From 625ab9b180bec69340a14438f08497f827eb129c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 05:22:59 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0084.json | 140 +++---- 2007/0xxx/CVE-2007-0286.json | 180 ++++---- 2007/0xxx/CVE-2007-0700.json | 200 ++++----- 2007/0xxx/CVE-2007-0851.json | 260 ++++++------ 2007/1xxx/CVE-2007-1534.json | 160 +++---- 2007/1xxx/CVE-2007-1700.json | 300 ++++++------- 2007/1xxx/CVE-2007-1819.json | 220 +++++----- 2007/3xxx/CVE-2007-3656.json | 570 ++++++++++++------------- 2007/3xxx/CVE-2007-3780.json | 380 ++++++++--------- 2007/4xxx/CVE-2007-4076.json | 130 +++--- 2007/4xxx/CVE-2007-4092.json | 160 +++---- 2007/4xxx/CVE-2007-4625.json | 160 +++---- 2007/4xxx/CVE-2007-4772.json | 650 ++++++++++++++--------------- 2007/4xxx/CVE-2007-4823.json | 130 +++--- 2007/4xxx/CVE-2007-4887.json | 350 ++++++++-------- 2014/5xxx/CVE-2014-5491.json | 34 +- 2015/2xxx/CVE-2015-2039.json | 140 +++---- 2015/2xxx/CVE-2015-2148.json | 120 +++--- 2015/2xxx/CVE-2015-2560.json | 150 +++---- 2015/2xxx/CVE-2015-2738.json | 310 +++++++------- 2015/2xxx/CVE-2015-2842.json | 160 +++---- 2015/3xxx/CVE-2015-3265.json | 34 +- 2015/3xxx/CVE-2015-3577.json | 34 +- 2015/6xxx/CVE-2015-6091.json | 130 +++--- 2015/6xxx/CVE-2015-6144.json | 140 +++---- 2015/6xxx/CVE-2015-6255.json | 140 +++---- 2015/7xxx/CVE-2015-7147.json | 34 +- 2015/7xxx/CVE-2015-7279.json | 130 +++--- 2015/7xxx/CVE-2015-7377.json | 150 +++---- 2016/0xxx/CVE-2016-0041.json | 170 ++++---- 2016/0xxx/CVE-2016-0078.json | 34 +- 2016/0xxx/CVE-2016-0509.json | 130 +++--- 2016/0xxx/CVE-2016-0632.json | 34 +- 2016/0xxx/CVE-2016-0683.json | 130 +++--- 2016/0xxx/CVE-2016-0839.json | 130 +++--- 2016/1000xxx/CVE-2016-1000128.json | 140 +++---- 2016/10xxx/CVE-2016-10685.json | 122 +++--- 2016/1xxx/CVE-2016-1235.json | 140 +++---- 2016/1xxx/CVE-2016-1490.json | 160 +++---- 2016/1xxx/CVE-2016-1724.json | 240 +++++------ 2016/4xxx/CVE-2016-4307.json | 140 +++---- 2016/4xxx/CVE-2016-4421.json | 160 +++---- 2016/4xxx/CVE-2016-4504.json | 120 +++--- 2016/4xxx/CVE-2016-4511.json | 120 +++--- 2016/4xxx/CVE-2016-4871.json | 150 +++---- 2019/0xxx/CVE-2019-0347.json | 34 +- 2019/0xxx/CVE-2019-0398.json | 34 +- 2019/3xxx/CVE-2019-3062.json | 34 +- 2019/3xxx/CVE-2019-3640.json | 34 +- 2019/3xxx/CVE-2019-3758.json | 34 +- 2019/4xxx/CVE-2019-4563.json | 34 +- 2019/4xxx/CVE-2019-4752.json | 34 +- 2019/4xxx/CVE-2019-4849.json | 34 +- 2019/4xxx/CVE-2019-4951.json | 34 +- 2019/7xxx/CVE-2019-7036.json | 34 +- 2019/7xxx/CVE-2019-7148.json | 120 +++--- 2019/7xxx/CVE-2019-7209.json | 34 +- 2019/7xxx/CVE-2019-7307.json | 34 +- 2019/7xxx/CVE-2019-7768.json | 34 +- 2019/8xxx/CVE-2019-8171.json | 34 +- 2019/8xxx/CVE-2019-8598.json | 34 +- 2019/8xxx/CVE-2019-8814.json | 34 +- 2019/8xxx/CVE-2019-8894.json | 34 +- 2019/8xxx/CVE-2019-8955.json | 140 +++---- 2019/9xxx/CVE-2019-9113.json | 120 +++--- 65 files changed, 4387 insertions(+), 4387 deletions(-) diff --git a/2007/0xxx/CVE-2007-0084.json b/2007/0xxx/CVE-2007-0084.json index 60ab09a01e1..4bb4e6dba37 100644 --- a/2007/0xxx/CVE-2007-0084.json +++ b/2007/0xxx/CVE-2007-0084.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Buffer overflow in the Windows NT Message Compiler (MC) 1.00.5239 on Microsoft Windows XP allows local users to gain privileges via a long MC-filename. NOTE: this issue has been disputed by a reliable third party who states that the compiler is not a privileged program, so privilege boundaries cannot be crossed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070102 Windows NT Message Compiler 1.00.5239 arbitrary code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455729/100/0/threaded" - }, - { - "name" : "20070103 Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455789/100/0/threaded" - }, - { - "name" : "37817", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37817" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Buffer overflow in the Windows NT Message Compiler (MC) 1.00.5239 on Microsoft Windows XP allows local users to gain privileges via a long MC-filename. NOTE: this issue has been disputed by a reliable third party who states that the compiler is not a privileged program, so privilege boundaries cannot be crossed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070103 Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455789/100/0/threaded" + }, + { + "name": "37817", + "refsource": "OSVDB", + "url": "http://osvdb.org/37817" + }, + { + "name": "20070102 Windows NT Message Compiler 1.00.5239 arbitrary code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455729/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0286.json b/2007/0xxx/CVE-2007-0286.json index 54b76361bf6..9b393248d10 100644 --- a/2007/0xxx/CVE-2007-0286.json +++ b/2007/0xxx/CVE-2007-0286.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0286", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, has unknown impact and attack vectors related to Containers for J2EE, aka OC4J07." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" - }, - { - "name" : "TA07-017A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" - }, - { - "name" : "22083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22083" - }, - { - "name" : "32901", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32901" - }, - { - "name" : "1017522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017522" - }, - { - "name" : "23794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23794" - }, - { - "name" : "oracle-cpu-jan2007(31541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, has unknown impact and attack vectors related to Containers for J2EE, aka OC4J07." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23794" + }, + { + "name": "22083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22083" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" + }, + { + "name": "TA07-017A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" + }, + { + "name": "oracle-cpu-jan2007(31541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" + }, + { + "name": "1017522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017522" + }, + { + "name": "32901", + "refsource": "OSVDB", + "url": "http://osvdb.org/32901" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0700.json b/2007/0xxx/CVE-2007-0700.json index 58828748c31..e4e0a57d824 100644 --- a/2007/0xxx/CVE-2007-0700.json +++ b/2007/0xxx/CVE-2007-0700.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this issue was later reported for 2.5.1.