admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:04:15 +00:00
parent cfc8b1e5a5
commit 61203c39dc
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 4356 additions and 4356 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2006/3xxx/CVE-2006-3206.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3206",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3206",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the \"[NR]\" sequence in the signature field, which is used to separate multiple records."
"lang": "eng",
"value": "register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the \"[NR]\" sequence in the signature field, which is used to separate multiple records."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060620 ULtimate PHP Board <= 1.96 GOLD Code Execution (exploit code)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437875/100/0/threaded"
"name": "1138",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1138"
},
{
"name" : "1138",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1138"
"name": "20060620 ULtimate PHP Board <= 1.96 GOLD Code Execution (exploit code)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437875/100/0/threaded"
}
]
}

98
2006/3xxx/CVE-2006-3350.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3350",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-3350",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive."
"lang": "eng",
"value": "Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060726 Secunia Research: AutoVue SolidModel Professional Buffer OverflowVulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/441173/100/0/threaded"
"name": "autovue-filename-bo(27968)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27968"
},
{
"name" : "http://secunia.com/secunia_research/2006-56/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2006-56/advisory/"
"name": "27516",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27516"
},
{
"name" : "19170",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19170"
"name": "19170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19170"
},
{
"name" : "ADV-2006-2979",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2979"
"name": "http://secunia.com/secunia_research/2006-56/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-56/advisory/"
},
{
"name" : "27516",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27516"
"name": "20852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20852"
},
{
"name" : "20852",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20852"
"name": "20060726 Secunia Research: AutoVue SolidModel Professional Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441173/100/0/threaded"
},
{
"name" : "autovue-filename-bo(27968)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27968"
"name": "ADV-2006-2979",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2979"
}
]
}

176
2006/3xxx/CVE-2006-3376.json
View File

@ -1,156 +1,156 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3376",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3376",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file."
"lang": "eng",
"value": "Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060630 libwmf integer/heap overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438803/100/0/threaded"
"name": "20060630 libwmf integer/heap overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438803/100/0/threaded"
},
{
"name" : "DSA-1194",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2006/dsa-1194"
"name": "oval:org.mitre.oval:def:10262",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262"
},
{
"name" : "GLSA-200608-17",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200608-17.xml"
"name": "20921",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20921"
},
{
"name" : "MDKSA-2006:132",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132"
"name": "libwmf-wmf-bo(27516)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516"
},
{
"name" : "RHSA-2006:0597",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0597.html"
"name": "1016518",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016518"
},
{
"name" : "SUSE-SR:2006:019",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_19_sr.html"
"name": "21473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21473"
},
{
"name" : "USN-333-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-333-1"
"name": "22311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22311"
},
{
"name" : "18751",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18751"
"name": "USN-333-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-333-1"
},
{
"name" : "oval:org.mitre.oval:def:10262",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10262"
"name": "1190",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1190"
},
{
"name" : "ADV-2006-2646",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2646"
"name": "21459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21459"
},
{
"name" : "1016518",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016518"
"name": "18751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18751"
},
{
"name" : "20921",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20921"
"name": "SUSE-SR:2006:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_19_sr.html"
},
{
"name" : "21064",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21064"
"name": "21064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21064"
},
{
"name" : "21261",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21261"
"name": "ADV-2006-2646",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2646"
},
{
"name" : "21473",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21473"
"name": "DSA-1194",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2006/dsa-1194"
},
{
"name" : "21419",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21419"
"name": "21261",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21261"
},
{
"name" : "22311",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22311"
"name": "MDKSA-2006:132",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:132"
},
{
"name" : "21459",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21459"
"name": "21419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21419"
},
{
"name" : "1190",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1190"
"name": "RHSA-2006:0597",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0597.html"
},
{
"name" : "libwmf-wmf-bo(27516)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27516"
"name": "GLSA-200608-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200608-17.xml"
}
]
}

170
2006/3xxx/CVE-2006-3698.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3698",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3698",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB01 for Change Data Capture (CDC) component and (2) DB03 for Data Pump Metadata API. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB01 is related to multiple SQL injection vulnerabilities in SYS.DBMS_CDC_IMPDP using the (a) IMPORT_CHANGE_SET, (b) IMPORT_CHANGE_TABLE, (c) IMPORT_CHANGE_COLUMN, (d) IMPORT_SUBSCRIBER, (e) IMPORT_SUBSCRIBED_TABLE, (f) IMPORT_SUBSCRIBED_COLUMN, (g) VALIDATE_IMPORT, (h) VALIDATE_CHANGE_SET, (i) VALIDATE_CHANGE_TABLE, and (j) VALIDATE_SUBSCRIPTION procedures, and that DB03 is for SQL injection in the MAIN procedure for SYS.KUPW$WORKER."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB01 for Change Data Capture (CDC) component and (2) DB03 for Data Pump Metadata API. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB01 is related to multiple SQL injection vulnerabilities in SYS.DBMS_CDC_IMPDP using the (a) IMPORT_CHANGE_SET, (b) IMPORT_CHANGE_TABLE, (c) IMPORT_CHANGE_COLUMN, (d) IMPORT_SUBSCRIBER, (e) IMPORT_SUBSCRIBED_TABLE, (f) IMPORT_SUBSCRIBED_COLUMN, (g) VALIDATE_IMPORT, (h) VALIDATE_CHANGE_SET, (i) VALIDATE_CHANGE_TABLE, and (j) VALIDATE_SUBSCRIPTION procedures, and that DB03 is for SQL injection in the MAIN procedure for SYS.KUPW$WORKER."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060718 Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440440/100/0/threaded"
"name": "1016529",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016529"
},
{
"name" : "20060718 Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440439/100/0/threaded"
"name": "20060718 Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03]",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047994.html"
},
{
"name" : "20060718 Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03]",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047994.html"
"name": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_cdc_impdp.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_cdc_impdp.html"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_cdc_impdp.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_cdc_impdp.html"
"name": "20060718 Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440439/100/0/threaded"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_sql_injection_kupw$worker.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_sql_injection_kupw$worker.html"
"name": "oracle-dbmscdcimpdp-sql-injection(27889)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27889"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html"
"name": "19054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19054"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html"
"name": "http://www.red-database-security.com/advisory/oracle_sql_injection_kupw$worker.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_kupw$worker.html"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/440758/100/100/threaded"
"name": "oracle-cpu-july-2006(27897)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27897"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/440758/100/100/threaded"
"name": "21165",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21165"
},
{
"name" : "TA06-200A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-200A.html"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/440758/100/100/threaded"
},
{
"name" : "19054",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19054"
"name": "ADV-2006-2947",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2947"
},
{
"name" : "ADV-2006-2863",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2863"
"name": "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html"
},
{
"name" : "ADV-2006-2947",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2947"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/440758/100/100/threaded"
},
{
"name" : "1016529",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016529"
"name": "TA06-200A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-200A.html"
},
{
"name" : "21111",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21111"
"name": "20060718 Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440440/100/0/threaded"
},
{
"name" : "21165",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21165"
"name": "21111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21111"
},
{
"name" : "oracle-dbmscdcimpdp-sql-injection(27889)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27889"
"name": "oracle-kupwworker-sql-injection(27888)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27888"
},
{
"name" : "oracle-cpu-july-2006(27897)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27897"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html"
},
{
"name" : "oracle-kupwworker-sql-injection(27888)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27888"
"name": "ADV-2006-2863",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2863"
}
]
}

