From 5bd9c48cb91657b7c4ddce99a7e010410cbe862b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:41:41 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2004/0xxx/CVE-2004-0432.json | 180 ++++++------- 2004/0xxx/CVE-2004-0593.json | 150 +++++------ 2004/1xxx/CVE-2004-1002.json | 140 +++++----- 2004/1xxx/CVE-2004-1622.json | 140 +++++----- 2008/2xxx/CVE-2008-2350.json | 150 +++++------ 2008/2xxx/CVE-2008-2793.json | 150 +++++------ 2008/3xxx/CVE-2008-3241.json | 160 ++++++------ 2008/3xxx/CVE-2008-3243.json | 170 ++++++------ 2008/3xxx/CVE-2008-3833.json | 240 ++++++++--------- 2008/3xxx/CVE-2008-3842.json | 150 +++++------ 2008/4xxx/CVE-2008-4038.json | 220 ++++++++-------- 2008/4xxx/CVE-2008-4449.json | 180 ++++++------- 2008/4xxx/CVE-2008-4883.json | 160 ++++++------ 2008/4xxx/CVE-2008-4973.json | 180 ++++++------- 2008/6xxx/CVE-2008-6044.json | 150 +++++------ 2008/6xxx/CVE-2008-6145.json | 150 +++++------ 2008/6xxx/CVE-2008-6222.json | 150 +++++------ 2008/7xxx/CVE-2008-7166.json | 180 ++++++------- 2008/7xxx/CVE-2008-7289.json | 130 +++++----- 2013/2xxx/CVE-2013-2164.json | 240 ++++++++--------- 2013/2xxx/CVE-2013-2366.json | 130 +++++----- 2013/2xxx/CVE-2013-2422.json | 400 ++++++++++++++--------------- 2013/2xxx/CVE-2013-2439.json | 220 ++++++++-------- 2013/2xxx/CVE-2013-2807.json | 34 +-- 2013/6xxx/CVE-2013-6369.json | 150 +++++------ 2017/11xxx/CVE-2017-11030.json | 122 ++++----- 2017/11xxx/CVE-2017-11083.json | 34 +-- 2017/11xxx/CVE-2017-11195.json | 140 +++++----- 2017/11xxx/CVE-2017-11327.json | 120 ++++----- 2017/11xxx/CVE-2017-11630.json | 120 ++++----- 2017/11xxx/CVE-2017-11931.json | 34 +-- 2017/11xxx/CVE-2017-11994.json | 34 +-- 2017/14xxx/CVE-2017-14088.json | 160 ++++++------ 2017/14xxx/CVE-2017-14370.json | 130 +++++----- 2017/14xxx/CVE-2017-14435.json | 122 ++++----- 2017/14xxx/CVE-2017-14611.json | 120 ++++----- 2017/14xxx/CVE-2017-14734.json | 120 ++++----- 2017/15xxx/CVE-2017-15094.json | 132 +++++----- 2017/15xxx/CVE-2017-15164.json | 34 +-- 2017/15xxx/CVE-2017-15445.json | 34 +-- 2017/15xxx/CVE-2017-15733.json | 120 ++++----- 2017/15xxx/CVE-2017-15921.json | 130 +++++----- 2017/9xxx/CVE-2017-9144.json | 140 +++++----- 2017/9xxx/CVE-2017-9233.json | 210 +++++++-------- 2017/9xxx/CVE-2017-9759.json | 130 +++++----- 2017/9xxx/CVE-2017-9898.json | 120 ++++----- 2017/9xxx/CVE-2017-9920.json | 120 ++++----- 2018/0xxx/CVE-2018-0078.json | 34 +-- 2018/0xxx/CVE-2018-0331.json | 130 +++++----- 2018/0xxx/CVE-2018-0511.json | 130 +++++----- 2018/1000xxx/CVE-2018-1000075.json | 234 ++++++++--------- 2018/1000xxx/CVE-2018-1000157.json | 34 +-- 2018/12xxx/CVE-2018-12079.json | 120 ++++----- 2018/12xxx/CVE-2018-12588.json | 160 ++++++------ 2018/13xxx/CVE-2018-13439.json | 120 ++++----- 2018/16xxx/CVE-2018-16054.json | 34 +-- 2018/16xxx/CVE-2018-16341.json | 34 +-- 2018/16xxx/CVE-2018-16427.json | 140 +++++----- 2018/16xxx/CVE-2018-16546.json | 120 ++++----- 2018/16xxx/CVE-2018-16922.json | 34 +-- 2018/4xxx/CVE-2018-4032.json | 120 ++++----- 2018/4xxx/CVE-2018-4033.json | 120 ++++----- 2018/4xxx/CVE-2018-4062.json | 34 +-- 2018/4xxx/CVE-2018-4088.json | 230 ++++++++--------- 2018/4xxx/CVE-2018-4173.json | 130 +++++----- 2018/4xxx/CVE-2018-4174.json | 160 ++++++------ 66 files changed, 4424 insertions(+), 4424 deletions(-) diff --git a/2004/0xxx/CVE-2004-0432.json b/2004/0xxx/CVE-2004-0432.json index a20919ee3cb..2b0759a5132 100644 --- a/2004/0xxx/CVE-2004-0432.json +++ b/2004/0xxx/CVE-2004-0432.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0432", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.proftpd.org/show_bug.cgi?id=2267", - "refsource" : "CONFIRM", - "url" : "http://bugs.proftpd.org/show_bug.cgi?id=2267" - }, - { - "name" : "MDKSA-2004:041", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:041" - }, - { - "name" : "20040430 [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108335051011341&w=2" - }, - { - "name" : "2004-0025", - "refsource" : "TRUSTIX", - "url" : "http://marc.info/?l=bugtraq&m=108335030208523&w=2" - }, - { - "name" : "10252", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10252" - }, - { - "name" : "11527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11527" - }, - { - "name" : "proftpd-cidr-acl-bypass(16038)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16038" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "10252", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10252" + }, + { + "name": "proftpd-cidr-acl-bypass(16038)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16038" + }, + { + "name": "20040430 [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108335051011341&w=2" + }, + { + "name": "http://bugs.proftpd.org/show_bug.cgi?id=2267", + "refsource": "CONFIRM", + "url": "http://bugs.proftpd.org/show_bug.cgi?id=2267" + }, + { + "name": "2004-0025", + "refsource": "TRUSTIX", + "url": "http://marc.info/?l=bugtraq&m=108335030208523&w=2" + }, + { + "name": "11527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11527" + }, + { + "name": "MDKSA-2004:041", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:041" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0593.json b/2004/0xxx/CVE-2004-0593.json index af7269c5380..6df1a240a33 100644 --- a/2004/0xxx/CVE-2004-0593.json +++ b/2004/0xxx/CVE-2004-0593.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0593", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0593", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040810 Corsaire Security Advisory - Sygate Enforcer unauthenticated broadcast issue", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109215731626998&w=2" - }, - { - "name" : "http://www.corsaire.com/advisories/c031120-003.txt", - "refsource" : "MISC", - "url" : "http://www.corsaire.com/advisories/c031120-003.txt" - }, - { - "name" : "sygate-enforcer-filter-bypass(16948)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16948" - }, - { - "name" : "10908", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10908" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sygate-enforcer-filter-bypass(16948)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16948" + }, + { + "name": "10908", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10908" + }, + { + "name": "http://www.corsaire.com/advisories/c031120-003.txt", + "refsource": "MISC", + "url": "http://www.corsaire.com/advisories/c031120-003.txt" + }, + { + "name": "20040810 Corsaire Security Advisory - Sygate Enforcer unauthenticated broadcast issue", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109215731626998&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1002.json b/2004/1xxx/CVE-2004-1002.json index 3dc36bccc6d..63267e179d8 100644 --- a/2004/1xxx/CVE-2004-1002.json +++ b/2004/1xxx/CVE-2004-1002.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041026 pppd out of bounds memory access, possible DOS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/379450" - }, - { - "name" : "USN-12-1", - "refsource" : "UBUNTU", - "url" : "https://www.ubuntu.com/usn/usn-12-1/" - }, - { - "name" : "ppp-ccp-headers-dos(17874)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17874" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-12-1", + "refsource": "UBUNTU", + "url": "https://www.ubuntu.com/usn/usn-12-1/" + }, + { + "name": "ppp-ccp-headers-dos(17874)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17874" + }, + { + "name": "20041026 pppd out of bounds memory access, possible DOS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/379450" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1622.json b/2004/1xxx/CVE-2004-1622.json index 75b94752984..52821de7655 100644 --- a/2004/1xxx/CVE-2004-1622.json +++ b/2004/1xxx/CVE-2004-1622.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041021 SQL Injection in UBB.threads 3.4.x", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109839925207038&w=2" - }, - { - "name" : "11502", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11502" - }, - { - "name" : "ubbthreads-sql-injection(17821)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17821" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11502", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11502" + }, + { + "name": "20041021 SQL Injection in UBB.threads 3.4.x", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109839925207038&w=2" + }, + { + "name": "ubbthreads-sql-injection(17821)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17821" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2350.json b/2008/2xxx/CVE-2008-2350.json index b0c1e9aedd0..6ffc77c0301 100644 --- a/2008/2xxx/CVE-2008-2350.json +++ b/2008/2xxx/CVE-2008-2350.