diff --git a/2006/5xxx/CVE-2006-5526.json b/2006/5xxx/CVE-2006-5526.json index 7a2a35e9c05..b77bca869c2 100644 --- a/2006/5xxx/CVE-2006-5526.json +++ b/2006/5xxx/CVE-2006-5526.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5526", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter in (a) faq.php, (b) index.php, (c) list.php, (d) login.php, (e) playlist.php, (f) song.php, (g) gen_m3u.php, (h) view_artist.php, (i) view_song.php, (j) flash/set_na.php, (k) flash/initialise.php, (l) flash/get_song.php, (m) includes/common.php, (n) admin/nav.php, (o) admin/main.php, (p) admin/list_artists.php, (q) admin/index.php, (r) admin/genres.php, (s) admin/edit_artist.php, (t) admin/edit_album.php, (u) admin/config.php, and (v) admin/admin_status.php in player/, different vectors than CVE-2006-3045. NOTE: CVE analysis as of 20061026 indicates that files in the admin/ and flash/ directories define foing_root_path before use." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5526", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2621", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2621" - }, - { - "name" : "ADV-2006-4165", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4165" - }, - { - "name" : "30035", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/30035" - }, - { - "name" : "22499", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22499" - }, - { - "name" : "phpbb-foing-file-include(29718)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29718" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter in (a) faq.php, (b) index.php, (c) list.php, (d) login.php, (e) playlist.php, (f) song.php, (g) gen_m3u.php, (h) view_artist.php, (i) view_song.php, (j) flash/set_na.php, (k) flash/initialise.php, (l) flash/get_song.php, (m) includes/common.php, (n) admin/nav.php, (o) admin/main.php, (p) admin/list_artists.php, (q) admin/index.php, (r) admin/genres.php, (s) admin/edit_artist.php, (t) admin/edit_album.php, (u) admin/config.php, and (v) admin/admin_status.php in player/, different vectors than CVE-2006-3045. NOTE: CVE analysis as of 20061026 indicates that files in the admin/ and flash/ directories define foing_root_path before use." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4165", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4165" + }, + { + "name": "phpbb-foing-file-include(29718)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29718" + }, + { + "name": "30035", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/30035" + }, + { + "name": "22499", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22499" + }, + { + "name": "2621", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2621" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5587.json b/2006/5xxx/CVE-2006-5587.json index d7cb2e55c2a..6d0a9b15a0e 100644 --- a/2006/5xxx/CVE-2006-5587.json +++ b/2006/5xxx/CVE-2006-5587.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5587", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admin/inc/organisations/form_org.inc.php and (2) admin/inc/organisations/country_insert.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5587", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2626", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2626" - }, - { - "name" : "20687", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20687" - }, - { - "name" : "ADV-2006-4214", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4214" - }, - { - "name" : "22561", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22561" - }, - { - "name" : "mdweb132-chemin-file-include(29721)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29721" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admin/inc/organisations/form_org.inc.php and (2) admin/inc/organisations/country_insert.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20687", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20687" + }, + { + "name": "2626", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2626" + }, + { + "name": "ADV-2006-4214", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4214" + }, + { + "name": "mdweb132-chemin-file-include(29721)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29721" + }, + { + "name": "22561", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22561" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5983.json b/2006/5xxx/CVE-2006-5983.json index 4294aaee9f0..5b8452fc2e7 100644 --- a/2006/5xxx/CVE-2006-5983.json +++ b/2006/5xxx/CVE-2006-5983.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5983", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (c) CMD_TICKET_CREATE or (d) CMD_TICKET, the (3) user parameter to (e) CMD_EMAIL_FORWARDER_MODIFY, (f) CMD_EMAIL_VACATION_MODIFY, or (g) CMD_FTP_SHOW, and the (4) name parameter to (h) CMD_EMAIL_LIST in the User level; or the (5) user parameter to (i) CMD_SHOW_USER in the Reseller level." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5983", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061112 DirectAdmin Multiple Cross Site Scription", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451376/100/0/threaded" - }, - { - "name" : "http://aria-security.net/advisory/directadmin.txt", - "refsource" : "MISC", - "url" : "http://aria-security.net/advisory/directadmin.txt" - }, - { - "name" : "21049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21049" - }, - { - "name" : "1885", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1885" - }, - { - "name" : "directadmin-user-xss(30256)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (c) CMD_TICKET_CREATE or (d) CMD_TICKET, the (3) user parameter to (e) CMD_EMAIL_FORWARDER_MODIFY, (f) CMD_EMAIL_VACATION_MODIFY, or (g) CMD_FTP_SHOW, and the (4) name parameter to (h) CMD_EMAIL_LIST in the User level; or the (5) user parameter to (i) CMD_SHOW_USER in the Reseller level." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21049" + }, + { + "name": "directadmin-user-xss(30256)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30256" + }, + { + "name": "http://aria-security.net/advisory/directadmin.txt", + "refsource": "MISC", + "url": "http://aria-security.net/advisory/directadmin.txt" + }, + { + "name": "20061112 DirectAdmin Multiple Cross Site Scription", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451376/100/0/threaded" + }, + { + "name": "1885", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1885" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2327.json b/2007/2xxx/CVE-2007-2327.json index ee628feddc9..eff3f1d048a 100644 --- a/2007/2xxx/CVE-2007-2327.json +++ b/2007/2xxx/CVE-2007-2327.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settings[app_dir] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070425 HTMLeditbox & 2.2 >> RFI", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466841/100/0/threaded" - }, - { - "name" : "23664", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23664" - }, - { - "name" : "35525", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35525" - }, - { - "name" : "2635", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2635" - }, - { - "name" : "htmleditbox-editor-file-include(33875)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33875" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settings[app_dir] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23664", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23664" + }, + { + "name": "20070425 HTMLeditbox & 2.2 >> RFI", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466841/100/0/threaded" + }, + { + "name": "35525", + "refsource": "OSVDB", + "url": "http://osvdb.org/35525" + }, + { + "name": "2635", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2635" + }, + { + "name": "htmleditbox-editor-file-include(33875)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33875" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2342.json b/2007/2xxx/CVE-2007-2342.json index 31464f07d26..cd92e58c631 100644 --- a/2007/2xxx/CVE-2007-2342.json +++ b/2007/2xxx/CVE-2007-2342.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3767", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3767" - }, - { - "name" : "23564", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23564" - }, - { - "name" : "ADV-2007-1476", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1476" - }, - { - "name" : "35638", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35638" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1476", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1476" + }, + { + "name": "35638", + "refsource": "OSVDB", + "url": "http://osvdb.org/35638" + }, + { + "name": "3767", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3767" + }, + { + "name": "23564", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23564" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2567.json b/2007/2xxx/CVE-2007-2567.json index 5f6395ca387..2ccddd4c8cb 100644 --- a/2007/2xxx/CVE-2007-2567.json +++ b/2007/2xxx/CVE-2007-2567.