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070201 php web portail [remote file include & local file include]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458805/100/0/threaded" - }, - { - "name" : "5182", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5182" - }, - { - "name" : "20070201 Fwd: php web portail [remote file include & local file include]", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001269.html" - }, - { - "name" : "20070202 Local File Inclusion inconclusive in PwP (was Fwd: php web portail [remote file include & local fileinclude])", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001280.html" - }, - { - "name" : "20070202 Local File Inclusion inconclusive in PwP (was Fwd: php web portail [remote file include & local fileinclude])", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001281.html" - }, - { - "name" : "22361", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22361" - }, - { - "name" : "27962", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27962" - }, - { - "name" : "33634", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33634" - }, - { - "name" : "portailwebphp-index-file-include(32115)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this issue was later reported for 2.5.1.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070202 Local File Inclusion inconclusive in PwP (was Fwd: php web portail [remote file include & local fileinclude])", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001280.html" + }, + { + "name": "27962", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27962" + }, + { + "name": "33634", + "refsource": "OSVDB", + "url": "http://osvdb.org/33634" + }, + { + "name": "20070201 php web portail [remote file include & local file include]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458805/100/0/threaded" + }, + { + "name": "portailwebphp-index-file-include(32115)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32115" + }, + { + "name": "22361", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22361" + }, + { + "name": "20070202 Local File Inclusion inconclusive in PwP (was Fwd: php web portail [remote file include & local fileinclude])", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001281.html" + }, + { + "name": "5182", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5182" + }, + { + "name": "20070201 Fwd: php web portail [remote file include & local file include]", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001269.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0851.json b/2007/0xxx/CVE-2007-0851.json index b655975b3e4..3ad26055edc 100644 --- a/2007/0xxx/CVE-2007-0851.json +++ b/2007/0xxx/CVE-2007-0851.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0851", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0851", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470" - }, - { - "name" : "http://www.jpcert.or.jp/at/2007/at070004.txt", - "refsource" : "MISC", - "url" : "http://www.jpcert.or.jp/at/2007/at070004.txt" - }, - { - "name" : "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289", - "refsource" : "CONFIRM", - "url" : "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289" - }, - { - "name" : "VU#276432", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/276432" - }, - { - "name" : "JVN#77366274", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2377366274/index.html" - }, - { - "name" : "22449", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22449" - }, - { - "name" : "ADV-2007-0522", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0522" - }, - { - "name" : "ADV-2007-0569", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0569" - }, - { - "name" : "33038", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33038" - }, - { - "name" : "1017601", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017601" - }, - { - "name" : "1017602", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017602" - }, - { - "name" : "1017603", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017603" - }, - { - "name" : "24087", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24087" - }, - { - "name" : "24128", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24128" - }, - { - "name" : "antivirus-upx-bo(32352)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017601", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017601" + }, + { + "name": "22449", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22449" + }, + { + "name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289", + "refsource": "CONFIRM", + "url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289" + }, + { + "name": "1017603", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017603" + }, + { + "name": "http://www.jpcert.or.jp/at/2007/at070004.txt", + "refsource": "MISC", + "url": "http://www.jpcert.or.jp/at/2007/at070004.txt" + }, + { + "name": "24087", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24087" + }, + { + "name": "33038", + "refsource": "OSVDB", + "url": "http://osvdb.org/33038" + }, + { + "name": "ADV-2007-0522", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0522" + }, + { + "name": "JVN#77366274", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2377366274/index.html" + }, + { + "name": "VU#276432", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/276432" + }, + { + "name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470" + }, + { + "name": "antivirus-upx-bo(32352)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352" + }, + { + "name": "ADV-2007-0569", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0569" + }, + { + "name": "1017602", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017602" + }, + { + "name": "24128", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24128" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1534.json b/2007/1xxx/CVE-2007-1534.json index 742c3c1c558..8dc61ce0d64 100644 --- a/2007/1xxx/CVE-2007-1534.json +++ b/2007/1xxx/CVE-2007-1534.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1534", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains available for remote connections on TCP port 5722 for 2 minutes after Windows Meeting Space is closed, which allows remote attackers to have an unknown impact by connecting to this port during the time window." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1534", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070313 New report on Windows Vista network attack surface", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462793/100/0/threaded" - }, - { - "name" : "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464617/100/0/threaded" - }, - { - "name" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", - "refsource" : "MISC", - "url" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" - }, - { - "name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", - "refsource" : "MISC", - "url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" - }, - { - "name" : "33668", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33668" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains available for remote connections on TCP port 5722 for 2 minutes after Windows Meeting Space is closed, which allows remote attackers to have an unknown impact by connecting to this port during the time window." