admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:25:32 +00:00
parent 6646e2a3a9
commit 5b0808bfcf
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
46 changed files with 3264 additions and 3264 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2006/0xxx/CVE-2006-0154.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0154",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0154",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter."
"lang": "eng",
"value": "SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060107 [eVuln] 427BB Multiple Vulnerabilities (Cookie-based Authentication Bypass, SQL Injections, XSS)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421326/100/0/threaded"
"name": "20060107 [eVuln] 427BB Multiple Vulnerabilities (Cookie-based Authentication Bypass, SQL Injections, XSS)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421326/100/0/threaded"
},
{
"name" : "http://evuln.com/vulns/18/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/18/summary.html"
"name": "18354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18354"
},
{
"name" : "16169",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16169"
"name": "ADV-2006-0091",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0091"
},
{
"name" : "ADV-2006-0091",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0091"
"name": "22275",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22275"
},
{
"name" : "22275",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22275"
"name": "http://evuln.com/vulns/18/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/18/summary.html"
},
{
"name" : "18354",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18354"
"name": "16169",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16169"
},
{
"name" : "427bb-showthread-sql-injection(24039)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24039"
"name": "427bb-showthread-sql-injection(24039)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24039"
}
]
}

68
2006/0xxx/CVE-2006-0419.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0419",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0419",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections."
"lang": "eng",
"value": "BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "BEA06-81.01",
"refsource" : "BEA",
"url" : "http://dev2dev.bea.com/pub/advisory/163"
"name": "1015528",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015528"
},
{
"name" : "1015528",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015528"
"name": "BEA06-81.01",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/163"
}
]
}

92
2006/0xxx/CVE-2006-0597.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0597",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-0597",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application crash) and possibly execute code via long \"revision attributes\"."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application crash) and possibly execute code via long \"revision attributes\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/0001-r1333-Fixed-crashes-with-very-long-revisions-attributes.txt?bug=349528;msg=15;att=1",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/0001-r1333-Fixed-crashes-with-very-long-revisions-attributes.txt?bug=349528;msg=15;att=1"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi/0001-r1333-Fixed-crashes-with-very-long-revisions-attributes.txt?bug=349528;msg=15;att=1",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/0001-r1333-Fixed-crashes-with-very-long-revisions-attributes.txt?bug=349528;msg=15;att=1"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528"
"name": "elog-elogd-bo(24704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24704"
},
{
"name" : "DSA-967",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-967"
"name": "16579",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16579"
},
{
"name" : "16579",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16579"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528"
},
{
"name" : "18783",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18783"
"name": "18783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18783"
},
{
"name" : "elog-elogd-bo(24704)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24704"
"name": "DSA-967",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-967"
}
]
}

134
2006/0xxx/CVE-2006-0746.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0746",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-0746",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627."
"lang": "eng",
"value": "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060310 [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/427299/100/0/threaded"
"name": "RHSA-2006:0262",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html"
},
{
"name" : "http://www.kde.org/info/security/advisory-20060202-1.txt",
"refsource" : "CONFIRM",
"url" : "http://www.kde.org/info/security/advisory-20060202-1.txt"
"name": "DSA-1008",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1008"
},
{
"name" : "DSA-1008",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1008"
"name": "MDKSA-2006:054",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054"
},
{
"name" : "MDKSA-2006:054",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054"
"name": "20060310 [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded"
},
{
"name" : "RHSA-2006:0262",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0262.html"
"name": "19190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19190"
},
{
"name" : "17039",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17039"
"name": "19264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19264"
},
{
"name" : "oval:org.mitre.oval:def:11441",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441"
"name": "19189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19189"
},
{
"name" : "1015751",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015751"
"name": "17039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17039"
},
{
"name" : "19189",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19189"
"name": "kde-kpdf-patch-bo(25146)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146"
},
{
"name" : "19190",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19190"
"name": "oval:org.mitre.oval:def:11441",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441"
},
{
"name" : "19264",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19264"
"name": "http://www.kde.org/info/security/advisory-20060202-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
},
{
"name" : "566",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/566"
"name": "566",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/566"
},
{
"name" : "kde-kpdf-patch-bo(25146)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146"
"name": "1015751",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015751"
}
]
}