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2567", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2567", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070505 Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467822/100/0/threaded" - }, - { - "name" : "ADV-2007-1705", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1705" - }, - { - "name" : "34336", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34336" - }, - { - "name" : "25180", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25180" - }, - { - "name" : "2683", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2683" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070505 Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467822/100/0/threaded" + }, + { + "name": "2683", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2683" + }, + { + "name": "34336", + "refsource": "OSVDB", + "url": "http://osvdb.org/34336" + }, + { + "name": "25180", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25180" + }, + { + "name": "ADV-2007-1705", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1705" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2827.json b/2007/2xxx/CVE-2007-2827.json index 9fadb906228..8dea3c18588 100644 --- a/2007/2xxx/CVE-2007-2827.json +++ b/2007/2xxx/CVE-2007-2827.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2827", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html", - "refsource" : "MISC", - "url" : "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html" - }, - { - "name" : "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html", - "refsource" : "MISC", - "url" : "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html" - }, - { - "name" : "24093", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24093" - }, - { - "name" : "ADV-2007-1900", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1900" - }, - { - "name" : "36032", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36032" - }, - { - "name" : "25349", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25349" - }, - { - "name" : "leadtools-isis-activex-bo(34437)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34437" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24093", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24093" + }, + { + "name": "25349", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25349" + }, + { + "name": "ADV-2007-1900", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1900" + }, + { + "name": "36032", + "refsource": "OSVDB", + "url": "http://osvdb.org/36032" + }, + { + "name": "leadtools-isis-activex-bo(34437)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34437" + }, + { + "name": "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html", + "refsource": "MISC", + "url": "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html" + }, + { + "name": "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html", + "refsource": "MISC", + "url": "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2869.json b/2007/2xxx/CVE-2007-2869.json index 12ed946398d..0f969233436 100644 --- a/2007/2xxx/CVE-2007-2869.json +++ b/2007/2xxx/CVE-2007-2869.json @@ -1,217 +1,217 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2869", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-2869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070531 FLEA-2007-0023-1: firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470172/100/200/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1424", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1424" - }, - { - "name" : "DSA-1306", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1306" - }, - { - "name" : "DSA-1308", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1308" - }, - { - "name" : "GLSA-200706-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200706-06.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:120", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120" - }, - { - "name" : "MDKSA-2007:126", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126" - }, - { - "name" : "RHSA-2007:0400", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0400.html" - }, - { - "name" : "RHSA-2007:0401", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0401.html" - }, - { - "name" : "RHSA-2007:0402", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0402.html" - }, - { - "name" : "SSA:2007-152-02", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857" - }, - { - "name" : "SUSE-SA:2007:036", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html" - }, - { - "name" : "USN-468-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-468-1" - }, - { - "name" : "TA07-151A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-151A.html" - }, - { - "name" : "24242", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24242" - }, - { - "name" : "35135", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35135" - }, - { - "name" : "oval:org.mitre.oval:def:11208", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11208" - }, - { - "name" : "ADV-2007-1994", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1994" - }, - { - "name" : "1018154", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018154" - }, - { - "name" : "25476", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25476" - }, - { - "name" : "25533", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25533" - }, - { - "name" : "25635", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25635" - }, - { - "name" : "25647", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25647" - }, - { - "name" : "25685", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25685" - }, - { - "name" : "25534", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25534" - }, - { - "name" : "25490", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25490" - }, - { - "name" : "25750", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25750" - }, - { - "name" : "25858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25858" - }, - { - "name" : "firefox-autocomplete-dos(34612)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34612" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html" + }, + { + "name": "DSA-1308", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1308" + }, + { + "name": "MDKSA-2007:120", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120" + }, + { + "name": "20070531 FLEA-2007-0023-1: firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded" + }, + { + "name": "25647", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25647" + }, + { + "name": "firefox-autocomplete-dos(34612)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34612" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "SUSE-SA:2007:036", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html" + }, + { + "name": "GLSA-200706-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml" + }, + { + "name": "25635", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25635" + }, + { + "name": "25534", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25534" + }, + { + "name": "ADV-2007-1994", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1994" + }, + { + "name": "RHSA-2007:0400", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html" + }, + { + "name": "SSA:2007-152-02", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857" + }, + { + "name": "25533", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25533" + }, + { + "name": "oval:org.mitre.oval:def:11208", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11208" + }, + { + "name": "DSA-1306", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1306" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1424", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1424" + }, + { + "name": "25858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25858" + }, + { + "name": "USN-468-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-468-1" + }, + { + "name": "RHSA-2007:0401", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html" + }, + { + "name": "25476", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25476" + }, + { + "name": "MDKSA-2007:126", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126" + }, + { + "name": "35135", + "refsource": "OSVDB", + "url": "http://osvdb.org/35135" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "24242", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24242" + }, + { + "name": "25750", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25750" + }, + { + "name": "25490", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25490" + }, + { + "name": "RHSA-2007:0402", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html" + }, + { + "name": "TA07-151A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html" + }, + { + "name": "25685", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25685" + }, + { + "name": "1018154", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018154" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2949.json b/2007/2xxx/CVE-2007-2949.json index 08475e3fab8..01a733013c9 100644 --- a/2007/2xxx/CVE-2007-2949.json +++ b/2007/2xxx/CVE-2007-2949.