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", + "refsource": "MISC", + "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" + }, + { + "name": "20070313 New report on Windows Vista network attack surface", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded" + }, + { + "name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded" + }, + { + "name": "33668", + "refsource": "OSVDB", + "url": "http://osvdb.org/33668" + }, + { + "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", + "refsource": "MISC", + "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1700.json b/2007/1xxx/CVE-2007-1700.json index 0a8120c3ccf..36332b51967 100644 --- a/2007/1xxx/CVE-2007-1700.json +++ b/2007/1xxx/CVE-2007-1700.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-30-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-30-2007.html" - }, - { - "name" : "DSA-1283", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1283" - }, - { - "name" : "GLSA-200705-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-19.xml" - }, - { - "name" : "HPSBMA02215", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "SSRT071423", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "HPSBTU02232", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SSRT071429", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "USN-455-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-455-1" - }, - { - "name" : "23119", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23119" - }, - { - "name" : "ADV-2007-1991", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1991" - }, - { - "name" : "ADV-2007-2374", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2374" - }, - { - "name" : "25062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25062" - }, - { - "name" : "25057", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25057" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - }, - { - "name" : "25445", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25445" - }, - { - "name" : "25423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25423" - }, - { - "name" : "25850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25850" - }, - { - "name" : "php-session-extension-code-execution(33520)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1991", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1991" + }, + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "DSA-1283", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1283" + }, + { + "name": "SSRT071423", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "GLSA-200705-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-30-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-30-2007.html" + }, + { + "name": "23119", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23119" + }, + { + "name": "HPSBTU02232", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "SSRT071429", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "25062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25062" + }, + { + "name": "ADV-2007-2374", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2374" + }, + { + "name": "25423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25423" + }, + { + "name": "USN-455-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-455-1" + }, + { + "name": "HPSBMA02215", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "25850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25850" + }, + { + "name": "25445", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25445" + }, + { + "name": "25057", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25057" + }, + { + "name": "php-session-extension-code-execution(33520)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1819.json b/2007/1xxx/CVE-2007-1819.json index 3a965ca845c..5287d1c1b93 100644 --- a/2007/1xxx/CVE-2007-1819.json +++ b/2007/1xxx/CVE-2007-1819.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070402 Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497" - }, - { - "name" : "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument", - "refsource" : "MISC", - "url" : "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument" - }, - { - "name" : "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument", - "refsource" : "CONFIRM", - "url" : "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument" - }, - { - "name" : "HPSBGN02199", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872" - }, - { - "name" : "SSRT071312", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872" - }, - { - "name" : "VU#589097", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/589097" - }, - { - "name" : "23239", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23239" - }, - { - "name" : "ADV-2007-1185", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1185" - }, - { - "name" : "1017835", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017835" - }, - { - "name" : "24692", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24692" - }, - { - "name" : "hp-mercury-quality-progcolor-bo(33353)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT071312", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872" + }, + { + "name": "ADV-2007-1185", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1185" + }, + { + "name": "1017835", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017835" + }, + { + "name": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument", + "refsource": "CONFIRM", + "url": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument" + }, + { + "name": "24692", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24692" + }, + { + "name": "VU#589097", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/589097" + }, + { + "name": "hp-mercury-quality-progcolor-bo(33353)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33353" + }, + { + "name": "HPSBGN02199", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872" + }, + { + "name": "23239", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23239" + }, + { + "name": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument", + "refsource": "MISC", + "url": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument" + }, + { + "name": "20070402 Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3656.json b/2007/3xxx/CVE-2007-3656.json index 4fc294fac52..9ea509f1151 100644 --- a/2007/3xxx/CVE-2007-3656.json +++ b/2007/3xxx/CVE-2007-3656.json @@ -1,287 +1,287 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070709 Firefox wyciwyg:// cache zone bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473191/100/0/threaded" - }, - { - "name" : "20070720 rPSA-2007-0148-1 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474226/100/0/threaded" - }, - { - "name" : "20070724 FLEA-2007-0033-1: firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474542/100/0/threaded" - }, - { - "name" : "http://lcamtuf.coredump.cx/ffcache/", - "refsource" : "MISC", - "url" : "http://lcamtuf.coredump.cx/ffcache/" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=387333", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=387333" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-24.