From 5f08a97ed15044087b8ffcc1427c0a3361ca002a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 11 Sep 2019 21:00:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/10xxx/CVE-2018-10931.json | 5 +++ 2018/17xxx/CVE-2018-17200.json | 58 +++++++++++++++++++++++++---- 2019/0xxx/CVE-2019-0189.json | 58 +++++++++++++++++++++++++---- 2019/10xxx/CVE-2019-10073.json | 50 +++++++++++++++++++++++-- 2019/10xxx/CVE-2019-10074.json | 50 +++++++++++++++++++++++-- 2019/12xxx/CVE-2019-12401.json | 5 +++ 2019/13xxx/CVE-2019-13520.json | 5 +++ 2019/13xxx/CVE-2019-13536.json | 62 +++++++++++++++++++++++++++++++ 2019/13xxx/CVE-2019-13540.json | 62 +++++++++++++++++++++++++++++++ 2019/13xxx/CVE-2019-13544.json | 62 +++++++++++++++++++++++++++++++ 2019/15xxx/CVE-2019-15302.json | 67 ++++++++++++++++++++++++++++++++++ 11 files changed, 464 insertions(+), 20 deletions(-) create mode 100644 2019/13xxx/CVE-2019-13536.json create mode 100644 2019/13xxx/CVE-2019-13540.json create mode 100644 2019/13xxx/CVE-2019-13544.json create mode 100644 2019/15xxx/CVE-2019-15302.json diff --git a/2018/10xxx/CVE-2018-10931.json b/2018/10xxx/CVE-2018-10931.json index ac0aa872765..39e312ca6ab 100644 --- a/2018/10xxx/CVE-2018-10931.json +++ b/2018/10xxx/CVE-2018-10931.json @@ -71,6 +71,11 @@ "name": "RHSA-2018:2372", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2372" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-3cacfb34ad", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMWK5KCCZXOGOYNR2H6BWDSABTQ5NYJA/" } ] } diff --git a/2018/17xxx/CVE-2018-17200.json b/2018/17xxx/CVE-2018-17200.json index 09170f9ca41..4fa8c0f4e94 100644 --- a/2018/17xxx/CVE-2018-17200.json +++ b/2018/17xxx/CVE-2018-17200.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-17200", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-17200", + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache", + "product": { + "product_data": [ + { + "product_name": "OFBiz", + "version": { + "version_data": [ + { + "version_value": "OFBiz 16.11.01 to 16.11.05" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MLIST", + "name": "[ofbiz-dev] 20190910 [CVE-2018-17200] Apache OFBiz unauthenticated remote code execution vulnerability in HttpEngine", + "url": "https://s.apache.org/m9boi" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. This service takes the `serviceContent` parameter in the request and deserializes it using XStream. This `XStream` instance is slightly guarded by disabling the creation of `ProcessBuilder`. However, this can be easily bypassed (and in multiple ways). Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16 r1850017+1850019" } ] } diff --git a/2019/0xxx/CVE-2019-0189.json b/2019/0xxx/CVE-2019-0189.json index 25df44b03ad..9f48055058e 100644 --- a/2019/0xxx/CVE-2019-0189.json +++ b/2019/0xxx/CVE-2019-0189.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0189", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0189", + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache", + "product": { + "product_data": [ + { + "product_name": "OFBiz", + "version": { + "version_data": [ + { + "version_value": "OFBiz 16.11.01 to 16.11.05" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MLIST", + "name": "[ofbiz-dev] 20190910 [CVE-2019-0189] Apache OFBiz remote code execution and arbitrary file delete via Java", + "url": "https://s.apache.org/hsn2g" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is exposed by the \"webtools/control/httpService\" URL, and uses Java deserialization to perform code execution. In the HttpEngine, the value of the request parameter \"serviceContext\" is passed to the \"deserialize\" method of \"XmlSerializer\". Apache Ofbiz is affected via two different dependencies: \"commons-beanutils\" and an out-dated version of \"commons-fileupload\" Mitigation: Upgrade to 16.11.06 or manually apply the commits from OFBIZ-10770 and OFBIZ-10837 on branch 16" } ] } diff --git a/2019/10xxx/CVE-2019-10073.json b/2019/10xxx/CVE-2019-10073.json index 70d426b8c81..28ca81a6281 100644 --- a/2019/10xxx/CVE-2019-10073.json +++ b/2019/10xxx/CVE-2019-10073.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10073", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache", + "product": { + "product_data": [ + { + "product_name": "OFBiz", + "version": { + "version_data": [ + { + "version_value": "OFBiz 16.11.01 to 16.11.05" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MLIST", + "name": "[ofbiz-dev] 20190910 [CVE-2019-10073] Apache OFBiz XSS vulnerability in the \"ecommerce\" component", + "url": "https://s.apache.org/w6edy" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The \"Blog\", \"Forum\", \"Contact Us\" screens of the template \"ecommerce\" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616" } ] } diff --git a/2019/10xxx/CVE-2019-10074.json b/2019/10xxx/CVE-2019-10074.json index f0cd1e8c305..55f73857d64 100644 --- a/2019/10xxx/CVE-2019-10074.json +++ b/2019/10xxx/CVE-2019-10074.