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2949", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-2949", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2007-63/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-63/advisory/" - }, - { - "name" : "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798", - "refsource" : "CONFIRM", - "url" : "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1487", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1487" - }, - { - "name" : "http://issues.foresightlinux.org/browse/FL-457", - "refsource" : "CONFIRM", - "url" : "http://issues.foresightlinux.org/browse/FL-457" - }, - { - "name" : "DSA-1335", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1335" - }, - { - "name" : "GLSA-200707-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200707-09.xml" - }, - { - "name" : "MDKSA-2007:170", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:170" - }, - { - "name" : "RHSA-2007:0513", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0513.html" - }, - { - "name" : "SSA:2007-222-01", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191" - }, - { - "name" : "103170", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1" - }, - { - "name" : "201320", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1" - }, - { - "name" : "SUSE-SR:2007:015", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html" - }, - { - "name" : "USN-480-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-480-1" - }, - { - "name" : "VU#399896", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/399896" - }, - { - "name" : "24745", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24745" - }, - { - "name" : "37804", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37804" - }, - { - "name" : "oval:org.mitre.oval:def:5772", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772" - }, - { - "name" : "oval:org.mitre.oval:def:11276", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276" - }, - { - "name" : "ADV-2007-2421", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2421" - }, - { - "name" : "ADV-2007-4241", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4241" - }, - { - "name" : "25677", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25677" - }, - { - "name" : "25949", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25949" - }, - { - "name" : "26044", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26044" - }, - { - "name" : "26132", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26132" - }, - { - "name" : "26215", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26215" - }, - { - "name" : "26384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26384" - }, - { - "name" : "26575", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26575" - }, - { - "name" : "26939", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26939" - }, - { - "name" : "28114", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28114" - }, - { - "name" : "gimp-unpackpixeldata-code-execution(35246)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35246" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://secunia.com/secunia_research/2007-63/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-63/advisory/" + }, + { + "name": "25949", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25949" + }, + { + "name": "26044", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26044" + }, + { + "name": "26132", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26132" + }, + { + "name": "gimp-unpackpixeldata-code-execution(35246)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35246" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1487", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1487" + }, + { + "name": "GLSA-200707-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200707-09.xml" + }, + { + "name": "SSA:2007-222-01", + "refsource": "SLACKWARE", + "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191" + }, + { + "name": "26575", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26575" + }, + { + "name": "37804", + "refsource": "OSVDB", + "url": "http://osvdb.org/37804" + }, + { + "name": "oval:org.mitre.oval:def:5772", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772" + }, + { + "name": "26384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26384" + }, + { + "name": "201320", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1" + }, + { + "name": "RHSA-2007:0513", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0513.html" + }, + { + "name": "25677", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25677" + }, + { + "name": "oval:org.mitre.oval:def:11276", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276" + }, + { + "name": "28114", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28114" + }, + { + "name": "ADV-2007-2421", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2421" + }, + { + "name": "26215", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26215" + }, + { + "name": "24745", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24745" + }, + { + "name": "USN-480-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-480-1" + }, + { + "name": "103170", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1" + }, + { + "name": "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798", + "refsource": "CONFIRM", + "url": "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798" + }, + { + "name": "MDKSA-2007:170", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:170" + }, + { + "name": "DSA-1335", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1335" + }, + { + "name": "26939", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26939" + }, + { + "name": "VU#399896", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/399896" + }, + { + "name": "SUSE-SR:2007:015", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html" + }, + { + "name": "ADV-2007-4241", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4241" + }, + { + "name": "http://issues.foresightlinux.org/browse/FL-457", + "refsource": "CONFIRM", + "url": "http://issues.foresightlinux.org/browse/FL-457" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3207.json b/2007/3xxx/CVE-2007-3207.json index 86311154381..7578ea9c5d4 100644 --- a/2007/3xxx/CVE-2007-3207.json +++ b/2007/3xxx/CVE-2007-3207.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3207", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3207", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html" - }, - { - "name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html", - "refsource" : "CONFIRM", - "url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html" - }, - { - "name" : "VU#578105", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/578105" - }, - { - "name" : "24489", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24489" - }, - { - "name" : "ADV-2007-2221", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2221" - }, - { - "name" : "37317", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37317" - }, - { - "name" : "25697", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25697" - }, - { - "name" : "netware-nfs-mount-dos(34878)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24489", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24489" + }, + { + "name": "netware-nfs-mount-dos(34878)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878" + }, + { + "name": "VU#578105", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/578105" + }, + { + "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html", + "refsource": "CONFIRM", + "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html" + }, + { + "name": "37317", + "refsource": "OSVDB", + "url": "http://osvdb.org/37317" + }, + { + "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html" + }, + { + "name": "ADV-2007-2221", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2221" + }, + { + "name": "25697", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25697" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3268.json b/2007/3xxx/CVE-2007-3268.json index 5fe93b7cae2..ec18f183b11 100644 --- a/2007/3xxx/CVE-2007-3268.json +++ b/2007/3xxx/CVE-2007-3268.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg24016347", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24016347" - }, - { - "name" : "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM", - "refsource" : "CONFIRM", - "url" : "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM" - }, - { - "name" : "24942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24942" - }, - { - "name" : "ADV-2007-2560", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2560" - }, - { - "name" : "1018401", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018401" - }, - { - "name" : "26093", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26093" - }, - { - "name" : "tivoli-rembo-dos(35468)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM", + "refsource": "CONFIRM", + "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM" + }, + { + "name": "ADV-2007-2560", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2560" + }, + { + "name": "26093", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26093" + }, + { + "name": "24942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24942" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347" + }, + { + "name": "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560" + }, + { + "name": "1018401", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018401" + }, + { + "name": "tivoli-rembo-dos(35468)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6441.json b/2007/6xxx/CVE-2007-6441.json index 94cf7d03584..eb6e3171703 100644 --- a/2007/6xxx/CVE-2007-6441.json +++ b/2007/6xxx/CVE-2007-6441.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6441", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to \"unaligned access on some platforms.