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-24.html" - }, - { - "name" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html" - }, - { - "name" : "DSA-1337", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1337" - }, - { - "name" : "DSA-1338", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1338" - }, - { - "name" : "DSA-1339", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1339" - }, - { - "name" : "GLSA-200708-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:152", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152" - }, - { - "name" : "RHSA-2007:0722", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0722.html" - }, - { - "name" : "RHSA-2007:0724", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0724.html" - }, - { - "name" : "20070701-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" - }, - { - "name" : "103177", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1" - }, - { - "name" : "201516", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" - }, - { - "name" : "SUSE-SA:2007:049", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html" - }, - { - "name" : "USN-490-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-490-1" - }, - { - "name" : "24831", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24831" - }, - { - "name" : "38028", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38028" - }, - { - "name" : "oval:org.mitre.oval:def:9105", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9105" - }, - { - "name" : "ADV-2007-4256", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4256" - }, - { - "name" : "1018411", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018411" - }, - { - "name" : "25990", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25990" - }, - { - "name" : "26103", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26103" - }, - { - "name" : "26107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26107" - }, - { - "name" : "25589", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25589" - }, - { - "name" : "26179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26179" - }, - { - "name" : "26149", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26149" - }, - { - "name" : "26151", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26151" - }, - { - "name" : "26072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26072" - }, - { - "name" : "26211", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26211" - }, - { - "name" : "26216", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26216" - }, - { - "name" : "26204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26204" - }, - { - "name" : "26205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26205" - }, - { - "name" : "26159", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26159" - }, - { - "name" : "26271", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26271" - }, - { - "name" : "26258", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26258" - }, - { - "name" : "26460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26460" - }, - { - "name" : "28135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28135" - }, - { - "name" : "2872", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2872" - }, - { - "name" : "mozilla-wyciwyg-security-bypass(35298)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-490-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-490-1" + }, + { + "name": "26107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26107" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-24.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-24.html" + }, + { + "name": "http://lcamtuf.coredump.cx/ffcache/", + "refsource": "MISC", + "url": "http://lcamtuf.coredump.cx/ffcache/" + }, + { + "name": "38028", + "refsource": "OSVDB", + "url": "http://osvdb.org/38028" + }, + { + "name": "26179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26179" + }, + { + "name": "ADV-2007-4256", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4256" + }, + { + "name": "25589", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25589" + }, + { + "name": "2872", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2872" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "MDKSA-2007:152", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152" + }, + { + "name": "GLSA-200708-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml" + }, + { + "name": "1018411", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018411" + }, + { + "name": "DSA-1339", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1339" + }, + { + "name": "25990", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25990" + }, + { + "name": "26151", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26151" + }, + { + "name": "28135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28135" + }, + { + "name": "26216", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26216" + }, + { + "name": "26103", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26103" + }, + { + "name": "26072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26072" + }, + { + "name": "26149", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26149" + }, + { + "name": "oval:org.mitre.oval:def:9105", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9105" + }, + { + "name": "103177", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1" + }, + { + "name": "DSA-1337", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1337" + }, + { + "name": "26211", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26211" + }, + { + "name": "26159", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26159" + }, + { + "name": "SUSE-SA:2007:049", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "DSA-1338", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1338" + }, + { + "name": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt" + }, + { + "name": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html" + }, + { + "name": "20070709 Firefox wyciwyg:// cache zone bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473191/100/0/threaded" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=387333", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=387333" + }, + { + "name": "20070724 FLEA-2007-0033-1: firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474542/100/0/threaded" + }, + { + "name": "26258", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26258" + }, + { + "name": "26460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26460" + }, + { + "name": "20070701-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" + }, + { + "name": "RHSA-2007:0724", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0724.html" + }, + { + "name": "20070720 rPSA-2007-0148-1 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474226/100/0/threaded" + }, + { + "name": "24831", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24831" + }, + { + "name": "26271", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26271" + }, + { + "name": "RHSA-2007:0722", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0722.html" + }, + { + "name": "201516", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" + }, + { + "name": "mozilla-wyciwyg-security-bypass(35298)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35298" + }, + { + "name": "26204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26204" + }, + { + "name": "26205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26205" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3780.json b/2007/3xxx/CVE-2007-3780.json index 99274ee06e2..6f91bb4d7ff 100644 --- a/2007/3xxx/CVE-2007-3780.json +++ b/2007/3xxx/CVE-2007-3780.