98
2006/0xxx/CVE-2006-0901.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0901",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0901",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code."
"lang": "eng",
"value": "Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "102161",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102161-1"
"name": "102161",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102161-1"
},
{
"name" : "16826",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16826"
"name": "oval:org.mitre.oval:def:1628",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1628"
},
{
"name" : "ADV-2006-0756",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0756"
"name": "1015680",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015680"
},
{
"name" : "oval:org.mitre.oval:def:1628",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1628"
"name": "solaris-hsfs-privilege-elevation(24911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24911"
},
{
"name" : "1015680",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015680"
"name": "16826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16826"
},
{
"name" : "19042",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19042"
"name": "ADV-2006-0756",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0756"
},
{
"name" : "solaris-hsfs-privilege-elevation(24911)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24911"
"name": "19042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19042"
}
]
}

170
2006/1xxx/CVE-2006-1245.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1245",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1245",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the \"Multiple Event Handler Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the \"Multiple Event Handler Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060316 Remote overflow in MSIE script action handlers (mshtml.dll)",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-02/0855.html"
"name": "1015794",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015794"
},
{
"name" : "20060325 Re: [optimized PoC] Remote overflow in MSIE script action handlers (mshtml.dll)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428810/100/0/threaded"
"name": "20061205 Re: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453554/100/0/threaded"
},
{
"name" : "20061203 MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453436/100/0/threaded"
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name" : "20061205 Re: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453554/100/0/threaded"
"name": "oval:org.mitre.oval:def:1569",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1569"
},
{
"name" : "MS06-013",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
"name": "19269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19269"
},
{
"name" : "TA06-101A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
"name": "oval:org.mitre.oval:def:1451",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1451"
},
{
"name" : "VU#984473",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/984473"
"name": "20060325 Re: [optimized PoC] Remote overflow in MSIE script action handlers (mshtml.dll)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428810/100/0/threaded"
},
{
"name" : "17131",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17131"
"name": "TA06-101A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name" : "ADV-2006-1318",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1318"
"name": "oval:org.mitre.oval:def:1632",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1632"
},
{
"name" : "23964",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23964"
"name": "ie-mshtml-bo(25292)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25292"
},
{
"name" : "oval:org.mitre.oval:def:1451",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1451"
"name": "17131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17131"
},
{
"name" : "oval:org.mitre.oval:def:1569",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1569"
"name": "20060316 Remote overflow in MSIE script action handlers (mshtml.dll)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-02/0855.html"
},
{
"name" : "oval:org.mitre.oval:def:1599",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1599"
"name": "oval:org.mitre.oval:def:1599",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1599"
},
{
"name" : "oval:org.mitre.oval:def:1632",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1632"
"name": "20061203 MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453436/100/0/threaded"
},
{
"name" : "oval:org.mitre.oval:def:1766",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1766"
"name": "VU#984473",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/984473"
},
{
"name" : "1015794",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015794"
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name" : "19269",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19269"
"name": "oval:org.mitre.oval:def:1766",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1766"
},
{
"name" : "18957",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18957"
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name" : "ie-mshtml-bo(25292)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25292"
"name": "23964",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23964"
}
]
}

22
2006/4xxx/CVE-2006-4180.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4180",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-4180",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a reservation duplicate of another identifier and was never published. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a reservation duplicate of another identifier and was never published. Notes: none."
}
]
}

92
2006/4xxx/CVE-2006-4736.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4736",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4736",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 allow remote attackers to execute arbitrary SQL commands via the (1) adminname and (2) adminpass parameters. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 allow remote attackers to execute arbitrary SQL commands via the (1) adminname and (2) adminpass parameters. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060911 CMS.R. the Content Management System admin authentication baypass",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/445789/100/0/threaded"
"name": "ADV-2006-3561",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3561"
},
{
"name" : "19950",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19950"
"name": "cmsr-index-sql-injection(28877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28877"
},
{
"name" : "ADV-2006-3561",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3561"
"name": "1563",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1563"
},
{
"name" : "21860",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21860"
"name": "20060911 CMS.R. the Content Management System admin authentication baypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445789/100/0/threaded"
},
{
"name" : "1563",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1563"
"name": "21860",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21860"
},
{
"name" : "cmsr-index-sql-injection(28877)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28877"
"name": "19950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19950"
}
]
}