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-6441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080103 rPSA-2008-0004-1 tshark wireshark", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485792/100/0/threaded" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=199958", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=199958" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1975", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1975" - }, - { - "name" : "GLSA-200712-23", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-23.xml" - }, - { - "name" : "MDVSA-2008:001", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001" - }, - { - "name" : "MDVSA-2008:1", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1" - }, - { - "name" : "RHSA-2008:0058", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0058.html" - }, - { - "name" : "SUSE-SR:2008:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" - }, - { - "name" : "27071", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27071" - }, - { - "name" : "oval:org.mitre.oval:def:10452", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10452" - }, - { - "name" : "oval:org.mitre.oval:def:14126", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14126" - }, - { - "name" : "28288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28288" - }, - { - "name" : "27777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27777" - }, - { - "name" : "28304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28304" - }, - { - "name" : "28325", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28325" - }, - { - "name" : "28564", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28564" - }, - { - "name" : "29048", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29048" - }, - { - "name" : "wireshark-wimax-dissector-dos(39183)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39183" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to \"unaligned access on some platforms.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27777" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1975", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1975" + }, + { + "name": "29048", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29048" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2007-03.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2007-03.html" + }, + { + "name": "28564", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28564" + }, + { + "name": "wireshark-wimax-dissector-dos(39183)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39183" + }, + { + "name": "20080103 rPSA-2008-0004-1 tshark wireshark", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485792/100/0/threaded" + }, + { + "name": "GLSA-200712-23", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-23.xml" + }, + { + "name": "28304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28304" + }, + { + "name": "28325", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28325" + }, + { + "name": "oval:org.mitre.oval:def:14126", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14126" + }, + { + "name": "MDVSA-2008:1", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1" + }, + { + "name": "MDVSA-2008:001", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001" + }, + { + "name": "RHSA-2008:0058", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0058.html" + }, + { + "name": "SUSE-SR:2008:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=199958", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=199958" + }, + { + "name": "oval:org.mitre.oval:def:10452", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10452" + }, + { + "name": "27071", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27071" + }, + { + "name": "28288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28288" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0415.json b/2010/0xxx/CVE-2010-0415.json index 72342ecf79d..22fe180afe0 100644 --- a/2010/0xxx/CVE-2010-0415.json +++ b/2010/0xxx/CVE-2010-0415.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "[oss-security] 20100207 CVE request: information leak / potential crash in sys_move_pages", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/07/1" - }, - { - "name" : "[oss-security] 20100207 Re: CVE request: information leak / potential crash in sys_move_pages", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/07/2" - }, - { - "name" : "[oss-security] 20100208 Re: CVE request: information leak / potential crash in sys_move_pages", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/08/2" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=562582", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=562582" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "DSA-1996", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-1996" - }, - { - "name" : "DSA-2005", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2005" - }, - { - "name" : "FEDORA-2010-1787", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html" - }, - { - "name" : "FEDORA-2010-1804", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html" - }, - { - "name" : "MDVSA-2010:066", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:066" - }, - { - "name" : "MDVSA-2010:198", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198" - }, - { - "name" : "RHSA-2010:0161", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0161.html" - }, - { - "name" : "RHSA-2010:0147", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0147.html" - }, - { - "name" : "SUSE-SA:2010:018", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html" - }, - { - "name" : "SUSE-SA:2010:014", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html" - }, - { - "name" : "USN-914-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-914-1" - }, - { - "name" : "38144", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38144" - }, - { - "name" : "oval:org.mitre.oval:def:9399", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399" - }, - { - "name" : "38492", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38492" - }, - { - "name" : "38557", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38557" - }, - { - "name" : "38922", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38922" - }, - { - "name" : "38779", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38779" - }, - { - "name" : "39033", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39033" - }, - { - "name" : "43315", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43315" - }, - { - "name" : "ADV-2010-0638", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0638" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20100207 Re: CVE request: information leak / potential crash in sys_move_pages", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/07/2" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0" + }, + { + "name": "USN-914-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-914-1" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7" + }, + { + "name": "ADV-2010-0638", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0638" + }, + { + "name": "38557", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38557" + }, + { + "name": "RHSA-2010:0147", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0147.html" + }, + { + "name": "oval:org.mitre.oval:def:9399", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399" + }, + { + "name": "FEDORA-2010-1804", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html" + }, + { + "name": "MDVSA-2010:198", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198" + }, + { + "name": "38144", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38144" + }, + { + "name": "38779", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38779" + }, + { + "name": "SUSE-SA:2010:014", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html" + }, + { + "name": "[oss-security] 20100207 CVE request: information leak / potential crash in sys_move_pages", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/07/1" + }, + { + "name": "38922", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38922" + }, + { + "name": "SUSE-SA:2010:018", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html" + }, + { + "name": "DSA-1996", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-1996" + }, + { + "name": "FEDORA-2010-1787", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html" + }, + { + "name": "43315", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43315" + }, + { + "name": "MDVSA-2010:066", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:066" + }, + { + "name": "39033", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39033" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "[oss-security] 20100208 Re: CVE request: information leak / potential crash in sys_move_pages", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/08/2" + }, + { + "name": "DSA-2005", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2005" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + }, + { + "name": "38492", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38492" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=562582", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=562582" + }, + { + "name": "RHSA-2010:0161", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0658.json b/2010/0xxx/CVE-2010-0658.json index bea0f2fbbde..3e3e23bcb32 100644 --- a/2010/0xxx/CVE-2010-0658.json +++ b/2010/0xxx/CVE-2010-0658.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=24071", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=24071" - }, - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=24646", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=24646" - }, - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=8864", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=8864" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html" - }, - { - "name" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs", - "refsource" : "CONFIRM", - "url" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs" - }, - { - "name" : "oval:org.mitre.oval:def:13852", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852" - }, - { - "name" : "1023506", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=8864", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=8864" + }, + { + "name": "1023506", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023506" + }, + { + "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs", + "refsource": "CONFIRM", + "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=24071", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=24071" + }, + { + "name": "oval:org.mitre.oval:def:13852", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=24646", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=24646" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0717.json b/2010/0xxx/CVE-2010-0717.json index 45c0028f7c8..5d44f14cae7 100644 --- a/2010/0xxx/CVE-2010-0717.json +++ b/2010/0xxx/CVE-2010-0717.