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3780", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473874/100/0/threaded" - }, - { - "name" : "[announce] 20070712 MySQL Community Server 5.0.45 has been released!", - "refsource" : "MLIST", - "url" : "http://lists.mysql.com/announce/470" - }, - { - "name" : "http://bugs.mysql.com/bug.php?id=28984", - "refsource" : "MISC", - "url" : "http://bugs.mysql.com/bug.php?id=28984" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1536", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1536" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html" - }, - { - "name" : "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html" - }, - { - "name" : "DSA-1413", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1413" - }, - { - "name" : "GLSA-200708-10", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200708-10.xml" - }, - { - "name" : "MDKSA-2007:177", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:177" - }, - { - "name" : "RHSA-2007:0894", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0894.html" - }, - { - "name" : "RHSA-2007:0875", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0875.html" - }, - { - "name" : "SUSE-SR:2007:019", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_19_sr.html" - }, - { - "name" : "USN-528-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/528-1/" - }, - { - "name" : "25017", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25017" - }, - { - "name" : "36732", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36732" - }, - { - "name" : "oval:org.mitre.oval:def:11058", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11058" - }, - { - "name" : "ADV-2008-1000", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1000/references" - }, - { - "name" : "1018629", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018629" - }, - { - "name" : "26073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26073" - }, - { - "name" : "26498", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26498" - }, - { - "name" : "26710", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26710" - }, - { - "name" : "25301", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25301" - }, - { - "name" : "26987", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26987" - }, - { - "name" : "26621", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26621" - }, - { - "name" : "27155", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27155" - }, - { - "name" : "26430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26430" - }, - { - "name" : "27823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27823" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.mysql.com/bug.php?id=28984", + "refsource": "MISC", + "url": "http://bugs.mysql.com/bug.php?id=28984" + }, + { + "name": "26710", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26710" + }, + { + "name": "27823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27823" + }, + { + "name": "RHSA-2007:0875", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0875.html" + }, + { + "name": "MDKSA-2007:177", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:177" + }, + { + "name": "SUSE-SR:2007:019", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html" + }, + { + "name": "1018629", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018629" + }, + { + "name": "RHSA-2007:0894", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0894.html" + }, + { + "name": "26073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26073" + }, + { + "name": "26621", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26621" + }, + { + "name": "26498", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26498" + }, + { + "name": "36732", + "refsource": "OSVDB", + "url": "http://osvdb.org/36732" + }, + { + "name": "[announce] 20070712 MySQL Community Server 5.0.45 has been released!", + "refsource": "MLIST", + "url": "http://lists.mysql.com/announce/470" + }, + { + "name": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html" + }, + { + "name": "25017", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25017" + }, + { + "name": "20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473874/100/0/threaded" + }, + { + "name": "ADV-2008-1000", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1000/references" + }, + { + "name": "GLSA-200708-10", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200708-10.xml" + }, + { + "name": "26987", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26987" + }, + { + "name": "25301", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25301" + }, + { + "name": "DSA-1413", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1413" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1536", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1536" + }, + { + "name": "USN-528-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/528-1/" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html" + }, + { + "name": "27155", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27155" + }, + { + "name": "26430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26430" + }, + { + "name": "oval:org.mitre.oval:def:11058", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11058" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4076.json b/2007/4xxx/CVE-2007-4076.json index b83248bacf4..7cd6373dd85 100644 --- a/2007/4xxx/CVE-2007-4076.json +++ b/2007/4xxx/CVE-2007-4076.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in index.asp in Alisveris Sitesi Scripti allow remote attackers to execute arbitrary SQL commands via the (1) product_id or (2) cat_id parameter in a product mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "25005", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25005" - }, - { - "name" : "37136", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in index.asp in Alisveris Sitesi Scripti allow remote attackers to execute arbitrary SQL commands via the (1) product_id or (2) cat_id parameter in a product mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37136", + "refsource": "OSVDB", + "url": "http://osvdb.org/37136" + }, + { + "name": "25005", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25005" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4092.json b/2007/4xxx/CVE-2007-4092.json index 9534292d57f..5c511f334ed 100644 --- a/2007/4xxx/CVE-2007-4092.json +++ b/2007/4xxx/CVE-2007-4092.