98
2006/4xxx/CVE-2006-4393.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4393",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4393",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users."
"lang": "eng",
"value": "Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "APPLE-SA-2006-09-29",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
"name": "1016959",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016959"
},
{
"name" : "20271",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20271"
"name": "20271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20271"
},
{
"name" : "ADV-2006-3852",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3852"
"name": "macos-fast-user-unauthorized-access(29290)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29290"
},
{
"name" : "29271",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29271"
"name": "22187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22187"
},
{
"name" : "1016959",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016959"
"name": "ADV-2006-3852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name" : "22187",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22187"
"name": "APPLE-SA-2006-09-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name" : "macos-fast-user-unauthorized-access(29290)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29290"
"name": "29271",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29271"
}
]
}

92
2006/4xxx/CVE-2006-4467.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4467",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4467",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to perform directory traversal attacks to read arbitrary local files, lock topics, and possibly have other security impacts. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Simple Machines Forum."
"lang": "eng",
"value": "Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to perform directory traversal attacks to read arbitrary local files, lock topics, and possibly have other security impacts. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Simple Machines Forum."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060822 Simple Machines Forum <=1.1RC2 unset() vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/444053/100/100/threaded"
"name": "http://www.simplemachines.org/community/index.php?topic=107112.0",
"refsource": "CONFIRM",
"url": "http://www.simplemachines.org/community/index.php?topic=107112.0"
},
{
"name" : "http://retrogod.altervista.org/smf_11rc2_local_incl.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/smf_11rc2_local_incl.html"
"name": "1475",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1475"
},
{
"name" : "http://retrogod.altervista.org/smf_11rc2_lock.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/smf_11rc2_lock.html"
"name": "http://retrogod.altervista.org/smf_11rc2_lock.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/smf_11rc2_lock.html"
},
{
"name" : "http://www.simplemachines.org/community/index.php?topic=107112.0",
"refsource" : "CONFIRM",
"url" : "http://www.simplemachines.org/community/index.php?topic=107112.0"
"name": "20060822 Simple Machines Forum <=1.1RC2 unset() vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444053/100/100/threaded"
},
{
"name" : "http://www.simplemachines.org/community/index.php?topic=107135.0",
"refsource" : "CONFIRM",
"url" : "http://www.simplemachines.org/community/index.php?topic=107135.0"
"name": "http://retrogod.altervista.org/smf_11rc2_local_incl.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/smf_11rc2_local_incl.html"
},
{
"name" : "1475",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1475"
"name": "http://www.simplemachines.org/community/index.php?topic=107135.0",
"refsource": "CONFIRM",
"url": "http://www.simplemachines.org/community/index.php?topic=107135.0"
}
]
}

188
2006/4xxx/CVE-2006-4969.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4969",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4969",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote attackers to execute arbitrary PHP code via a URL in the Inc_Dir parameter in (1) affiliates.php, (2) orders.php, (3) events.php, (4) index.php, (5) articles.php, (6) faqs.php, (7) guestbook.php, (8) catalog.php, (9) wholesale.php, (10) weblinks.php, (11) certificates.php, (12) sitesearch.php, (13) contact.php, (14) sitemap.php, (15) search.php, (16) registry.php, or (17) error.php."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote attackers to execute arbitrary PHP code via a URL in the Inc_Dir parameter in (1) affiliates.php, (2) orders.php, (3) events.php, (4) index.php, (5) articles.php, (6) faqs.php, (7) guestbook.php, (8) catalog.php, (9) wholesale.php, (10) weblinks.php, (11) certificates.php, (12) sitesearch.php, (13) contact.php, (14) sitemap.php, (15) search.php, (16) registry.php, or (17) error.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2393",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2393"
"name": "29198",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29198"
},
{
"name" : "20099",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20099"
"name": "29211",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29211"
},
{
"name" : "ADV-2006-3798",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3798"
"name": "29210",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29210"
},
{
"name" : "29198",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29198"
"name": "29206",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29206"
},
{
"name" : "29199",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29199"
"name": "29199",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29199"
},
{
"name" : "29200",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29200"
"name": "2393",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2393"
},
{
"name" : "29201",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29201"
"name": "29200",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29200"
},
{
"name" : "29202",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29202"
"name": "29208",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29208"
},
{
"name" : "29203",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29203"
"name": "29202",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29202"
},
{
"name" : "29204",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29204"
"name": "29201",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29201"
},
{
"name" : "29205",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29205"
"name": "29203",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29203"
},
{
"name" : "29206",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29206"
"name": "ADV-2006-3798",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3798"
},
{
"name" : "29207",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29207"
"name": "29212",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29212"
},
{
"name" : "29208",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29208"
"name": "29214",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29214"
},
{
"name" : "29209",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29209"
"name": "20099",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20099"
},
{
"name" : "29210",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29210"
"name": "29209",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29209"
},
{
"name" : "29211",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29211"
"name": "piecartpro-incdir-file-include(29023)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29023"
},
{
"name" : "29212",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29212"
"name": "29205",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29205"
},
{
"name" : "29213",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29213"
"name": "29204",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29204"
},
{
"name" : "29214",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29214"
"name": "29207",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29207"
},
{
"name" : "22131",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22131"
"name": "29213",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29213"
},
{
"name" : "piecartpro-incdir-file-include(29023)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29023"
"name": "22131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22131"
}
]
}

