admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

jpcert20171208 batch

Browse Source
This commit is contained in:
Takayuki Uchiyama 2017-12-08 18:18:00 +09:00
parent 13c274d5c2
commit 5c1d2fbbf3
4 changed files with 276 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
2017/10xxx/CVE-2017-10893.json
View File

@ -1,18 +1,59 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10893",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10893",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Japan Agency for Local Authority Information Systems",
"product": {
"product_data": [
{
"product_name": "The Public Certification Service for Individuals \"The JPKI user's software\"",
"version": {
"version_data": [
{
"version_value": "Ver3.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://jvn.jp/en/jp/JVN30352845/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Untrusted search path vulnerability in The Public Certification Service for Individuals \"The JPKI user's software\" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
}
}

94
2017/10xxx/CVE-2017-10896.json
View File

@ -1,18 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10896",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10896",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "BUFFALO INC.",
"product": {
"product_data": [
{
"product_name": "BBR-4HG",
"version": {
"version_data": [
{
"version_value": "firmware 1.00 to 1.48"
},
{
"version_value": "firmware 2.00 to 2.07"
}
]
}
},
{
"product_name": "BBR-4MG",
"version": {
"version_data": [
{
"version_value": "firmware 1.00 to 1.48"
},
{
"version_value": "firmware 2.00 to 2.07"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Cross-site scripting"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"http://buffalo.jp/support_s/s20171201.html"
},
{
"url":"https://jvn.jp/en/jp/JVN65994435/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Cross-site scripting vulnerability in BBR-4HG firmware 1.00 to 1.48, 2.00 to 2.07 and BBR-4MG firmware 1.00 to 1.48, 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors."
}
]
}
}

94
2017/10xxx/CVE-2017-10897.json
View File

@ -1,18 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10897",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10897",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "BUFFALO INC.",
"product": {
"product_data": [
{
"product_name": "BBR-4HG",
"version": {
"version_data": [
{
"version_value": "firmware 1.00 to 1.48"
},
{
"version_value": "firmware 2.00 to 2.07"
}
]
}
},
{
"product_name": "BBR-4MG",
"version": {
"version_data": [
{
"version_value": "firmware 1.00 to 1.48"
},
{
"version_value": "firmware 2.00 to 2.07"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Improper Input Validation"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"http://buffalo.jp/support_s/s20171201.html"
},
{
"url":"https://jvn.jp/en/jp/JVN65994435/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Input validation issue in BBR-4HG firmware 1.00 to 1.48, 2.00 to 2.07 and BBR-4MG firmware 1.00 to 1.48, 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors."
}
]
}
}

81
2017/10xxx/CVE-2017-10906.json
View File

@ -1,18 +1,65 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-10906",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-10906",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cloud Native Computing Foundation (CNCF)",
"product": {
"product_data": [
{
"product_name": "Fluentd",
"version": {
"version_data": [
{
"version_value": "0.12.29 through 0.12.40"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Escape Sequence Injection"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://github.com/fluent/fluentd/pull/1733"
},
{
"url":"https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes"
},
{
"url":"https://jvn.jp/en/vu/JVNVU95124098/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors."
}
]
}
}