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0717", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/15/2" - }, - { - "name" : "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES", - "refsource" : "CONFIRM", - "url" : "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES" - }, - { - "name" : "http://moinmo.in/MoinMoinRelease1.8", - "refsource" : "CONFIRM", - "url" : "http://moinmo.in/MoinMoinRelease1.8" - }, - { - "name" : "DSA-2014", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2014" - }, - { - "name" : "38903", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38903" - }, - { - "name" : "ADV-2010-0600", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0600" - }, - { - "name" : "moinmoin-cfgpackagepages-unspecified(56595)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56595" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "moinmoin-cfgpackagepages-unspecified(56595)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56595" + }, + { + "name": "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2" + }, + { + "name": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES", + "refsource": "CONFIRM", + "url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES" + }, + { + "name": "http://moinmo.in/MoinMoinRelease1.8", + "refsource": "CONFIRM", + "url": "http://moinmo.in/MoinMoinRelease1.8" + }, + { + "name": "DSA-2014", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2014" + }, + { + "name": "38903", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38903" + }, + { + "name": "ADV-2010-0600", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0600" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0775.json b/2010/0xxx/CVE-2010-0775.json index 2df41ec69a8..00d9f3c1982 100644 --- a/2010/0xxx/CVE-2010-0775.json +++ b/2010/0xxx/CVE-2010-0775.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0775", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0775", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PM05663", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM05663" - }, - { - "name" : "was-dmgr-nodeagent-dos(58555)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58555" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "was-dmgr-nodeagent-dos(58555)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58555" + }, + { + "name": "PM05663", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM05663" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1007.json b/2010/1xxx/CVE-2010-1007.json index b9dd770e852..b3261eb5ae9 100644 --- a/2010/1xxx/CVE-2010-1007.json +++ b/2010/1xxx/CVE-2010-1007.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1007", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1007", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" - }, - { - "name" : "38811", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38811" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" + }, + { + "name": "38811", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38811" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5245.json b/2010/5xxx/CVE-2010-5245.json index 29fb78ea446..d09d56459d4 100644 --- a/2010/5xxx/CVE-2010-5245.json +++ b/2010/5xxx/CVE-2010-5245.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/", - "refsource" : "MISC", - "url" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/" - }, - { - "name" : "41197", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41197" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/", + "refsource": "MISC", + "url": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/" + }, + { + "name": "41197", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41197" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5307.json b/2010/5xxx/CVE-2010-5307.json index eaa4b75787c..6acfd6a2590 100644 --- a/2010/5xxx/CVE-2010-5307.json +++ b/2010/5xxx/CVE-2010-5307.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/", - "refsource" : "MISC", - "url" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/" - }, - { - "name" : "https://twitter.com/digitalbond/status/619250429751222277", - "refsource" : "MISC", - "url" : "https://twitter.com/digitalbond/status/619250429751222277" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02" - }, - { - "name" : "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4", - "refsource" : "CONFIRM", - "url" : "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4", + "refsource": "CONFIRM", + "url": "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4" + }, + { + "name": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/", + "refsource": "MISC", + "url": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/" + }, + { + "name": "https://twitter.com/digitalbond/status/619250429751222277", + "refsource": "MISC", + "url": "https://twitter.com/digitalbond/status/619250429751222277" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5315.json b/2010/5xxx/CVE-2010-5315.json index 250e804ddfa..c97b4386807 100644 --- a/2010/5xxx/CVE-2010-5315.json +++ b/2010/5xxx/CVE-2010-5315.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5315", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5315", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.htbridge.com/advisory/HTB22723", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB22723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.htbridge.com/advisory/HTB22723", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB22723" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0282.json b/2014/0xxx/CVE-2014-0282.json index 1437552d492..68052f9d16b 100644 --- a/2014/0xxx/CVE-2014-0282.json +++ b/2014/0xxx/CVE-2014-0282.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0282", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0282", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "33860", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/33860" - }, - { - "name" : "MS14-035", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" - }, - { - "name" : "67862", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67862" - }, - { - "name" : "107851", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/107851" - }, - { - "name" : "1030370", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1030370", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030370" + }, + { + "name": "33860", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/33860" + }, + { + "name": "MS14-035", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" + }, + { + "name": "67862", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67862" + }, + { + "name": "107851", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/107851" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0315.json b/2014/0xxx/CVE-2014-0315.json index fdd613662c9..b4525992873 100644 --- a/2014/0xxx/CVE-2014-0315.json +++ b/2014/0xxx/CVE-2014-0315.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0315", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka \"Windows File Handling Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0315", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx" - }, - { - "name" : "MS14-019", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka \"Windows File Handling Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx" + }, + { + "name": "MS14-019", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0439.json b/2014/0xxx/CVE-2014-0439.json index 455e7abfc5f..c6b5fad07c9 100644 --- a/2014/0xxx/CVE-2014-0439.json +++ b/2014/0xxx/CVE-2014-0439.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0439", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Report Distribution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0439", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "64884", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64884" - }, - { - "name" : "102042", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102042" - }, - { - "name" : "1029623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029623" - }, - { - "name" : "56478", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56478" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Report Distribution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64884", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64884" + }, + { + "name": "56478", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56478" + }, + { + "name": "102042", + "refsource": "OSVDB", + "url": "http://osvdb.org/102042" + }, + { + "name": "1029623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029623" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0820.json b/2014/0xxx/CVE-2014-0820.json index 284f4d5ea10..44e348ee8b7 100644 --- a/2014/0xxx/CVE-2014-0820.json +++ b/2014/0xxx/CVE-2014-0820.