86
2006/6xxx/CVE-2006-6091.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6091",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6091",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB before 2006_11_21 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB before 2006_11_21 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=465519&group_id=182536",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=465519&group_id=182536"
"name": "23065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23065"
},
{
"name" : "21243",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21243"
"name": "http://sourceforge.net/project/shownotes.php?release_id=465519&group_id=182536",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=465519&group_id=182536"
},
{
"name" : "ADV-2006-4666",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4666"
"name": "ADV-2006-4666",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4666"
},
{
"name" : "23065",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23065"
"name": "21243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21243"
},
{
"name" : "grimbb-unspecified-xss(30469)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30469"
"name": "grimbb-unspecified-xss(30469)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30469"
}
]
}

314
2006/6xxx/CVE-2006-6504.json
View File

@ -1,271 +1,271 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6504",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-6504",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption."
"lang": "eng",
"value": "Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061220 ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/454939/100/0/threaded"
"name": "21668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21668"
},
{
"name" : "20070102 rPSA-2006-0234-2 firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455728/100/200/threaded"
"name": "23433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23433"
},
{
"name" : "20061222 rPSA-2006-0234-1 firefox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455145/100/0/threaded"
"name": "MDKSA-2007:010",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:010"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-051.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-051.html"
"name": "23439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23439"
},
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-73.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-73.html"
"name": "23672",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23672"
},
{
"name" : "https://issues.rpath.com/browse/RPL-883",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-883"
"name": "ADV-2006-5068",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5068"
},
{
"name" : "FEDORA-2006-1491",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2297"
"name": "23468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23468"
},
{
"name" : "FEDORA-2007-004",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2338"
"name": "RHSA-2006:0758",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0758.html"
},
{
"name" : "GLSA-200701-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200701-02.xml"
"name": "1017417",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017417"
},
{
"name" : "GLSA-200701-04",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml"
"name": "23692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23692"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name": "USN-398-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-398-2"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name": "GLSA-200701-04",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml"
},
{
"name" : "MDKSA-2007:010",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:010"
"name": "23282",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23282"
},
{
"name" : "RHSA-2006:0758",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0758.html"
"name": "FEDORA-2006-1491",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2297"
},
{
"name" : "RHSA-2006:0759",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0759.html"
"name": "23422",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23422"
},
{
"name" : "RHSA-2006:0760",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0760.html"
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "20061202-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"
"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-73.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-73.html"
},
{
"name" : "SUSE-SA:2006:080",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"
"name": "23614",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23614"
},
{
"name" : "SUSE-SA:2007:006",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"
"name": "RHSA-2006:0759",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0759.html"
},
{
"name" : "USN-398-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-398-1"
"name": "oval:org.mitre.oval:def:11077",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11077"
},
{
"name" : "USN-398-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-398-2"
"name": "USN-398-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-398-1"
},
{
"name" : "TA06-354A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-051.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-051.html"
},
{
"name" : "VU#928956",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/928956"
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name" : "21668",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21668"
"name": "FEDORA-2007-004",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2338"
},
{
"name" : "oval:org.mitre.oval:def:11077",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11077"
"name": "20061202-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"
},
{
"name" : "ADV-2006-5068",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5068"
"name": "23440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23440"
},
{
"name" : "ADV-2008-0083",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0083"
"name": "SUSE-SA:2006:080",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"
},
{
"name" : "1017417",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017417"
"name": "20061222 rPSA-2006-0234-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455145/100/0/threaded"
},
{
"name" : "1017418",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017418"
"name": "23545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23545"
},
{
"name" : "23433",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23433"
"name": "23618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23618"
},
{
"name" : "23439",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23439"
"name": "1017418",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017418"
},
{
"name" : "23440",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23440"
"name": "TA06-354A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"
},
{
"name" : "23282",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23282"
"name": "20061220 ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454939/100/0/threaded"
},
{
"name" : "23422",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23422"
"name": "23589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23589"
},
{
"name" : "23468",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23468"
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "23514",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23514"
"name": "VU#928956",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/928956"
},
{
"name" : "23589",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23589"
"name": "https://issues.rpath.com/browse/RPL-883",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-883"
},
{
"name" : "23601",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23601"
"name": "20070102 rPSA-2006-0234-2 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455728/100/200/threaded"
},
{
"name" : "23545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23545"
"name": "SUSE-SA:2007:006",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"
},
{
"name" : "23614",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23614"
"name": "23601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23601"
},
{
"name" : "23618",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23618"
"name": "23514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23514"
},
{
"name" : "23692",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23692"
"name": "GLSA-200701-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-02.xml"
},
{
"name" : "23672",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23672"
"name": "RHSA-2006:0760",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0760.html"
}
]
}

86
2006/6xxx/CVE-2006-6755.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6755",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6755",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Ixprim 1.2 allows remote attackers to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message."
"lang": "eng",
"value": "Ixprim 1.2 allows remote attackers to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061221 Ixprim CMS 1.2 Remote Blind SQL Injection Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455084/100/0/threaded"
"name": "20061221 Ixprim CMS 1.2 Remote Blind SQL Injection Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455084/100/0/threaded"
},
{
"name" : "http://acid-root.new.fr/poc/16061221.txt",
"refsource" : "MISC",
"url" : "http://acid-root.new.fr/poc/16061221.txt"
"name": "2975",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2975"
},
{
"name" : "2975",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2975"
"name": "http://acid-root.new.fr/poc/16061221.txt",
"refsource": "MISC",
"url": "http://acid-root.new.fr/poc/16061221.txt"
},
{
"name" : "2073",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2073"
"name": "2073",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2073"
},
{
"name" : "ixprim-ixprim-path-disclosure(31144)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31144"
"name": "ixprim-ixprim-path-disclosure(31144)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31144"
}
]
}

86
2006/6xxx/CVE-2006-6845.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6845",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6845",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the cntnt01searchinput parameter in a Search action."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the cntnt01searchinput parameter in a Search action."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061228 Re: XSS - CMS Made Simple v1.0.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455417/100/0/threaded"
"name": "20061228 Re: XSS - CMS Made Simple v1.0.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455417/100/0/threaded"
},
{
"name" : "21527",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21527"
"name": "ADV-2007-0027",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0027"
},
{
"name" : "ADV-2007-0027",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0027"
"name": "21527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21527"
},
{
"name" : "32571",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32571"
"name": "23582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23582"
},
{
"name" : "23582",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23582"
"name": "32571",
"refsource": "OSVDB",
"url": "http://osvdb.org/32571"
}
]
}