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10074", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache", + "product": { + "product_data": [ + { + "product_name": "OFBiz", + "version": { + "version_data": [ + { + "version_value": "OFBiz 16.11.01 to 16.11.05" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "RCE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MLIST", + "name": "[ofbiz-dev] 20190910 [CVE-2019-10074] Apache OFBiz RCE (template injection)", + "url": "https://s.apache.org/r49vw" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. This was the case for the Customer Request \"story\" input in the Order Manager application. Encoding should not be disabled without good reason and never within a field that accepts user input. Mitigation: Upgrade to 16.11.06 or manually apply the following commit on branch 16.11: r1858533" } ] } diff --git a/2019/12xxx/CVE-2019-12401.json b/2019/12xxx/CVE-2019-12401.json index baa32d187ca..14758c4438c 100644 --- a/2019/12xxx/CVE-2019-12401.json +++ b/2019/12xxx/CVE-2019-12401.json @@ -54,6 +54,11 @@ "refsource": "MLIST", "name": "[www-announce] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0", "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201909.mbox/%3CCAECwjAXU4%3DkAo5DeUJw7Kvk67sgCmajAN7LGZQNjbjZ8gv%3DBdw%40mail.gmail.com%3E" + }, + { + "refsource": "MLIST", + "name": "[lucene-dev] 20190911 [jira] [Commented] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0", + "url": "https://lists.apache.org/thread.html/0ec231c5ed8d242890e21806d25fdd47f80cc47cac278d2fc1c9c579@%3Cdev.lucene.apache.org%3E" } ] }, diff --git a/2019/13xxx/CVE-2019-13520.json b/2019/13xxx/CVE-2019-13520.json index 46abf372b2c..193073fafc4 100644 --- a/2019/13xxx/CVE-2019-13520.json +++ b/2019/13xxx/CVE-2019-13520.json @@ -53,6 +53,11 @@ "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-798/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-798/" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-820/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-820/" } ] }, diff --git a/2019/13xxx/CVE-2019-13536.json b/2019/13xxx/CVE-2019-13536.json new file mode 100644 index 00000000000..07ac605eb9a --- /dev/null +++ b/2019/13xxx/CVE-2019-13536.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13536", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Delta Electronics", + "product": { + "product_data": [ + { + "product_name": "TPEditor", + "version": { + "version_data": [ + { + "version_value": "1.94 and prior" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "HEAP-BASED BUFFER OVERFLOW CWE-122" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code." + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13540.json b/2019/13xxx/CVE-2019-13540.json new file mode 100644 index 00000000000..496aeac62e6 --- /dev/null +++ b/2019/13xxx/CVE-2019-13540.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13540", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Delta Electronics", + "product": { + "product_data": [ + { + "product_name": "TPEditor", + "version": { + "version_data": [ + { + "version_value": "1.94 and prior" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "STACK-BASED BUFFER OVERFLOW CWE-121" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code." + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13544.json b/2019/13xxx/CVE-2019-13544.json new file mode 100644 index 00000000000..4ff67d5d6e3 --- /dev/null +++ b/2019/13xxx/CVE-2019-13544.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13544", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Delta Electronics", + "product": { + "product_data": [ + { + "product_name": "TPEditor", + "version": { + "version_data": [ + { + "version_value": "1.94 and prior" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "OUT-OF-BOUNDS WRITE CWE-787" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution." + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15302.json b/2019/15xxx/CVE-2019-15302.json new file mode 100644 index 00000000000..90c5c06780e --- /dev/null +++ b/2019/15xxx/CVE-2019-15302.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a trivial URL modification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki-labs/cryptpad/commits/staging", + "refsource": "MISC", + "name": "https://github.com/xwiki-labs/cryptpad/commits/staging" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/xwiki-labs/cryptpad/releases/tag/3.0.0", + "url": "https://github.com/xwiki-labs/cryptpad/releases/tag/3.0.0" + } + ] + } +} \ No newline at end of file