92
2006/5xxx/CVE-2006-5841.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5841",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5841",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in DodosMail 2.0.1 and earlier, and possibly 2.1, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dodosmail_header_file or (2) dodosmail_footer_file parameters."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in DodosMail 2.0.1 and earlier, and possibly 2.1, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dodosmail_header_file or (2) dodosmail_footer_file parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061120 DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452130/100/0/threaded"
"name": "ADV-2006-4414",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4414"
},
{
"name" : "2742",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2742"
"name": "20061120 DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452130/100/0/threaded"
},
{
"name" : "ADV-2006-4414",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4414"
"name": "dodosmail-dodosmail-file-include(30099)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30099"
},
{
"name" : "30248",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/30248"
"name": "2742",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2742"
},
{
"name" : "22775",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22775"
"name": "30248",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30248"
},
{
"name" : "dodosmail-dodosmail-file-include(30099)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30099"
"name": "22775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22775"
}
]
}

278
2006/5xxx/CVE-2006-5867.json
View File

@ -1,241 +1,241 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5867",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5867",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks."
"lang": "eng",
"value": "fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070105 fetchmail security announcement 2006-02 (CVE-2006-5867)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456115/100/0/threaded"
"name": "SSA:2007-024-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.517995"
},
{
"name" : "20070218 Re: [SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460528/100/0/threaded"
"name": "USN-405-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-405-1"
},
{
"name" : "http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt",
"refsource" : "CONFIRM",
"url" : "http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt"
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name" : "https://issues.rpath.com/browse/RPL-919",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-919"
"name": "31580",
"refsource": "OSVDB",
"url": "http://osvdb.org/31580"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305391",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305391"
"name": "23781",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23781"
},
{
"name" : "APPLE-SA-2007-04-19",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
"name": "24174",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24174"
},
{
"name" : "DSA-1259",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1259"
"name": "DSA-1259",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1259"
},
{
"name" : "FEDORA-2007-041",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2429"
"name": "23838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23838"
},
{
"name" : "GLSA-200701-13",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200701-13.xml"
"name": "24151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24151"
},
{
"name" : "MDKSA-2007:016",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:016"
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name" : "OpenPKG-SA-2007.004",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.004.html"
"name": "23714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23714"
},
{
"name" : "RHSA-2007:0018",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0018.html"
"name": "21903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21903"
},
{
"name" : "20070201-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
"name": "24284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24284"
},
{
"name" : "SSA:2007-024-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.517995"
"name": "23631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23631"
},
{
"name" : "SUSE-SR:2007:004",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_4_sr.html"
"name": "24007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24007"
},
{
"name" : "2007-0007",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0007"
"name": "23804",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23804"
},
{
"name" : "USN-405-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-405-1"
"name": "20070105 fetchmail security announcement 2006-02 (CVE-2006-5867)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456115/100/0/threaded"
},
{
"name" : "TA07-109A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
"name": "ADV-2007-0088",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0088"
},
{
"name" : "21903",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21903"
"name": "SUSE-SR:2007:004",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_4_sr.html"
},
{
"name" : "oval:org.mitre.oval:def:10566",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10566"
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name" : "ADV-2007-0087",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0087"
"name": "23695",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23695"
},
{
"name" : "ADV-2007-0088",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0088"
"name": "http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt",
"refsource": "CONFIRM",
"url": "http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt"
},
{
"name" : "ADV-2007-1470",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1470"
"name": "MDKSA-2007:016",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:016"
},
{
"name" : "31580",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/31580"
"name": "FEDORA-2007-041",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2429"
},
{
"name" : "1017478",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017478"
"name": "23923",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23923"
},
{
"name" : "23631",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23631"
"name": "OpenPKG-SA-2007.004",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.004.html"
},
{
"name" : "23695",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23695"
"name": "2007-0007",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0007"
},
{
"name" : "23714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23714"
"name": "20070218 Re: [SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460528/100/0/threaded"
},
{
"name" : "23781",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23781"
"name": "GLSA-200701-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-13.xml"
},
{
"name" : "23804",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23804"
"name": "1017478",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017478"
},
{
"name" : "23838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23838"
"name": "https://issues.rpath.com/browse/RPL-919",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-919"
},
{
"name" : "23923",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23923"
"name": "20070201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name" : "24007",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24007"
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name" : "24151",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24151"
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name" : "24174",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24174"
"name": "ADV-2007-0087",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0087"
},
{
"name" : "24966",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24966"
"name": "RHSA-2007:0018",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0018.html"
},
{
"name" : "24284",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24284"
"name": "oval:org.mitre.oval:def:10566",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10566"
}
]
}