92
2006/6xxx/CVE-2006-6860.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6860",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6860",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier allows remote attackers to execute arbitrary code via a crafted sendStr string to the Bluetooth interface. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier allows remote attackers to execute arbitrary code via a crafted sendStr string to the Bluetooth interface. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061230 MythControl (MythTV remote control) arbitrary code execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455548/100/0/threaded"
"name": "21839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21839"
},
{
"name" : "21839",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21839"
"name": "ADV-2007-0024",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0024"
},
{
"name" : "ADV-2007-0024",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0024"
"name": "2096",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2096"
},
{
"name" : "1017460",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017460"
"name": "1017460",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017460"
},
{
"name" : "23607",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23607"
"name": "23607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23607"
},
{
"name" : "2096",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2096"
"name": "20061230 MythControl (MythTV remote control) arbitrary code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455548/100/0/threaded"
}
]
}

80
2006/6xxx/CVE-2006-6959.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6959",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6959",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the \"Startup-Shield\" security restrictions by modifying certain registry keys."
"lang": "eng",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the \"Startup-Shield\" security restrictions by modifying certain registry keys."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
"name": "spy-sweeper-registry-security-bypass(27264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name" : "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource" : "MISC",
"url" : "http://www.sentinel.gr/advisories/SGA-0001.txt"
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name" : "27535",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27535"
"name": "27535",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27535"
},
{
"name" : "spy-sweeper-registry-security-bypass(27264)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
]
}

80
2006/7xxx/CVE-2006-7136.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7136",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7136",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2827",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2827"
"name": "15510",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15510"
},
{
"name" : "21245",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21245"
"name": "phppc-functions-file-include(29393)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29393"
},
{
"name" : "15510",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15510"
"name": "21245",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21245"
},
{
"name" : "phppc-functions-file-include(29393)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29393"
"name": "2827",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2827"
}
]
}

236
2010/2xxx/CVE-2010-2187.json
View File

@ -1,206 +1,206 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2187",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-2187",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188."
"lang": "eng",
"value": "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
"name": "ADV-2011-0192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name" : "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4435"
"name": "ADV-2010-1421",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1421"
},
{
"name" : "APPLE-SA-2010-11-10-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name" : "GLSA-201101-09",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml"
"name": "40545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40545"
},
{
"name" : "HPSBMA02547",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "oval:org.mitre.oval:def:16056",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16056"
},
{
"name" : "SSRT100179",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "RHSA-2010:0464",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
},
{
"name" : "RHSA-2010:0464",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
"name": "ADV-2010-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name" : "RHSA-2010:0470",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
"name": "40797",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40797"
},
{
"name" : "SUSE-SA:2010:024",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
"name": "43026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43026"
},
{
"name" : "SUSE-SR:2010:013",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
"name": "ADV-2010-1432",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1432"
},
{
"name" : "TLSA-2010-19",
"refsource" : "TURBO",
"url" : "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
"name": "GLSA-201101-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name" : "TA10-162A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
"name": "TA10-162A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
},
{
"name" : "40759",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40759"
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name" : "40797",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40797"
"name": "40759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40759"
},
{
"name" : "oval:org.mitre.oval:def:7266",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7266"
"name": "1024085",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024085"
},
{
"name" : "oval:org.mitre.oval:def:16056",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16056"
"name": "SUSE-SR:2010:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name" : "1024085",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024085"
"name": "1024086",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024086"
},
{
"name" : "1024086",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024086"
"name": "ADV-2010-1434",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1434"
},
{
"name" : "40144",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40144"
"name": "TLSA-2010-19",
"refsource": "TURBO",
"url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
},
{
"name" : "40545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40545"
"name": "SSRT100179",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "43026",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43026"
"name": "SUSE-SA:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
},
{
"name" : "ADV-2010-1453",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1453"
"name": "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"name" : "ADV-2010-1421",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1421"
"name": "40144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40144"
},
{
"name" : "ADV-2010-1432",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1432"
"name": "RHSA-2010:0470",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
},
{
"name" : "ADV-2010-1434",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1434"
"name": "adobe-fpair-unspec-code-exec(59336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59336"
},
{
"name" : "ADV-2010-1482",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1482"
"name": "ADV-2010-1482",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1482"
},
{
"name" : "ADV-2010-1522",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1522"
"name": "oval:org.mitre.oval:def:7266",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7266"
},
{
"name" : "ADV-2010-1793",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1793"
"name": "HPSBMA02547",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "ADV-2011-0192",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0192"
"name": "ADV-2010-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1522"
},
{
"name" : "adobe-fpair-unspec-code-exec(59336)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59336"
"name": "ADV-2010-1453",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1453"
}
]
}

164
2010/2xxx/CVE-2010-2803.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2803",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2803",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount."
"lang": "eng",
"value": "The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=1b2f1489633888d4a06028315dc19d65768a1c05",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=1b2f1489633888d4a06028315dc19d65768a1c05"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd"
"name": "SUSE-SA:2010:041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53"
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21"
"name": "SUSE-SA:2010:040",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4"
"name": "ADV-2010-2430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2430"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=621435",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=621435"
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name" : "DSA-2094",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2094"
"name": "RHSA-2010:0842",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
},
{
"name" : "MDVSA-2010:198",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name" : "RHSA-2010:0842",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
"name": "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=1b2f1489633888d4a06028315dc19d65768a1c05",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=1b2f1489633888d4a06028315dc19d65768a1c05"
},
{
"name" : "SUSE-SA:2010:041",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4"
},
{
"name" : "SUSE-SA:2010:040",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
"name": "DSA-2094",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2094"
},
{
"name" : "SUSE-SA:2010:054",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=621435",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621435"
},
{
"name" : "SUSE-SA:2011:007",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"name": "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd"
},
{
"name" : "41512",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41512"
"name": "SUSE-SA:2010:054",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
},
{
"name" : "ADV-2010-2430",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2430"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21"
},
{
"name" : "ADV-2011-0298",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0298"
"name": "41512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41512"
}
]
}

80
2010/2xxx/CVE-2010-2924.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2924",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2924",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14441",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14441"
"name": "14441",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14441"
},
{
"name" : "66566",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/66566"
"name": "40692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40692"
},
{
"name" : "40692",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40692"
"name": "mylinksdump-myldlinker-sql-injection(60591)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60591"
},
{
"name" : "mylinksdump-myldlinker-sql-injection(60591)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60591"
"name": "66566",
"refsource": "OSVDB",
"url": "http://osvdb.org/66566"
}
]
}

22
2011/0xxx/CVE-2011-0108.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0108",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-0108",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

68
2011/0xxx/CVE-2011-0189.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0189",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0189",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities."
"lang": "eng",
"value": "The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4581",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4581"
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name" : "APPLE-SA-2011-03-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}