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2350", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2350", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lostmon.blogspot.com/2008/05/bcoos-highlightphp-traversal-file.html", - "refsource" : "MISC", - "url" : "http://lostmon.blogspot.com/2008/05/bcoos-highlightphp-traversal-file.html" - }, - { - "name" : "29275", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29275" - }, - { - "name" : "30035", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30035" - }, - { - "name" : "bcoos-highlight-directory-traversal(42506)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://lostmon.blogspot.com/2008/05/bcoos-highlightphp-traversal-file.html", + "refsource": "MISC", + "url": "http://lostmon.blogspot.com/2008/05/bcoos-highlightphp-traversal-file.html" + }, + { + "name": "29275", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29275" + }, + { + "name": "30035", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30035" + }, + { + "name": "bcoos-highlight-directory-traversal(42506)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42506" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2793.json b/2008/2xxx/CVE-2008-2793.json index 335b6f9480c..7c1182c5b2f 100644 --- a/2008/2xxx/CVE-2008-2793.json +++ b/2008/2xxx/CVE-2008-2793.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2793", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2793", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5839", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5839" - }, - { - "name" : "29779", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29779" - }, - { - "name" : "28313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28313" - }, - { - "name" : "clipshare-groupposts-sql-injection(43142)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43142" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28313" + }, + { + "name": "5839", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5839" + }, + { + "name": "29779", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29779" + }, + { + "name": "clipshare-groupposts-sql-injection(43142)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43142" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3241.json b/2008/3xxx/CVE-2008-3241.json index 75a8746b226..600073bddcf 100644 --- a/2008/3xxx/CVE-2008-3241.json +++ b/2008/3xxx/CVE-2008-3241.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6067", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6067" - }, - { - "name" : "http://www.shooter-szene.de/PNphpBB2-viewtopic-t-12730.phtml", - "refsource" : "CONFIRM", - "url" : "http://www.shooter-szene.de/PNphpBB2-viewtopic-t-12730.phtml" - }, - { - "name" : "30212", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30212" - }, - { - "name" : "4021", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4021" - }, - { - "name" : "ultrastats-playersdetail-sql-injection(43760)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6067", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6067" + }, + { + "name": "30212", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30212" + }, + { + "name": "4021", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4021" + }, + { + "name": "ultrastats-playersdetail-sql-injection(43760)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43760" + }, + { + "name": "http://www.shooter-szene.de/PNphpBB2-viewtopic-t-12730.phtml", + "refsource": "CONFIRM", + "url": "http://www.shooter-szene.de/PNphpBB2-viewtopic-t-12730.phtml" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3243.json b/2008/3xxx/CVE-2008-3243.json index c063c709b62..eea81a7df89 100644 --- a/2008/3xxx/CVE-2008-3243.json +++ b/2008/3xxx/CVE-2008-3243.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3243", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3243", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.f-prot.com/download/ReleaseNotesWindows.txt", - "refsource" : "CONFIRM", - "url" : "http://www.f-prot.com/download/ReleaseNotesWindows.txt" - }, - { - "name" : "30258", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30258" - }, - { - "name" : "31118", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31118" - }, - { - "name" : "fprotantivirus-aspack-dos(43870)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43870" - }, - { - "name" : "fprotantivirus-microsoftoffice-dos(43869)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43869" - }, - { - "name" : "fprotantivirus-upx-dos(43868)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43868" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31118", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31118" + }, + { + "name": "fprotantivirus-aspack-dos(43870)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43870" + }, + { + "name": "http://www.f-prot.com/download/ReleaseNotesWindows.txt", + "refsource": "CONFIRM", + "url": "http://www.f-prot.com/download/ReleaseNotesWindows.txt" + }, + { + "name": "fprotantivirus-microsoftoffice-dos(43869)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43869" + }, + { + "name": "fprotantivirus-upx-dos(43868)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43868" + }, + { + "name": "30258", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30258" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3833.json