22
2006/5xxx/CVE-2006-5997.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5997",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-5997",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

74
2010/0xxx/CVE-2010-0021.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0021",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-0021",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka \"SMB Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka \"SMB Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-012",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012"
"name": "TA10-040A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name" : "TA10-040A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
"name": "MS10-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012"
},
{
"name" : "oval:org.mitre.oval:def:8524",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8524"
"name": "oval:org.mitre.oval:def:8524",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8524"
}
]
}

98
2010/2xxx/CVE-2010-2090.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2090",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2090",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service (daemon crash) via APPC data containing a GDSID variable with a GDS length that is too small."
"lang": "eng",
"value": "The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service (daemon crash) via APPC data containing a GDSID variable with a GDS length that is too small."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24013012",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24013012"
"name": "ADV-2010-1244",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1244"
},
{
"name" : "IZ68810",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ68810"
"name": "40372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40372"
},
{
"name" : "JR36026",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR36026"
"name": "39909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39909"
},
{
"name" : "40372",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40372"
"name": "JR36026",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR36026"
},
{
"name" : "39909",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39909"
"name": "IZ68810",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ68810"
},
{
"name" : "ADV-2010-1244",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1244"
"name": "csa-appc-dos(58874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58874"
},
{
"name" : "csa-appc-dos(58874)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58874"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24013012",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24013012"
}
]
}

68
2010/2xxx/CVE-2010-2731.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2731",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-2731",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka \"Directory Authentication Bypass Vulnerability.\""
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka \"Directory Authentication Bypass Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065"
"name": "MS10-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065"
},
{
"name" : "oval:org.mitre.oval:def:6942",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6942"
"name": "oval:org.mitre.oval:def:6942",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6942"
}
]
}

80
2010/2xxx/CVE-2010-2913.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2913",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2913",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer."
"lang": "eng",
"value": "The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://itunes.apple.com/us/app/citi-mobile-sm/id301724680",
"refsource" : "MISC",
"url" : "http://itunes.apple.com/us/app/citi-mobile-sm/id301724680"
"name": "http://news.cnet.com/8301-27080_3-20011664-245.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-27080_3-20011664-245.html"
},
{
"name" : "http://news.cnet.com/8301-27080_3-20011664-245.html",
"refsource" : "MISC",
"url" : "http://news.cnet.com/8301-27080_3-20011664-245.html"
"name": "1024249",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024249"
},
{
"name" : "1024249",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024249"
"name": "http://itunes.apple.com/us/app/citi-mobile-sm/id301724680",
"refsource": "MISC",
"url": "http://itunes.apple.com/us/app/citi-mobile-sm/id301724680"
},
{
"name" : "citimobile-data-information-disclosure(60855)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60855"
"name": "citimobile-data-information-disclosure(60855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60855"
}
]
}

80
2010/2xxx/CVE-2010-2957.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2957",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2957",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when \"Remember me\" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when \"Remember me\" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20100829 CVE request: serendipity < 1.5.4 xss",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/08/29/3"
"name": "[oss-security] 20100829 CVE request: serendipity < 1.5.4 xss",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/29/3"
},
{
"name" : "[oss-security] 20100831 Re: CVE request: serendipity < 1.5.4 xss",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/08/31/5"
"name": "http://blog.s9y.org/archives/223-Serendipity-1.5.4-released.html",
"refsource": "CONFIRM",
"url": "http://blog.s9y.org/archives/223-Serendipity-1.5.4-released.html"
},
{
"name" : "http://www.htbridge.ch/advisory/xss_vulnerability_in_serendipity.html",
"refsource" : "MISC",
"url" : "http://www.htbridge.ch/advisory/xss_vulnerability_in_serendipity.html"
"name": "[oss-security] 20100831 Re: CVE request: serendipity < 1.5.4 xss",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/5"
},
{
"name" : "http://blog.s9y.org/archives/223-Serendipity-1.5.4-released.html",
"refsource" : "CONFIRM",
"url" : "http://blog.s9y.org/archives/223-Serendipity-1.5.4-released.html"
"name": "http://www.htbridge.ch/advisory/xss_vulnerability_in_serendipity.html",
"refsource": "MISC",
"url": "http://www.htbridge.ch/advisory/xss_vulnerability_in_serendipity.html"
}
]
}

