus events. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6335." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-416-Use After Free" - } + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2018-17617", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Foxit Reader", + "version": { + "version_data": [ + { + "version_value": "9.0.1.5096" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://zerodayinitiative.com/advisories/ZDI-18-1098", - "refsource" : "MISC", - "url" : "https://zerodayinitiative.com/advisories/ZDI-18-1098" - }, - { - "name" : "https://www.foxitsoftware.com/support/security-bulletins.php", - "refsource" : "CONFIRM", - "url" : "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of onFocus events. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6335." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416-Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "CONFIRM", + "url": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "name": "https://zerodayinitiative.com/advisories/ZDI-18-1098", + "refsource": "MISC", + "url": "https://zerodayinitiative.com/advisories/ZDI-18-1098" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17708.json b/2018/17xxx/CVE-2018-17708.json index da647499fbd..773789fc47d 100644 --- a/2018/17xxx/CVE-2018-17708.json +++ b/2018/17xxx/CVE-2018-17708.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17708", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17708", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4124.json b/2018/4xxx/CVE-2018-4124.json index dcf57117233..871e784a002 100644 --- a/2018/4xxx/CVE-2018-4124.json +++ b/2018/4xxx/CVE-2018-4124.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2018-4124", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the \"CoreText\" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2018-4124", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nakedsecurity.sophos.com/2018/02/20/apple-fixes-that-1-character-to-crash-your-mac-and-iphone-bug/", - "refsource" : "MISC", - "url" : "https://nakedsecurity.sophos.com/2018/02/20/apple-fixes-that-1-character-to-crash-your-mac-and-iphone-bug/" - }, - { - "name" : "https://support.apple.com/HT208534", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208534" - }, - { - "name" : "https://support.apple.com/HT208535", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208535" - }, - { - "name" : "https://support.apple.com/HT208536", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208536" - }, - { - "name" : "https://support.apple.com/HT208537", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208537" - }, - { - "name" : "1040396", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the \"CoreText\" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT208534", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208534" + }, + { + "name": "https://support.apple.com/HT208537", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208537" + }, + { + "name": "https://support.apple.com/HT208535", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208535" + }, + { + "name": "1040396", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040396" + }, + { + "name": "https://nakedsecurity.sophos.com/2018/02/20/apple-fixes-that-1-character-to-crash-your-mac-and-iphone-bug/", + "refsource": "MISC", + "url": "https://nakedsecurity.sophos.com/2018/02/20/apple-fixes-that-1-character-to-crash-your-mac-and-iphone-bug/" + }, + { + "name": "https://support.apple.com/HT208536", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208536" + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4564.json b/2018/4xxx/CVE-2018-4564.json index 81eeab01392..d2e4c6209b5 100644 --- a/2018/4xxx/CVE-2018-4564.json +++ b/2018/4xxx/CVE-2018-4564.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4564", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4564", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4676.json b/2018/4xxx/CVE-2018-4676.json index 229604330a1..f0ec7cddd93 100644 --- a/2018/4xxx/CVE-2018-4676.json +++ b/2018/4xxx/CVE-2018-4676.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4676", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4676", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file