80
2011/0xxx/CVE-2011-0621.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0621",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-0621",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0622."
"lang": "eng",
"value": "Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0622."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
"name": "oval:org.mitre.oval:def:15739",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15739"
},
{
"name" : "SUSE-SA:2011:025",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html"
"name": "oval:org.mitre.oval:def:14160",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14160"
},
{
"name" : "oval:org.mitre.oval:def:14160",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14160"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-12.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"name" : "oval:org.mitre.oval:def:15739",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15739"
"name": "SUSE-SA:2011:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html"
}
]
}

86
2011/1xxx/CVE-2011-1124.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1124",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1124",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins."
"lang": "eng",
"value": "Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=72437",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=72437"
"name": "46614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46614"
},
{
"name" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html"
"name": "http://code.google.com/p/chromium/issues/detail?id=72437",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=72437"
},
{
"name" : "46614",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46614"
"name": "google-chrome-plugins-code-execution(65742)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65742"
},
{
"name" : "oval:org.mitre.oval:def:14563",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14563"
"name": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html"
},
{
"name" : "google-chrome-plugins-code-execution(65742)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65742"
"name": "oval:org.mitre.oval:def:14563",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14563"
}
]
}

22
2011/1xxx/CVE-2011-1151.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1151",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1151",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2011/1xxx/CVE-2011-1455.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1455",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1455",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document."
"lang": "eng",
"value": "Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=79361",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=79361"
"name": "oval:org.mitre.oval:def:14136",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14136"
},
{
"name" : "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
"name": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"name" : "oval:org.mitre.oval:def:14136",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14136"
"name": "chrome-pdf-code-execution(67161)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67161"
},
{
"name" : "chrome-pdf-code-execution(67161)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67161"
"name": "http://code.google.com/p/chromium/issues/detail?id=79361",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=79361"
}
]
}

92
2011/1xxx/CVE-2011-1520.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1520",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1520",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of the server console in IBM Lotus Domino does not require a password (aka Server_Console_Password), which allows physically proximate attackers to perform administrative changes or obtain sensitive information via a (1) Load, (2) Tell, or (3) Set Configuration command."
"lang": "eng",
"value": "The default configuration of the server console in IBM Lotus Domino does not require a password (aka Server_Console_Password), which allows physically proximate attackers to perform administrative changes or obtain sensitive information via a (1) Load, (2) Tell, or (3) Set Configuration command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110322 ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/517119/100/0/threaded"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-110",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-110"
},
{
"name" : "http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=/com.ibm.help.domino.admin.doc/DOC/H_THE_DOMINO_CONTROLLER_AND_CONSOLE_OVER.html",
"refsource" : "MISC",
"url" : "http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=/com.ibm.help.domino.admin.doc/DOC/H_THE_DOMINO_CONTROLLER_AND_CONSOLE_OVER.html"
"name": "http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=/com.ibm.help.domino.admin.doc/DOC/H_THE_DOMINO_CONTROLLER_AND_CONSOLE_OVER.html",
"refsource": "MISC",
"url": "http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=/com.ibm.help.domino.admin.doc/DOC/H_THE_DOMINO_CONTROLLER_AND_CONSOLE_OVER.html"
},
{
"name" : "http://www.lotus.com/ldd/doc/domino_notes/rnext/help6_admin.nsf/2e73cbb2141acefa85256b8700688cea/0c50e423038555d085256c1d003a31f0?OpenDocument",
"refsource" : "MISC",
"url" : "http://www.lotus.com/ldd/doc/domino_notes/rnext/help6_admin.nsf/2e73cbb2141acefa85256b8700688cea/0c50e423038555d085256c1d003a31f0?OpenDocument"
"name": "http://www.lotus.com/ldd/doc/domino_notes/rnext/help6_admin.nsf/2e73cbb2141acefa85256b8700688cea/0c50e423038555d085256c1d003a31f0?OpenDocument",
"refsource": "MISC",
"url": "http://www.lotus.com/ldd/doc/domino_notes/rnext/help6_admin.nsf/2e73cbb2141acefa85256b8700688cea/0c50e423038555d085256c1d003a31f0?OpenDocument"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-110",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-110"
"name": "20110322 ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517119/100/0/threaded"
},
{
"name" : "http://www.lotus.com/ldd/dominowiki.nsf/dx/server_console_password",
"refsource" : "CONFIRM",
"url" : "http://www.lotus.com/ldd/dominowiki.nsf/dx/server_console_password"
"name": "8164",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8164"
},
{
"name" : "8164",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8164"
"name": "http://www.lotus.com/ldd/dominowiki.nsf/dx/server_console_password",
"refsource": "CONFIRM",
"url": "http://www.lotus.com/ldd/dominowiki.nsf/dx/server_console_password"
}
]
}

74
2011/1xxx/CVE-2011-1713.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1713",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1713",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. NOTE: this might overlap CVE-2011-1202."
"lang": "eng",
"value": "Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. NOTE: this might overlap CVE-2011-1202."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html",
"refsource" : "MISC",
"url" : "http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html"
"name": "oval:org.mitre.oval:def:12693",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12693"
},
{
"name" : "oval:org.mitre.oval:def:12693",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12693"
"name": "http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html",
"refsource": "MISC",
"url": "http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html"
},
{
"name" : "ms-msxml-info-disclosure(66835)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66835"
"name": "ms-msxml-info-disclosure(66835)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66835"
}
]
}

68
2011/4xxx/CVE-2011-4006.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4006",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-4006",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.5 allows remote attackers to cause a denial of service (CPU consumption) via an unspecified closing sequence, aka Bug ID CSCtt32565."
"lang": "eng",
"value": "The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.5 allows remote attackers to cause a denial of service (CPU consumption) via an unspecified closing sequence, aka Bug ID CSCtt32565."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.cisco.com/web/software/283878312/88166/ASA-851-Interim-Release-Notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.cisco.com/web/software/283878312/88166/ASA-851-Interim-Release-Notes.html"
"name": "1027008",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027008"
},
{
"name" : "1027008",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027008"
"name": "http://www.cisco.com/web/software/283878312/88166/ASA-851-Interim-Release-Notes.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/web/software/283878312/88166/ASA-851-Interim-Release-Notes.html"
}
]
}

74
2011/4xxx/CVE-2011-4099.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4099",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4099",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors."
"lang": "eng",
"value": "The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=722694",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=722694"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=722694",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=722694"
},
{
"name" : "https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222",
"refsource" : "CONFIRM",
"url" : "https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222"
"name": "https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222",
"refsource": "CONFIRM",
"url": "https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222"
},
{
"name" : "RHSA-2011:1694",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2011-1694.html"
"name": "RHSA-2011:1694",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-1694.html"
}
]
}