128
2010/3xxx/CVE-2010-3075.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3075",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3075",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte."
"lang": "eng",
"value": "EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100826 Multiple Vulnerabilities in EncFS",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.html"
"name": "41158",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41158"
},
{
"name" : "[oss-security] 20100905 CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/09/05/3"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=630460",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=630460"
},
{
"name" : "[oss-security] 20100905 Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/09/06/1"
"name": "41478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41478"
},
{
"name" : "[oss-security] 20100907 Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/09/07/8"
"name": "FEDORA-2010-14268",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.html"
},
{
"name" : "http://www.arg0.net/encfs",
"refsource" : "CONFIRM",
"url" : "http://www.arg0.net/encfs"
"name": "FEDORA-2010-14200",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=630460",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=630460"
"name": "20100826 Multiple Vulnerabilities in EncFS",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.html"
},
{
"name" : "FEDORA-2010-14200",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.html"
"name": "[oss-security] 20100905 CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/05/3"
},
{
"name" : "FEDORA-2010-14254",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.html"
"name": "[oss-security] 20100907 Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/07/8"
},
{
"name" : "FEDORA-2010-14268",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.html"
"name": "[oss-security] 20100905 Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/06/1"
},
{
"name" : "41158",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41158"
"name": "ADV-2010-2414",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2414"
},
{
"name" : "41478",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41478"
"name": "http://www.arg0.net/encfs",
"refsource": "CONFIRM",
"url": "http://www.arg0.net/encfs"
},
{
"name" : "ADV-2010-2414",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2414"
"name": "FEDORA-2010-14254",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.html"
}
]
}

74
2010/3xxx/CVE-2010-3109.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3109",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3109",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter."
"lang": "eng",
"value": "Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-140/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-140/"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-140/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-140/"
},
{
"name" : "http://download.novell.com/Download?buildid=ftwZBxEFjIg~",
"refsource" : "CONFIRM",
"url" : "http://download.novell.com/Download?buildid=ftwZBxEFjIg~"
"name": "oval:org.mitre.oval:def:12046",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12046"
},
{
"name" : "oval:org.mitre.oval:def:12046",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12046"
"name": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~"
}
]
}

74
2010/3xxx/CVE-2010-3240.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3240",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3240",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka \"Real Time Data Array Record Vulnerability.\""
"lang": "eng",
"value": "Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka \"Real Time Data Array Record Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-080",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080"
"name": "oval:org.mitre.oval:def:7196",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7196"
},
{
"name" : "TA10-285A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-285A.html"
"name": "MS10-080",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080"
},
{
"name" : "oval:org.mitre.oval:def:7196",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7196"
"name": "TA10-285A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html"
}
]
}

74
2010/3xxx/CVE-2010-3320.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3320",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3320",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
"lang": "eng",
"value": "Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "PJ37426",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426"
"name": "43136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43136"
},
{
"name" : "43136",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/43136"
"name": "41344",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41344"
},
{
"name" : "41344",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41344"
"name": "PJ37426",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426"
}
]
}

92
2010/4xxx/CVE-2010-4192.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4192",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4192",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306."
"lang": "eng",
"value": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110208 ZDI-11-078: Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516322/100/0/threaded"
"name": "46326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46326"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-078",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-078"
"name": "ADV-2011-0335",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0335"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-01.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-01.html"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"
},
{
"name" : "46326",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46326"
"name": "20110208 ZDI-11-078: Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516322/100/0/threaded"
},
{
"name" : "1025056",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025056"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-078",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-078"
},
{
"name" : "ADV-2011-0335",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0335"
"name": "1025056",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025056"
}
]
}

68
2010/4xxx/CVE-2010-4562.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4562",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4562",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652."
"lang": "eng",
"value": "Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110415 Another Microsoft (and other) IPv6 security issue: sniffer detection",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2011/Apr/254"
"name": "20110415 Another Microsoft (and other) IPv6 security issue: sniffer detection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Apr/254"
},
{
"name" : "[dailydave] 20110415 Another Microsoft (and other) IPv6 security issue: sniffer detection",
"refsource" : "MLIST",
"url" : "http://seclists.org/dailydave/2011/q2/25"
"name": "[dailydave] 20110415 Another Microsoft (and other) IPv6 security issue: sniffer detection",
"refsource": "MLIST",
"url": "http://seclists.org/dailydave/2011/q2/25"
}
]
}