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4092", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4092", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081004 iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497027/100/0/threaded" - }, - { - "name" : "20081007 Re: iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497113/100/0/threaded" - }, - { - "name" : "http://lostmon.blogspot.com/2007/07/ifoto-traversal-folder-enumeration.html", - "refsource" : "MISC", - "url" : "http://lostmon.blogspot.com/2007/07/ifoto-traversal-folder-enumeration.html" - }, - { - "name" : "25065", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25065" - }, - { - "name" : "26186", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26186" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20081004 iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497027/100/0/threaded" + }, + { + "name": "25065", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25065" + }, + { + "name": "20081007 Re: iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497113/100/0/threaded" + }, + { + "name": "26186", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26186" + }, + { + "name": "http://lostmon.blogspot.com/2007/07/ifoto-traversal-folder-enumeration.html", + "refsource": "MISC", + "url": "http://lostmon.blogspot.com/2007/07/ifoto-traversal-folder-enumeration.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4625.json b/2007/4xxx/CVE-2007-4625.json index 2946a59c5ab..84c35cf5312 100644 --- a/2007/4xxx/CVE-2007-4625.json +++ b/2007/4xxx/CVE-2007-4625.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4625", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4625", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.pps.jussieu.fr/~jch/software/polipo/CHANGES.text", - "refsource" : "CONFIRM", - "url" : "http://www.pps.jussieu.fr/~jch/software/polipo/CHANGES.text" - }, - { - "name" : "ADV-2007-2973", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2973" - }, - { - "name" : "39911", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39911" - }, - { - "name" : "26596", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26596" - }, - { - "name" : "polipo-post-dos(36268)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39911", + "refsource": "OSVDB", + "url": "http://osvdb.org/39911" + }, + { + "name": "ADV-2007-2973", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2973" + }, + { + "name": "26596", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26596" + }, + { + "name": "http://www.pps.jussieu.fr/~jch/software/polipo/CHANGES.text", + "refsource": "CONFIRM", + "url": "http://www.pps.jussieu.fr/~jch/software/polipo/CHANGES.text" + }, + { + "name": "polipo-post-dos(36268)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36268" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4772.json b/2007/4xxx/CVE-2007-4772.json index bcc49bafd45..c3baf329346 100644 --- a/2007/4xxx/CVE-2007-4772.json +++ b/2007/4xxx/CVE-2007-4772.json @@ -1,327 +1,327 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485864/100/0/threaded" - }, - { - "name" : "20080115 rPSA-2008-0016-1 postgresql postgresql-server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486407/100/0/threaded" - }, - { - "name" : "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/493080/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894" - }, - { - "name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894" - }, - { - "name" : "http://www.postgresql.org/about/news.905", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/about/news.905" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1768", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1768" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" - }, - { - "name" : "DSA-1460", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1460" - }, - { - "name" : "DSA-1463", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1463" - }, - { - "name" : "FEDORA-2008-0478", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" - }, - { - "name" : "FEDORA-2008-0552", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" - }, - { - "name" : "GLSA-200801-15", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-15.xml" - }, - { - "name" : "HPSBTU02325", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" - }, - { - "name" : "SSRT080006", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" - }, - { - "name" : "MDVSA-2008:004", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" - }, - { - "name" : "MDVSA-2008:059", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:059" - }, - { - "name" : "RHSA-2008:0038", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0038.html" - }, - { - "name" : "RHSA-2008:0040", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0040.html" - }, - { - "name" : "RHSA-2008:0134", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0134.html" - }, - { - "name" : "RHSA-2013:0122", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0122.html" - }, - { - "name" : "103197", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" - }, - { - "name" : "200559", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" - }, - { - "name" : "SUSE-SA:2008:005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" - }, - { - "name" : "openSUSE-SU-2016:0578", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html" - }, - { - "name" : "SUSE-SU-2016:0677", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html" - }, - { - "name" : "SUSE-SU-2016:0539", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html" - }, - { - "name" : "SUSE-SU-2016:0555", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html" - }, - { - "name" : "openSUSE-SU-2016:0531", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html" - }, - { - "name" : "USN-568-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/568-1/" - }, - { - "name" : "27163", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27163" - }, - { - "name" : "oval:org.mitre.oval:def:11569", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569" - }, - { - "name" : "ADV-2008-0061", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0061" - }, - { - "name" : "ADV-2008-0109", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0109" - }, - { - "name" : "ADV-2008-1071", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1071/references" - }, - { - "name" : "ADV-2008-1744", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1744" - }, - { - "name" : "1019157", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019157" - }, - { - "name" : "28359", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28359" - }, - { - "name" : "28376", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28376" - }, - { - "name" : "28438", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28438" - }, - { - "name" : "28437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28437" - }, - { - "name" : "28454", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28454" - }, - { - "name" : "28464", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28464" - }, - { - "name" : "28477", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28477" - }, - { - "name" : "28479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28479" - }, - { - "name" : "28455", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28455" - }, - { - "name" : "28679", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28679" - }, - { - "name" : "28698", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28698" - }, - { - "name" : "29070", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29070" - }, - { - "name" : "29248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29248" - }, - { - "name" : "29638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29638" - }, - { - "name" : "30535", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30535" - }, - { - "name" : "postgresql-regular-expression-dos(39497)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0555", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html" + }, + { + "name": "RHSA-2008:0134", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html" + }, + { + "name": "MDVSA-2008:004", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" + }, + { + "name": "DSA-1460", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1460" + }, + { + "name": "ADV-2008-1744", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1744" + }, + { + "name": "SUSE-SU-2016:0677", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html" + }, + { + "name": "SUSE-SU-2016:0539", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html" + }, + { + "name": "RHSA-2013:0122", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html" + }, + { + "name": "27163", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27163" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1768", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1768" + }, + { + "name": "RHSA-2008:0038", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" + }, + { + "name": "28454", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28454" + }, + { + "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" + }, + { + "name": "28359", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28359" + }, + { + "name": "http://www.postgresql.org/about/news.905", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/about/news.905" + }, + { + "name": "SUSE-SA:2008:005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" + }, + { + "name": "ADV-2008-0061", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0061" + }, + { + "name": "28679", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28679" + }, + { + "name": "ADV-2008-0109", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0109" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" + }, + { + "name": "28376", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28376" + }, + { + "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894" + }, + { + "name": "103197", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" + }, + { + "name": "28437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28437" + }, + { + "name": "28455", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28455" + }, + { + "name": "28477", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28477" + }, + { + "name": "29638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29638" + }, + { + "name": "28479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28479" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894" + }, + { + "name": "29248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29248" + }, + { + "name": "postgresql-regular-expression-dos(39497)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39497" + }, + { + "name": "DSA-1463", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1463" + }, + { + "name": "RHSA-2008:0040", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" + }, + { + "name": "openSUSE-SU-2016:0578", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html" + }, + { + "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" + }, + { + "name": "MDVSA-2008:059", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:059" + }, + { + "name": "28464", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28464" + }, + { + "name": "30535", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30535" + }, + { + "name": "28698", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28698" + }, + { + "name": "SSRT080006", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" + }, + { + "name": "200559", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" + }, + { + "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded" + }, + { + "name": "USN-568-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/568-1/" + }, + { + "name": "openSUSE-SU-2016:0531", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html" + }, + { + "name": "FEDORA-2008-0552", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" + }, + { + "name": "29070", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29070" + }, + { + "name": "28438", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28438" + }, + { + "name": "1019157", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019157" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" + }, + { + "name": "oval:org.mitre.oval:def:11569", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569" + }, + { + "name": "FEDORA-2008-0478", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" + }, + { + "name": "HPSBTU02325", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" + }, + { + "name": "GLSA-200801-15", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" + }, + { + "name": "ADV-2008-1071", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1071/references" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4823.json b/2007/4xxx/CVE-2007-4823.json index 5d7d4d22879..0173382bfce 100644 --- a/2007/4xxx/CVE-2007-4823.json +++ b/2007/4xxx/CVE-2007-4823.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/", - "refsource" : "MISC", - "url" : "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/" - }, - { - "name" : "45901", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45901" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/", + "refsource": "MISC", + "url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/" + }, + { + "name": "45901", + "refsource": "OSVDB", + "url": "http://osvdb.org/45901" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4887.json b/2007/4xxx/CVE-2007-4887.json index d18e6a9683d..5ee9d4c5681 100644 --- a/2007/4xxx/CVE-2007-4887.json +++ b/2007/4xxx/CVE-2007-4887.