110
2011/4xxx/CVE-2011-4822.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4822",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4822",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) the user profile display name, which is not properly handled in a FishEye page."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) the user profile display name, which is not properly handled in a FishEye page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-11-22",
"refsource" : "CONFIRM",
"url" : "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-11-22"
"name": "fisheye-display-name-xss(71426)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71426"
},
{
"name" : "https://jira.atlassian.com/browse/FE-3797",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-3797"
"name": "https://jira.atlassian.com/browse/FE-3797",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/FE-3797"
},
{
"name" : "https://jira.atlassian.com/browse/FE-3798",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-3798"
"name": "fisheye-comment-xss(71427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71427"
},
{
"name" : "50762",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50762"
"name": "https://jira.atlassian.com/browse/FE-3798",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/FE-3798"
},
{
"name" : "77263",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77263"
"name": "77264",
"refsource": "OSVDB",
"url": "http://osvdb.org/77264"
},
{
"name" : "77264",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77264"
"name": "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-11-22",
"refsource": "CONFIRM",
"url": "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-11-22"
},
{
"name" : "46975",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46975"
"name": "46975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46975"
},
{
"name" : "fisheye-comment-xss(71427)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71427"
"name": "50762",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50762"
},
{
"name" : "fisheye-display-name-xss(71426)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71426"
"name": "77263",
"refsource": "OSVDB",
"url": "http://osvdb.org/77263"
}
]
}

62
2014/2xxx/CVE-2014-2365.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2365",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2365",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02",
"refsource" : "MISC",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
}
]
}

104
2014/2xxx/CVE-2014-2672.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2672",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2672",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions."
"lang": "eng",
"value": "Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140330 Re: CVE request: Linux Kernel, two security issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/03/30/5"
"name": "https://bugzilla.kernel.org/show_bug.cgi?id=70551",
"refsource": "CONFIRM",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=70551"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21f8aaee0c62708654988ce092838aa7df4d25d8",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21f8aaee0c62708654988ce092838aa7df4d25d8"
"name": "https://github.com/torvalds/linux/commit/21f8aaee0c62708654988ce092838aa7df4d25d8",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/21f8aaee0c62708654988ce092838aa7df4d25d8"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7"
"name": "[oss-security] 20140330 Re: CVE request: Linux Kernel, two security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/30/5"
},
{
"name" : "https://bugzilla.kernel.org/show_bug.cgi?id=70551",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.kernel.org/show_bug.cgi?id=70551"
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15"
},
{
"name" : "https://github.com/torvalds/linux/commit/21f8aaee0c62708654988ce092838aa7df4d25d8",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/21f8aaee0c62708654988ce092838aa7df4d25d8"
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7"
},
{
"name" : "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15",
"refsource" : "CONFIRM",
"url" : "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21f8aaee0c62708654988ce092838aa7df4d25d8",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21f8aaee0c62708654988ce092838aa7df4d25d8"
},
{
"name" : "66492",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66492"
"name": "66492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66492"
},
{
"name" : "57468",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57468"
"name": "57468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57468"
}
]
}

116
2014/2xxx/CVE-2014-2856.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2856",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2856",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140414 CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/04/14/2"
"name": "57880",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57880"
},
{
"name" : "[oss-security] 20140415 Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/04/15/3"
"name": "66788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66788"
},
{
"name" : "http://www.cups.org/documentation.php/relnotes.html",
"refsource" : "CONFIRM",
"url" : "http://www.cups.org/documentation.php/relnotes.html"
"name": "USN-2172-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2172-1"
},
{
"name" : "http://www.cups.org/str.php?L4356",
"refsource" : "CONFIRM",
"url" : "http://www.cups.org/str.php?L4356"
"name": "[oss-security] 20140414 CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/14/2"
},
{
"name" : "http://advisories.mageia.org/MGASA-2014-0193.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2014-0193.html"
"name": "RHSA-2014:1388",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name" : "MDVSA-2015:108",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
"name": "http://advisories.mageia.org/MGASA-2014-0193.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0193.html"
},
{
"name" : "RHSA-2014:1388",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
"name": "http://www.cups.org/documentation.php/relnotes.html",
"refsource": "CONFIRM",
"url": "http://www.cups.org/documentation.php/relnotes.html"
},
{
"name" : "USN-2172-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2172-1"
"name": "http://www.cups.org/str.php?L4356",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L4356"
},
{
"name" : "66788",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66788"
"name": "[oss-security] 20140415 Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/15/3"
},
{
"name" : "57880",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57880"
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
]
}

68
2014/3xxx/CVE-2014-3517.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3517",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3517",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests."
"lang": "eng",
"value": "api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140717 [OSSA 2014-024] Use of non-constant time comparison operation (CVE-2014-3517)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/07/17/2"
"name": "[oss-security] 20140717 [OSSA 2014-024] Use of non-constant time comparison operation (CVE-2014-3517)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/17/2"
},
{
"name" : "https://bugs.launchpad.net/nova/+bug/1325128",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/nova/+bug/1325128"
"name": "https://bugs.launchpad.net/nova/+bug/1325128",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/nova/+bug/1325128"
}
]
}

110
2014/3xxx/CVE-2014-3696.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3696",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3696",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation."
"lang": "eng",
"value": "nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/44fd89158777",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/44fd89158777"
"name": "http://pidgin.im/news/security/?id=88",
"refsource": "CONFIRM",
"url": "http://pidgin.im/news/security/?id=88"
},
{
"name" : "http://pidgin.im/news/security/?id=88",
"refsource" : "CONFIRM",
"url" : "http://pidgin.im/news/security/?id=88"
"name": "http://hg.pidgin.im/pidgin/main/rev/44fd89158777",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/44fd89158777"
},
{
"name" : "DSA-3055",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3055"
"name": "RHSA-2017:1854",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1854"
},
{
"name" : "RHSA-2017:1854",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1854"
"name": "USN-2390-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2390-1"
},
{
"name" : "openSUSE-SU-2014:1376",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-11/msg00023.html"
"name": "openSUSE-SU-2014:1376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00023.html"
},
{
"name" : "openSUSE-SU-2014:1397",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-11/msg00037.html"
"name": "60741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60741"
},
{
"name" : "USN-2390-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2390-1"
"name": "DSA-3055",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3055"
},
{
"name" : "60741",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60741"
"name": "openSUSE-SU-2014:1397",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00037.html"
},
{
"name" : "61968",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61968"
"name": "61968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61968"
}
]
}