92
2010/4xxx/CVE-2010-4701.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4701",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4701",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15839",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15839"
"name": "TA11-102A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"
},
{
"name" : "http://retrogod.altervista.org/9sg_cov_bof.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/9sg_cov_bof.html"
"name": "42747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42747"
},
{
"name" : "TA11-102A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"
"name": "oval:org.mitre.oval:def:12689",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12689"
},
{
"name" : "oval:org.mitre.oval:def:12689",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12689"
"name": "1024925",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024925"
},
{
"name" : "1024925",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024925"
"name": "http://retrogod.altervista.org/9sg_cov_bof.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/9sg_cov_bof.html"
},
{
"name" : "42747",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42747"
"name": "15839",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15839"
}
]
}

68
2010/4xxx/CVE-2010-4785.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4785",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4785",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID."
"lang": "eng",
"value": "The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg24029672",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg24029672"
"name": "IO11814",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=swg1IO11814"
},
{
"name" : "IO11814",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg1IO11814"
"name": "http://www.ibm.com/support/docview.wss?uid=swg24029672",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg24029672"
}
]
}

74
2010/4xxx/CVE-2010-4931.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4931",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4931",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party."
"lang": "eng",
"value": "** DISPUTED ** Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14647",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14647"
"name": "42456",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42456"
},
{
"name" : "[vim] 20100816 PHP-Fusion Local File Inclusion Vulnerability",
"refsource" : "MLIST",
"url" : "http://attrition.org/pipermail/vim/2010-August/002391.html"
"name": "14647",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14647"
},
{
"name" : "42456",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42456"
"name": "[vim] 20100816 PHP-Fusion Local File Inclusion Vulnerability",
"refsource": "MLIST",
"url": "http://attrition.org/pipermail/vim/2010-August/002391.html"
}
]
}

80
2014/3xxx/CVE-2014-3115.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3115",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3115",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors."
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140507 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability (CVE-2014-3115)",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/May/30"
"name": "http://www.fortiguard.com/advisory/FG-IR-14-013/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-14-013/"
},
{
"name" : "http://www.fortiguard.com/advisory/FG-IR-14-013/",
"refsource" : "CONFIRM",
"url" : "http://www.fortiguard.com/advisory/FG-IR-14-013/"
"name": "VU#902790",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/902790"
},
{
"name" : "VU#902790",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/902790"
"name": "20140507 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability (CVE-2014-3115)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/May/30"
},
{
"name" : "1030200",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030200"
"name": "1030200",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030200"
}
]
}

22
2014/3xxx/CVE-2014-3957.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3957",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3957",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2014/4xxx/CVE-2014-4945.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4945",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4945",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"refsource" : "MLIST",
"url" : "http://lists.horde.org/archives/announce/2014/001025.html"
"name": "59772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59772"
},
{
"name" : "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"refsource" : "MLIST",
"url" : "http://lists.horde.org/archives/announce/2014/001019.html"
"name": "[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001025.html"
},
{
"name" : "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES",
"refsource" : "CONFIRM",
"url" : "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
"name": "59770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59770"
},
{
"name" : "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES",
"refsource" : "CONFIRM",
"url" : "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
"name": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/4513649810f13a32f1193bdeed76f7d85a5efa05/bundles/webmail/docs/CHANGES"
},
{
"name" : "59770",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59770"
"name": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/horde/horde/blob/c0144ac03814a8c2cf6fc5ac0d1af2653e9ee139/imp/docs/CHANGES"
},
{
"name" : "59772",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59772"
"name": "[announce] 20140707 [SECURITY] IMP 6.1.8 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2014/001019.html"
}
]
}

22
2014/8xxx/CVE-2014-8234.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8234",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8234",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

80
2014/8xxx/CVE-2014-8354.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8354",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8354",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file."
"lang": "eng",
"value": "The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1158518",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158518"
},
{
"name" : "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html",
"refsource" : "MISC",
"url" : "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html"
"name": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1158518",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1158518"
"name": "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html",
"refsource": "MISC",
"url": "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html"
},
{
"name" : "70830",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70830"
"name": "70830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70830"
}
]
}