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0820", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-0820", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cs.cybozu.co.jp/information/gr20140225up05.php", - "refsource" : "CONFIRM", - "url" : "http://cs.cybozu.co.jp/information/gr20140225up05.php" - }, - { - "name" : "https://support.cybozu.com/ja-jp/article/7994", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/7994" - }, - { - "name" : "JVN#26393529", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN26393529/index.html" - }, - { - "name" : "JVNDB-2014-000023", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023" - }, - { - "name" : "65815", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65815" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#26393529", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN26393529/index.html" + }, + { + "name": "http://cs.cybozu.co.jp/information/gr20140225up05.php", + "refsource": "CONFIRM", + "url": "http://cs.cybozu.co.jp/information/gr20140225up05.php" + }, + { + "name": "JVNDB-2014-000023", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/7994", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/7994" + }, + { + "name": "65815", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65815" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0889.json b/2014/0xxx/CVE-2014-0889.json index 6dbacc3d044..123cc8dc89b 100644 --- a/2014/0xxx/CVE-2014-0889.json +++ b/2014/0xxx/CVE-2014-0889.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081" - }, - { - "name" : "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889" - }, - { - "name" : "59681", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59681" - }, - { - "name" : "ibm-atlas-cve20140889-xss(91241)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081" + }, + { + "name": "59681", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59681" + }, + { + "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889" + }, + { + "name": "ibm-atlas-cve20140889-xss(91241)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91241" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1538.json b/2014/1xxx/CVE-2014-1538.json index fcdc775e5e0..03480359b3c 100644 --- a/2014/1xxx/CVE-2014-1538.json +++ b/2014/1xxx/CVE-2014-1538.json @@ -1,242 +1,242 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1538", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1538", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-0741.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-0741.html" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-0742.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-0742.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1107421", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1107421" - }, - { - "name" : "DSA-2955", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2955" - }, - { - "name" : "DSA-2960", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2960" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "RHSA-2014:0741", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0741.html" - }, - { - "name" : "RHSA-2014:0742", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0742.html" - }, - { - "name" : "openSUSE-SU-2014:0855", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html" - }, - { - "name" : "openSUSE-SU-2014:0858", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html" - }, - { - "name" : "SUSE-SU-2014:0824", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html" - }, - { - "name" : "openSUSE-SU-2014:0797", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html" - }, - { - "name" : "openSUSE-SU-2014:0819", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html" - }, - { - "name" : "USN-2243-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2243-1" - }, - { - "name" : "USN-2250-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2250-1" - }, - { - "name" : "67976", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67976" - }, - { - "name" : "1030386", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030386" - }, - { - "name" : "1030388", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030388" - }, - { - "name" : "58984", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58984" - }, - { - "name" : "59052", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59052" - }, - { - "name" : "59149", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59149" - }, - { - "name" : "59150", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59150" - }, - { - "name" : "59165", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59165" - }, - { - "name" : "59169", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59169" - }, - { - "name" : "59170", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59170" - }, - { - "name" : "59171", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59171" - }, - { - "name" : "59229", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59229" - }, - { - "name" : "59275", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59275" - }, - { - "name" : "59866", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59866" - }, - { - "name" : "59377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59377" - }, - { - "name" : "59387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59387" - }, - { - "name" : "59328", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59328" - }, - { - "name" : "59425", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59425" - }, - { - "name" : "59486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59486" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "59229", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59229" + }, + { + "name": "openSUSE-SU-2014:0819", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html" + }, + { + "name": "RHSA-2014:0741", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0741.html" + }, + { + "name": "SUSE-SU-2014:0824", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html" + }, + { + "name": "59387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59387" + }, + { + "name": "59150", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59150" + }, + { + "name": "1030388", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030388" + }, + { + "name": "67976", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67976" + }, + { + "name": "59052", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59052" + }, + { + "name": "openSUSE-SU-2014:0855", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html" + }, + { + "name": "openSUSE-SU-2014:0797", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html" + }, + { + "name": "59169", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59169" + }, + { + "name": "59165", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59165" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "59866", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59866" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-0742.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-0742.html" + }, + { + "name": "openSUSE-SU-2014:0858", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html" + }, + { + "name": "59377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59377" + }, + { + "name": "59149", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59149" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1107421", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107421" + }, + { + "name": "RHSA-2014:0742", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0742.html" + }, + { + "name": "USN-2243-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2243-1" + }, + { + "name": "DSA-2960", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2960" + }, + { + "name": "DSA-2955", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2955" + }, + { + "name": "1030386", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030386" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-0741.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-0741.html" + }, + { + "name": "58984", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58984" + }, + { + "name": "59170", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59170" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584" + }, + { + "name": "59425", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59425" + }, + { + "name": "59171", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59171" + }, + { + "name": "59328", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59328" + }, + { + "name": "59275", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59275" + }, + { + "name": "USN-2250-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2250-1" + }, + { + "name": "59486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59486" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1969.json b/2014/1xxx/CVE-2014-1969.json index dea1fdbb67a..8243104faed 100644 --- a/2014/1xxx/CVE-2014-1969.json +++ b/2014/1xxx/CVE-2014-1969.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-1969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#47386847", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN47386847/index.html" - }, - { - "name" : "JVNDB-2014-000035", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2014-000035", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000035" + }, + { + "name": "JVN#47386847", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN47386847/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4102.json b/2014/4xxx/CVE-2014-4102.json index cd000f064cd..04493fbbd0a 100644 --- a/2014/4xxx/CVE-2014-4102.json +++ b/2014/4xxx/CVE-2014-4102.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4091." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-4102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-052", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052" - }, - { - "name" : "69610", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69610" - }, - { - "name" : "1030818", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030818" - }, - { - "name" : "ms-ie-cve20144102-code-exec(95532)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4091." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "69610", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69610" + }, + { + "name": "ms-ie-cve20144102-code-exec(95532)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95532" + }, + { + "name": "1030818", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030818" + }, + { + "name": "MS14-052", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4583.json b/2014/4xxx/CVE-2014-4583.json index d51f9193e04..7f948de3690 100644 --- a/2014/4xxx/CVE-2014-4583.json +++ b/2014/4xxx/CVE-2014-4583.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in forms/messages.php in the WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) order_direction, (3) limit_start, (4) id, or (5) order parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss", - "refsource" : "MISC", - "url" : "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in forms/messages.php in the WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) order_direction, (3) limit_start, (4) id, or (5) order parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss", + "refsource": "MISC", + "url": "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4767.json b/2014/4xxx/CVE-2014-4767.json index a8627dff6ed..93bd45c04af 100644 --- a/2014/4xxx/CVE-2014-4767.json +++ b/2014/4xxx/CVE-2014-4767.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.3 does not properly use the Liberty Repository for feature installation, which allows remote authenticated users to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-4767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681249", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681249" - }, - { - "name" : "PI21284", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI21284" - }, - { - "name" : "69297", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69297" - }, - { - "name" : "ibm-websphere-cve20144767-weak-sec(94832)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94832" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.3 does not properly use the Liberty Repository for feature installation, which allows remote authenticated users to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-websphere-cve20144767-weak-sec(94832)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94832" + }, + { + "name": "69297", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69297" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681249", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681249" + }, + { + "name": "PI21284", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI21284" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5085.json b/2014/5xxx/CVE-2014-5085.json index 96b5c47345d..f8140d9de42 100644 --- a/2014/5xxx/CVE-2014-5085.json +++ b/2014/5xxx/CVE-2014-5085.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5085", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5085", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5177.json b/2014/5xxx/CVE-2014-5177.json index dfe8afe45bb..dff805c0a22 100644 --- a/2014/5xxx/CVE-2014-5177.json +++ b/2014/5xxx/CVE-2014-5177.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5177", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5177", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://libvirt.org/news.html", - "refsource" : "CONFIRM", - "url" : "http://libvirt.org/news.html" - }, - { - "name" : "http://security.libvirt.org/2014/0003.html", - "refsource" : "CONFIRM", - "url" : "http://security.libvirt.org/2014/0003.html" - }, - { - "name" : "GLSA-201412-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201412-04.xml" - }, - { - "name" : "RHSA-2014:0560", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0560.html" - }, - { - "name" : "openSUSE-SU-2014:0650", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html" - }, - { - "name" : "openSUSE-SU-2014:0674", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html" - }, - { - "name" : "USN-2366-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2366-1" - }, - { - "name" : "60895", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0560", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html" + }, + { + "name": "http://libvirt.org/news.html", + "refsource": "CONFIRM", + "url": "http://libvirt.org/news.html" + }, + { + "name": "60895", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60895" + }, + { + "name": "GLSA-201412-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201412-04.xml" + }, + { + "name": "openSUSE-SU-2014:0674", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html" + }, + { + "name": "openSUSE-SU-2014:0650", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html" + }, + { + "name": "USN-2366-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2366-1" + }, + { + "name": "http://security.libvirt.org/2014/0003.html", + "refsource": "CONFIRM", + "url": "http://security.libvirt.org/2014/0003.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5256.json b/2014/5xxx/CVE-2014-5256.json index 6e4f0b3dd31..1086b4aa9b6 100644 --- a/2014/5xxx/CVE-2014-5256.json +++ b/2014/5xxx/CVE-2014-5256.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5256", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5256", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/", - "refsource" : "CONFIRM", - "url" : "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/" - }, - { - "name" : "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356", - "refsource" : "CONFIRM", - "url" : "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684769", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684769" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0516.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0516.html" - }, - { - "name" : "MDVSA-2015:142", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:142" - }, - { - "name" : "61260", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61260" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684769", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684769" + }, + { + "name": "61260", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61260" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0516.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0516.html" + }, + { + "name": "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356", + "refsource": "CONFIRM", + "url": "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356" + }, + { + "name": "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/", + "refsource": "CONFIRM", + "url": "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/" + }, + { + "name": "MDVSA-2015:142", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:142" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2612.json b/2015/2xxx/CVE-2015-2612.json index 17d1375ed44..af4f96e3704 100644 --- a/2015/2xxx/CVE-2015-2612.json +++ b/2015/2xxx/CVE-2015-2612.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2612", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect confidentiality via vectors related to LDAP Security Adapter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2612", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "1032916", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032916" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect confidentiality via vectors related to LDAP Security Adapter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032916", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032916" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10536.json b/2016/10xxx/CVE-2016-10536.json index efb3b31fc18..5f14cd7563d 100644 --- a/2016/10xxx/CVE-2016-10536.json +++ b/2016/10xxx/CVE-2016-10536.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10536", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "engine.io-client node module", - "version" : { - "version_data" : [ - { - "version_value" : "<= 1.6.8" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the `rejectUnauthorized` setting. If the value is something that evaluates to false, certificate verification will be disabled. This is problematic as engine.io-client 1.6.8 and earlier passes in an object for settings that includes the rejectUnauthorized property, whether it has been set or not. If the value has not been explicitly changed, it will be passed in as `null`, resulting in certificate verification being turned off." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Man-in-the-Middle (CWE-300)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10536", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "engine.io-client node module", + "version": { + "version_data": [ + { + "version_value": "<= 1.6.8" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1", - "refsource" : "MISC", - "url" : "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1" - }, - { - "name" : "https://nodesecurity.io/advisories/99", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/99" - }, - { - "name" : "https://www.cigital.com/blog/node-js-socket-io/", - "refsource" : "MISC", - "url" : "https://www.cigital.com/blog/node-js-socket-io/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the `rejectUnauthorized` setting. If the value is something that evaluates to false, certificate verification will be disabled. This is problematic as engine.io-client 1.6.8 and earlier passes in an object for settings that includes the rejectUnauthorized property, whether it has been set or not. If the value has not been explicitly changed, it will be passed in as `null`, resulting in certificate verification being turned off." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Man-in-the-Middle (CWE-300)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cigital.com/blog/node-js-socket-io/", + "refsource": "MISC", + "url": "https://www.cigital.com/blog/node-js-socket-io/" + }, + { + "name": "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1", + "refsource": "MISC", + "url": "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1" + }, + { + "name": "https://nodesecurity.io/advisories/99", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/99" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3823.json b/2016/3xxx/CVE-2016-3823.json index 4e6c6540804..9069d171523 100644 --- a/2016/3xxx/CVE-2016-3823.json +++ b/2016/3xxx/CVE-2016-3823.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95" - }, - { - "name" : "92218", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92218" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95" + }, + { + "name": "92218", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92218" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8040.json b/2016/8xxx/CVE-2016-8040.json index 5407e20b704..7c91bb02f17 100644 --- a/2016/8xxx/CVE-2016-8040.json +++ b/2016/8xxx/CVE-2016-8040.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8040", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8040", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8140.json b/2016/8xxx/CVE-2016-8140.json index dd191621874..a8af6b82e0b 100644 --- a/2016/8xxx/CVE-2016-8140.json +++ b/2016/8xxx/CVE-2016-8140.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8140", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8140", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8167.json b/2016/8xxx/CVE-2016-8167.json index 050fa649f62..2ca8e9b9873 100644 --- a/2016/8xxx/CVE-2016-8167.json +++ b/2016/8xxx/CVE-2016-8167.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8167", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8167", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8787.json b/2016/8xxx/CVE-2016-8787.json index 6946c01ab1a..8267cb795f8 100644 --- a/2016/8xxx/CVE-2016-8787.json +++ b/2016/8xxx/CVE-2016-8787.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8787", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8787", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8925.json b/2016/8xxx/CVE-2016-8925.json index c8be68a1e6e..e8bc0dc4754 100644 --- a/2016/8xxx/CVE-2016-8925.json +++ b/2016/8xxx/CVE-2016-8925.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-8925", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Application Dependency Discovery Manager", - "version" : { - "version_data" : [ - { - "version_value" : "7.2" - }, - { - "version_value" : "7.2.1" - }, - { - "version_value" : "7.2.2" - }, - { - "version_value" : "7.1.2" - }, - { - "version_value" : "7.3" - }, - { - "version_value" : "7.2.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-8925", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tivoli Application Dependency Discovery Manager", + "version": { + "version_data": [ + { + "version_value": "7.2" + }, + { + "version_value": "7.2.1" + }, + { + "version_value": "7.2.2" + }, + { + "version_value": "7.1.2" + }, + { + "version_value": "7.3" + }, + { + "version_value": "7.2.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E" - }, - { - "name" : "97625", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97625", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97625" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9002.json b/2016/9xxx/CVE-2016-9002.json index a690f2880c7..23df0c39eeb 100644 --- a/2016/9xxx/CVE-2016-9002.json +++ b/2016/9xxx/CVE-2016-9002.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9002", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9002", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9198.json b/2016/9xxx/CVE-2016-9198.json index 4b9d31e6502..e80ff4f134e 100644 --- a/2016/9xxx/CVE-2016-9198.json +++ b/2016/9xxx/CVE-2016-9198.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2016-9198", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Identity Services Engine (ISE)", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco Identity Services Engine (ISE)" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-9198", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine (ISE)", + "version": { + "version_data": [ + { + "version_value": "Cisco Identity Services Engine (ISE)" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise" - }, - { - "name" : "94810", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94810" - }, - { - "name" : "1037415", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037415" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise" + }, + { + "name": "1037415", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037415" + }, + { + "name": "94810", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94810" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9279.json b/2016/9xxx/CVE-2016-9279.json index aa4697cfe3b..90bf0f9048f 100644 --- a/2016/9xxx/CVE-2016-9279.json +++ b/2016/9xxx/CVE-2016-9279.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9279", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9279", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161109 CVE Request - Samsung Exynos fimg2d Multiple Issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/09/3" - }, - { - "name" : "[oss-security] 20161111 Re: CVE Request - Samsung Exynos fimg2d Multiple Issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/11/11" - }, - { - "name" : "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016", - "refsource" : "CONFIRM", - "url" : "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016" - }, - { - "name" : "94283", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20161111 Re: CVE Request - Samsung Exynos fimg2d Multiple Issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/11/11" + }, + { + "name": "[oss-security] 20161109 CVE Request - Samsung Exynos fimg2d Multiple Issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/09/3" + }, + { + "name": "94283", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94283" + }, + { + "name": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016", + "refsource": "CONFIRM", + "url": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9292.json b/2016/9xxx/CVE-2016-9292.json index 92c023adfa5..1a6e906d79f 100644 --- a/2016/9xxx/CVE-2016-9292.json +++ b/2016/9xxx/CVE-2016-9292.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9292", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9292", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9309.json b/2016/9xxx/CVE-2016-9309.json index 443288e30ea..f62dd4192e6 100644 --- a/2016/9xxx/CVE-2016-9309.json +++ b/2016/9xxx/CVE-2016-9309.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9309", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9309", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9341.json b/2016/9xxx/CVE-2016-9341.json index 9d86b61c691..be52127beb8 100644 --- a/2016/9xxx/CVE-2016-9341.json +++ b/2016/9xxx/CVE-2016-9341.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9341", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9341", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2374.json b/2019/2xxx/CVE-2019-2374.json index f6d9aeb7dbf..f3f14456247 100644 --- a/2019/2xxx/CVE-2019-2374.json +++ b/2019/2xxx/CVE-2019-2374.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2374", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2374", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2629.json b/2019/2xxx/CVE-2019-2629.json index 37fb0c9a1df..46138e44ce8 100644 --- a/2019/2xxx/CVE-2019-2629.json +++ b/2019/2xxx/CVE-2019-2629.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2629", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2629", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6061.json b/2019/6xxx/CVE-2019-6061.json index 5aeb008d771..63bbbd1e229 100644 --- a/2019/6xxx/CVE-2019-6061.json +++ b/2019/6xxx/CVE-2019-6061.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6061", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6061", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6189.json b/2019/6xxx/CVE-2019-6189.json index b6eb0ed387d..444582e7772 100644 --- a/2019/6xxx/CVE-2019-6189.json +++ b/2019/6xxx/CVE-2019-6189.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6189", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6189", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6285.json b/2019/6xxx/CVE-2019-6285.json index 797bfadb92c..9f7f3c4b7c2 100644 --- a/2019/6xxx/CVE-2019-6285.json +++ b/2019/6xxx/CVE-2019-6285.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6285", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/jbeder/yaml-cpp/issues/660", - "refsource" : "MISC", - "url" : "https://github.com/jbeder/yaml-cpp/issues/660" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/jbeder/yaml-cpp/issues/660", + "refsource": "MISC", + "url": "https://github.com/jbeder/yaml-cpp/issues/660" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6789.json b/2019/6xxx/CVE-2019-6789.json index 3357f96922e..0507518190e 100644 --- a/2019/6xxx/CVE-2019-6789.json +++ b/2019/6xxx/CVE-2019-6789.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6789", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6789", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file