104
2014/3xxx/CVE-2014-3776.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3776",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3776",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the \"read-u8vector!\" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a \"#f\" value in the NUM argument."
"lang": "eng",
"value": "Buffer overflow in the \"read-u8vector!\" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a \"#f\" value in the NUM argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[Chicken-hackers] 20140517 [PATCH] Bound read-u8vector! to dest vector's size when no length is given",
"refsource" : "MLIST",
"url" : "http://lists.gnu.org/archive/html/chicken-hackers/2014-05/msg00032.html"
"name": "67468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67468"
},
{
"name" : "[chicken-announce] 20140518 [SECURITY] Buffer-overrun in some uses of read-u8vect",
"refsource" : "MLIST",
"url" : "http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg00001.html"
"name": "[Chicken-hackers] 20140517 [PATCH] Bound read-u8vector! to dest vector's size when no length is given",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/chicken-hackers/2014-05/msg00032.html"
},
{
"name" : "[oss-security] 20140518 CVE request for buffer overrun in CHICKEN Scheme",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q2/328"
"name": "https://bugs.call-cc.org/ticket/1124",
"refsource": "CONFIRM",
"url": "https://bugs.call-cc.org/ticket/1124"
},
{
"name" : "[oss-security] 20140519 Re: CVE request for buffer overrun in CHICKEN Scheme",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q2/334"
"name": "[oss-security] 20140519 Re: CVE request for buffer overrun in CHICKEN Scheme",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/334"
},
{
"name" : "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e",
"refsource" : "CONFIRM",
"url" : "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e"
"name": "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e",
"refsource": "CONFIRM",
"url": "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e"
},
{
"name" : "https://bugs.call-cc.org/ticket/1124",
"refsource" : "CONFIRM",
"url" : "https://bugs.call-cc.org/ticket/1124"
"name": "GLSA-201612-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-54"
},
{
"name" : "GLSA-201612-54",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-54"
"name": "[oss-security] 20140518 CVE request for buffer overrun in CHICKEN Scheme",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/328"
},
{
"name" : "67468",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67468"
"name": "[chicken-announce] 20140518 [SECURITY] Buffer-overrun in some uses of read-u8vect",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg00001.html"
}
]
}

98
2014/6xxx/CVE-2014-6187.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6187",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6187",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x before 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x before 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693379",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693379"
"name": "ibm-wsrr-cve20146187-csrf(98553)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98553"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693381",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693381"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21693384",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21693384"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693384",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693384"
"name": "71906",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71906"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693387",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693387"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21693379",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21693379"
},
{
"name" : "IV26727",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV26727"
"name": "IV26727",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV26727"
},
{
"name" : "71906",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71906"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21693381",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21693381"
},
{
"name" : "ibm-wsrr-cve20146187-csrf(98553)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98553"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21693387",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21693387"
}
]
}

74
2014/7xxx/CVE-2014-7359.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7359",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7359",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The MAPA DA MINA (aka com.wMAPADAMINA) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The MAPA DA MINA (aka com.wMAPADAMINA) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#587249",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/587249"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#587249",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/587249"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7507.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7507",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7507",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Hector Leal (aka ad.hector.leal.com) application 13/08/14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Hector Leal (aka ad.hector.leal.com) application 13/08/14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#510337",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/510337"
},
{
"name" : "VU#510337",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/510337"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7692.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7692",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7692",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Lent Experience (aka com.wLentExperience) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Lent Experience (aka com.wLentExperience) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#911793",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/911793"
"name": "VU#911793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/911793"
}
]
}

74
2014/7xxx/CVE-2014-7776.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7776",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7776",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Kavita KS (aka com.snaplion.kavitaks) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Kavita KS (aka com.snaplion.kavitaks) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#852217",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/852217"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#852217",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/852217"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

128
2014/7xxx/CVE-2014-7930.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7930",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2014-7930",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data."
"lang": "eng",
"value": "Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html"
"name": "62665",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62665"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=442806",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=442806"
"name": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html"
},
{
"name" : "https://src.chromium.org/viewvc/blink?revision=187435&view=revision",
"refsource" : "CONFIRM",
"url" : "https://src.chromium.org/viewvc/blink?revision=187435&view=revision"
"name": "62575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62575"
},
{
"name" : "GLSA-201502-13",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201502-13.xml"
"name": "USN-2476-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2476-1"
},
{
"name" : "RHSA-2015:0093",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0093.html"
"name": "72288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72288"
},
{
"name" : "openSUSE-SU-2015:0441",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
"name": "GLSA-201502-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
},
{
"name" : "USN-2476-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2476-1"
"name": "https://code.google.com/p/chromium/issues/detail?id=442806",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=442806"
},
{
"name" : "72288",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72288"
"name": "https://src.chromium.org/viewvc/blink?revision=187435&view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=187435&view=revision"
},
{
"name" : "1031623",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031623"
"name": "1031623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031623"
},
{
"name" : "62575",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62575"
"name": "openSUSE-SU-2015:0441",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
},
{
"name" : "62383",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62383"
"name": "RHSA-2015:0093",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0093.html"
},
{
"name" : "62665",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62665"
"name": "62383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62383"
}
]
}

134
2016/2xxx/CVE-2016-2512.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2512",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2512",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\\@attacker.com."
"lang": "eng",
"value": "The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\\@attacker.com."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0",
"refsource" : "CONFIRM",
"url" : "https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0"
"name": "RHSA-2016:0506",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0506.html"
},
{
"name" : "https://www.djangoproject.com/weblog/2016/mar/01/security-releases/",
"refsource" : "CONFIRM",
"url" : "https://www.djangoproject.com/weblog/2016/mar/01/security-releases/"
"name": "1035152",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035152"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "83879",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83879"
},
{
"name" : "DSA-3544",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3544"
"name": "RHSA-2016:0504",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0504.html"
},
{
"name" : "RHSA-2016:0504",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0504.html"
"name": "DSA-3544",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3544"
},
{
"name" : "RHSA-2016:0502",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0502.html"
"name": "RHSA-2016:0502",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0502.html"
},
{
"name" : "RHSA-2016:0505",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0505.html"
"name": "USN-2915-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2915-3"
},
{
"name" : "RHSA-2016:0506",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0506.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "USN-2915-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2915-1"
"name": "USN-2915-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2915-2"
},
{
"name" : "USN-2915-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2915-2"
"name": "RHSA-2016:0505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0505.html"
},
{
"name" : "USN-2915-3",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2915-3"
"name": "USN-2915-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2915-1"
},
{
"name" : "83879",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/83879"
"name": "https://www.djangoproject.com/weblog/2016/mar/01/security-releases/",
"refsource": "CONFIRM",
"url": "https://www.djangoproject.com/weblog/2016/mar/01/security-releases/"
},
{
"name" : "1035152",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035152"
"name": "https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0",
"refsource": "CONFIRM",
"url": "https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0"
}
]
}