86
2014/8xxx/CVE-2014-8360.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8360",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8360",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php."
"lang": "eng",
"value": "Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://tlk.tuxfamily.org/doku.php?id=writeup:cve-2014-8360-en",
"refsource" : "MISC",
"url" : "http://tlk.tuxfamily.org/doku.php?id=writeup:cve-2014-8360-en"
"name": "MDVSA-2015:167",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:167"
},
{
"name" : "http://advisories.mageia.org/MGASA-2015-0017.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0017.html"
"name": "http://www.glpi-project.org/spip.php?page=annonce&id_breve=330",
"refsource": "CONFIRM",
"url": "http://www.glpi-project.org/spip.php?page=annonce&id_breve=330"
},
{
"name" : "http://www.glpi-project.org/spip.php?page=annonce&id_breve=330",
"refsource" : "CONFIRM",
"url" : "http://www.glpi-project.org/spip.php?page=annonce&id_breve=330"
"name": "http://advisories.mageia.org/MGASA-2015-0017.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0017.html"
},
{
"name" : "https://forge.indepnet.net/issues/5101",
"refsource" : "CONFIRM",
"url" : "https://forge.indepnet.net/issues/5101"
"name": "http://tlk.tuxfamily.org/doku.php?id=writeup:cve-2014-8360-en",
"refsource": "MISC",
"url": "http://tlk.tuxfamily.org/doku.php?id=writeup:cve-2014-8360-en"
},
{
"name" : "MDVSA-2015:167",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:167"
"name": "https://forge.indepnet.net/issues/5101",
"refsource": "CONFIRM",
"url": "https://forge.indepnet.net/issues/5101"
}
]
}

22
2014/8xxx/CVE-2014-8915.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8915",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8915",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2014/9xxx/CVE-2014-9245.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9245",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-9245",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382."
"lang": "eng",
"value": "Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing",
"refsource" : "CONFIRM",
"url" : "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing"
"name": "VU#449452",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/449452"
},
{
"name" : "VU#449452",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/449452"
"name": "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing",
"refsource": "CONFIRM",
"url": "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing"
}
]
}

74
2014/9xxx/CVE-2014-9347.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9347",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9347",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter."
"lang": "eng",
"value": "SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "35365",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35365"
"name": "35365",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35365"
},
{
"name" : "115038",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/115038"
"name": "115038",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/115038"
},
{
"name" : "phpmyrecipes-dosearch-sql-injection(99005)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99005"
"name": "phpmyrecipes-dosearch-sql-injection(99005)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99005"
}
]
}

70
2014/9xxx/CVE-2014-9995.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2014-9995",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2014-9995",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value" : "SD 400, SD 800"
"version_value": "SD 400, SD 800"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there might be an integer wrap when checking feature_name_len + filePathLen. This leads to a buffer overflow."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there might be an integer wrap when checking feature_name_len + filePathLen. This leads to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Integer Overflow to Buffer Overflow."
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

70
2014/9xxx/CVE-2014-9996.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2014-9996",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2014-9996",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value" : "SD 400, SD 800"
"version_value": "SD 400, SD 800"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in TrustZone"
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in TrustZone"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

22
2016/2xxx/CVE-2016-2250.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2250",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-2250",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2550. Reason: This candidate is a duplicate of CVE-2016-2550. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2016-2550 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2550. Reason: This candidate is a duplicate of CVE-2016-2550. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2016-2550 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

22
2016/2xxx/CVE-2016-2852.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2852",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2852",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/2xxx/CVE-2016-2893.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2893",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2893",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/6xxx/CVE-2016-6270.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6270",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6270",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to api/v1/cfg/oauth/save_identify_pfx/."
"lang": "eng",
"value": "The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to api/v1/cfg/oauth/save_identify_pfx/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://qkaiser.github.io/pentesting/trendmicro/2016/10/08/trendmicro-vmi/",
"refsource" : "MISC",
"url" : "https://qkaiser.github.io/pentesting/trendmicro/2016/10/08/trendmicro-vmi/"
"name": "95884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95884"
},
{
"name" : "https://success.trendmicro.com/solution/1115411",
"refsource" : "CONFIRM",
"url" : "https://success.trendmicro.com/solution/1115411"
"name": "https://success.trendmicro.com/solution/1115411",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1115411"
},
{
"name" : "95884",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95884"
"name": "https://qkaiser.github.io/pentesting/trendmicro/2016/10/08/trendmicro-vmi/",
"refsource": "MISC",
"url": "https://qkaiser.github.io/pentesting/trendmicro/2016/10/08/trendmicro-vmi/"
}
]
}