b/2008/3xxx/CVE-2008-3833.json index d39a8b9cf19..d153c4cce9e 100644 --- a/2008/3xxx/CVE-2008-3833.json +++ b/2008/3xxx/CVE-2008-3833.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3833", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory, a different vulnerability than CVE-2008-4210." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-3833", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20081003 CVE-2008-3833 kernel: remove SUID when splicing into an inode", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2008/10/03/1" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.19.y.git;a=commit;h=8c34e2d63231d4bf4852bac8521883944d770fe3", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.19.y.git;a=commit;h=8c34e2d63231d4bf4852bac8521883944d770fe3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=464450", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=464450" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.19/ChangeLog-2.6.19-rc3", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.19/ChangeLog-2.6.19-rc3" - }, - { - "name" : "DSA-1653", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1653" - }, - { - "name" : "RHSA-2008:0957", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0957.html" - }, - { - "name" : "SUSE-SR:2008:025", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html" - }, - { - "name" : "31567", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31567" - }, - { - "name" : "oval:org.mitre.oval:def:9980", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9980" - }, - { - "name" : "32485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32485" - }, - { - "name" : "32759", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32759" - }, - { - "name" : "32237", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32237" - }, - { - "name" : "kernel-genericfilesplice-priv-escalation(45922)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45922" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory, a different vulnerability than CVE-2008-4210." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32485" + }, + { + "name": "32237", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32237" + }, + { + "name": "[oss-security] 20081003 CVE-2008-3833 kernel: remove SUID when splicing into an inode", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2008/10/03/1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=464450", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=464450" + }, + { + "name": "RHSA-2008:0957", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html" + }, + { + "name": "kernel-genericfilesplice-priv-escalation(45922)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45922" + }, + { + "name": "DSA-1653", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1653" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.19.y.git;a=commit;h=8c34e2d63231d4bf4852bac8521883944d770fe3", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.19.y.git;a=commit;h=8c34e2d63231d4bf4852bac8521883944d770fe3" + }, + { + "name": "32759", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32759" + }, + { + "name": "oval:org.mitre.oval:def:9980", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9980" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.19/ChangeLog-2.6.19-rc3", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.19/ChangeLog-2.6.19-rc3" + }, + { + "name": "SUSE-SR:2008:025", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html" + }, + { + "name": "31567", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31567" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3842.json b/2008/3xxx/CVE-2008-3842.json index 8cead045eac..efd4c105fbd 100644 --- a/2008/3xxx/CVE-2008-3842.json +++ b/2008/3xxx/CVE-2008-3842.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a \"