22
2016/2xxx/CVE-2016-2579.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2579",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-2579",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

68
2017/0xxx/CVE-2017-0224.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0224",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0224",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Edge",
"version" : {
"version_data" : [
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value" : "Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems."
"version_value": "Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems."
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238."
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0224",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0224"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0224",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0224"
},
{
"name" : "98214",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98214"
"name": "98214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98214"
}
]
}

62
2017/18xxx/CVE-2017-18291.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18291",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18291",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter."
"lang": "eng",
"value": "An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://rchase.com/blog/posts/pvpgn-stats-multiple-sql-injection-vulnerabilities/",
"refsource" : "MISC",
"url" : "https://rchase.com/blog/posts/pvpgn-stats-multiple-sql-injection-vulnerabilities/"
"name": "https://rchase.com/blog/posts/pvpgn-stats-multiple-sql-injection-vulnerabilities/",
"refsource": "MISC",
"url": "https://rchase.com/blog/posts/pvpgn-stats-multiple-sql-injection-vulnerabilities/"
}
]
}

22
2017/1xxx/CVE-2017-1184.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1184",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1184",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2017/1xxx/CVE-2017-1431.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00",
"ID" : "CVE-2017-1431",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-1431",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Streams",
"version" : {
"version_data" : [
"product_name": "Streams",
"version": {
"version_data": [
{
"version_value" : "4.0"
"version_value": "4.0"
},
{
"version_value" : "4.0.1"
"version_value": "4.0.1"
},
{
"version_value" : "4.1"
"version_value": "4.1"
},
{
"version_value" : "4.1.1"
"version_value": "4.1.1"
},
{
"version_value" : "4.2"
"version_value": "4.2"
},
{
"version_value" : "4.2.1"
"version_value": "4.2.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632."
"lang": "eng",
"value": "IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127632",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127632"
"name": "100253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100253"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006827",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006827"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127632",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127632"
},
{
"name" : "100253",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100253"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006827",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006827"
}
]
}

22
2017/1xxx/CVE-2017-1884.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1884",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1884",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

68
2017/5xxx/CVE-2017-5047.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5047",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5047",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 57.0.2987.98 for Mac, Windows and Linux, and 57.0.2987.108 for Android",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 57.0.2987.98 for Mac, Windows and Linux, and 57.0.2987.108 for Android",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 57.0.2987.98 for Mac, Windows and Linux, and 57.0.2987.108 for Android"
"version_value": "Google Chrome prior to 57.0.2987.98 for Mac, Windows and Linux, and 57.0.2987.108 for Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer."
"lang": "eng",
"value": "An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "integer overflow"
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html"
"name": "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html"
},
{
"name" : "https://crbug.com/679653",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/679653"
"name": "https://crbug.com/679653",
"refsource": "CONFIRM",
"url": "https://crbug.com/679653"
}
]
}

102
2017/5xxx/CVE-2017-5637.json
View File

@ -1,95 +1,95 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@apache.org",
"DATE_PUBLIC" : "2017-10-09T00:00:00",
"ID" : "CVE-2017-5637",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-10-09T00:00:00",
"ID": "CVE-2017-5637",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Apache ZooKeeper",
"version" : {
"version_data" : [
"product_name": "Apache ZooKeeper",
"version": {
"version_data": [
{
"version_value" : "3.4.0 to 3.4.9"
"version_value": "3.4.0 to 3.4.9"
},
{
"version_value" : "3.5.0 to 3.5.2"
"version_value": "3.5.0 to 3.5.2"
}
]
}
}
]
},
"vendor_name" : "Apache Software Foundation"
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Two four letter word commands \"wchp/wchc\" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later."
"lang": "eng",
"value": "Two four letter word commands \"wchp/wchc\" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "DOS"
"lang": "eng",
"value": "DOS"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[dev] 20171009 [SECURITY] CVE-2017-5637: DOS attack on wchp/wchc four letter words (4lw)",
"refsource" : "MLIST",
"url" : "https://lists.apache.org/thread.html/58170aeb7a681d462b7fa31cae81110cbb749d2dc83c5736a0bb8370@%3Cdev.zookeeper.apache.org%3E"
"name": "[dev] 20171009 [SECURITY] CVE-2017-5637: DOS attack on wchp/wchc four letter words (4lw)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/58170aeb7a681d462b7fa31cae81110cbb749d2dc83c5736a0bb8370@%3Cdev.zookeeper.apache.org%3E"
},
{
"name" : "https://issues.apache.org/jira/browse/ZOOKEEPER-2693",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/ZOOKEEPER-2693"
"name": "https://issues.apache.org/jira/browse/ZOOKEEPER-2693",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/ZOOKEEPER-2693"
},
{
"name" : "DSA-3871",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3871"
"name": "98814",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98814"
},
{
"name" : "RHSA-2017:3354",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:3354"
"name": "RHSA-2017:3355",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3355"
},
{
"name" : "RHSA-2017:3355",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:3355"
"name": "RHSA-2017:3354",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3354"
},
{
"name" : "RHSA-2017:2477",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2477"
"name": "RHSA-2017:2477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2477"
},
{
"name" : "98814",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98814"
"name": "DSA-3871",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3871"
}
]
}

64
2017/5xxx/CVE-2017-5794.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-03-08T00:00:00",
"ID" : "CVE-2017-5794",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-03-08T00:00:00",
"ID": "CVE-2017-5794",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Intelligent Management Center (IMC) PLAT",
"version" : {
"version_data" : [
"product_name": "Intelligent Management Center (IMC) PLAT",
"version": {
"version_data": [
{
"version_value" : "PLAT 7.2 E0403P06"
"version_value": "PLAT 7.2 E0403P06"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found."
"lang": "eng",
"value": "A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Arbitrary File Download"
"lang": "eng",
"value": "Remote Arbitrary File Download"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us"
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us"
}
]
}

62
2017/5xxx/CVE-2017-5915.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5915",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5915",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1.0 (KSA) for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1.0 (KSA) for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f",
"refsource" : "MISC",
"url" : "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f"
"name": "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f",
"refsource": "MISC",
"url": "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f"
}
]
}