74
2016/6xxx/CVE-2016-6644.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6644",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-6644",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value."
"lang": "eng",
"value": "EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160913 ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2016/Sep/18"
"name": "92906",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92906"
},
{
"name" : "92906",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92906"
"name": "1036796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036796"
},
{
"name" : "1036796",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036796"
"name": "20160913 ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Sep/18"
}
]
}

78
2016/6xxx/CVE-2016-6803.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@apache.org",
"DATE_PUBLIC" : "2016-10-11T00:00:00",
"ID" : "CVE-2016-6803",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2016-10-11T00:00:00",
"ID": "CVE-2016-6803",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Apache OpenOffice",
"version" : {
"version_data" : [
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value" : "4.0.0 to 4.1.2"
"version_value": "4.0.0 to 4.1.2"
},
{
"version_value" : "Older versions, including some using the previous OpenOffice.org brand, are also affected."
"version_value": "Older versions, including some using the previous OpenOffice.org brand, are also affected."
}
]
}
}
]
},
"vendor_name" : "Apache Software Foundation"
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An installer defect known as an \"unquoted Windows search path vulnerability\" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit."
"lang": "eng",
"value": "An installer defect known as an \"unquoted Windows search path vulnerability\" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Trojan Execution (on previously infected system)"
"lang": "eng",
"value": "Trojan Execution (on previously infected system)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.openoffice.org/security/cves/CVE-2016-6803.html",
"refsource" : "CONFIRM",
"url" : "https://www.openoffice.org/security/cves/CVE-2016-6803.html"
"name": "94418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94418"
},
{
"name" : "94418",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94418"
"name": "https://www.openoffice.org/security/cves/CVE-2016-6803.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2016-6803.html"
},
{
"name" : "1037015",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037015"
"name": "1037015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037015"
}
]
}

86
2016/6xxx/CVE-2016-6882.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6882",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6882",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack."
"lang": "eng",
"value": "MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160819 Re: CVE request: MatrixSSL lack of RSA-CRT hardening",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/08/19/7"
"name": "[oss-security] 20160819 Re: CVE request: MatrixSSL lack of RSA-CRT hardening",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/19/7"
},
{
"name" : "https://access.redhat.com/blogs/766093/posts/1976703",
"refsource" : "MISC",
"url" : "https://access.redhat.com/blogs/766093/posts/1976703"
"name": "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf",
"refsource": "MISC",
"url": "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"
},
{
"name" : "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf",
"refsource" : "MISC",
"url" : "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"
"name": "https://access.redhat.com/blogs/766093/posts/1976703",
"refsource": "MISC",
"url": "https://access.redhat.com/blogs/766093/posts/1976703"
},
{
"name" : "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md#validation-of-rsa-signature-creation",
"refsource" : "CONFIRM",
"url" : "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md#validation-of-rsa-signature-creation"
"name": "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md#validation-of-rsa-signature-creation",
"refsource": "CONFIRM",
"url": "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md#validation-of-rsa-signature-creation"
},
{
"name" : "91488",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91488"
"name": "91488",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91488"
}
]
}

74
2016/7xxx/CVE-2016-7204.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2016-7204",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-7204",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Edge allows remote attackers to access arbitrary \"My Documents\" files via a crafted web site, aka \"Microsoft Edge Information Disclosure Vulnerability.\""
"lang": "eng",
"value": "Microsoft Edge allows remote attackers to access arbitrary \"My Documents\" files via a crafted web site, aka \"Microsoft Edge Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-129",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129"
"name": "MS16-129",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129"
},
{
"name" : "93970",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93970"
"name": "93970",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93970"
},
{
"name" : "1037245",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037245"
"name": "1037245",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037245"
}
]
}

22
2016/7xxx/CVE-2016-7755.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7755",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7755",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

92
2016/7xxx/CVE-2016-7924.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7924",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7924",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print()."
"lang": "eng",
"value": "The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print()."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource" : "CONFIRM",
"url" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
"name": "1037755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037755"
},
{
"name" : "DSA-3775",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3775"
"name": "DSA-3775",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3775"
},
{
"name" : "GLSA-201702-30",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-30"
"name": "RHSA-2017:1871",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1871"
},
{
"name" : "RHSA-2017:1871",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1871"
"name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource": "CONFIRM",
"url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
},
{
"name" : "95852",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95852"
"name": "95852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95852"
},
{
"name" : "1037755",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037755"
"name": "GLSA-201702-30",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-30"
}
]
}