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070910 /* PHP <=5.2.4 open_basedir bypass & code exec & denial of service errata ... working on windows too .. */", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478988/100/0/threaded" - }, - { - "name" : "20070910 PHP <=5.2.4 open_basedir bypass & code exec & denial of service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478985/100/0/threaded" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.5", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.5" - }, - { - "name" : "http://www.php.net/releases/5_2_5.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_5.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1943", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1943" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "HPSBUX02308", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501" - }, - { - "name" : "SSRT080010", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501" - }, - { - "name" : "HPSBUX02332", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/491693/100/0/threaded" - }, - { - "name" : "SSRT080056", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/491693/100/0/threaded" - }, - { - "name" : "26403", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26403" - }, - { - "name" : "oval:org.mitre.oval:def:5767", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5767" - }, - { - "name" : "ADV-2007-3825", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3825" - }, - { - "name" : "ADV-2008-0398", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0398" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "27659", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27659" - }, - { - "name" : "28750", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28750" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "30040", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30040" - }, - { - "name" : "3133", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3133" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.5", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.5" + }, + { + "name": "3133", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3133" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1943", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1943" + }, + { + "name": "28750", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28750" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "oval:org.mitre.oval:def:5767", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5767" + }, + { + "name": "30040", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30040" + }, + { + "name": "20070910 /* PHP <=5.2.4 open_basedir bypass & code exec & denial of service errata ... working on windows too .. */", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478988/100/0/threaded" + }, + { + "name": "ADV-2008-0398", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0398" + }, + { + "name": "http://www.php.net/releases/5_2_5.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_5.php" + }, + { + "name": "27659", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27659" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "SSRT080056", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded" + }, + { + "name": "20070910 PHP <=5.2.4 open_basedir bypass & code exec & denial of service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478985/100/0/threaded" + }, + { + "name": "HPSBUX02332", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "SSRT080010", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501" + }, + { + "name": "26403", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26403" + }, + { + "name": "HPSBUX02308", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501" + }, + { + "name": "ADV-2007-3825", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3825" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5491.json b/2014/5xxx/CVE-2014-5491.json index 6b697993f10..a18c9a5ec70 100644 --- a/2014/5xxx/CVE-2014-5491.json +++ b/2014/5xxx/CVE-2014-5491.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5491", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5491", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2039.json b/2015/2xxx/CVE-2015-2039.json index 8e4ad133b8a..eb6a79c4f1c 100644 --- a/2015/2xxx/CVE-2015-2039.json +++ b/2015/2xxx/CVE-2015-2039.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2039", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or (2) conduct cross-site scripting (XSS) attacks via the acobot_token parameter in the acobot page to wp-admin/options-general.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2039", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/130306/WordPress-Acobot-Live-Chat-And-Contact-Form-2.0-CSRF-XSS.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130306/WordPress-Acobot-Live-Chat-And-Contact-Form-2.0-CSRF-XSS.html" - }, - { - "name" : "wp-acobot-csrf(100814)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100814" - }, - { - "name" : "wp-acobot-xss(100813)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100813" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or (2) conduct cross-site scripting (XSS) attacks via the acobot_token parameter in the acobot page to wp-admin/options-general.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wp-acobot-xss(100813)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100813" + }, + { + "name": "wp-acobot-csrf(100814)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100814" + }, + { + "name": "http://packetstormsecurity.com/files/130306/WordPress-Acobot-Live-Chat-And-Contact-Form-2.0-CSRF-XSS.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130306/WordPress-Acobot-Live-Chat-And-Contact-Form-2.0-CSRF-XSS.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2148.json b/2015/2xxx/CVE-2015-2148.json index 872cdc2e3bc..4edbc7825c0 100644 --- a/2015/2xxx/CVE-2015-2148.json +++ b/2015/2xxx/CVE-2015-2148.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150227 Re: CVE-Request -- phpBugTracker v. 1.6.0 -- Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/02/28/1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150227 Re: CVE-Request -- phpBugTracker v. 1.6.0 -- Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/02/28/1" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2560.json b/2015/2xxx/CVE-2015-2560.json index 47901d8d2c8..7b65985b282 100644 --- a/2015/2xxx/CVE-2015-2560.json +++ b/2015/2xxx/CVE-2015-2560.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2560", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Manage Engine Desktop Central 9 before build 90135 allows remote attackers to change passwords of users with the Administrator role via an addOrModifyUser operation to servlets/DCOperationsServlet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2560", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150327 Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535004/100/1400/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/131062/Manage-Engine-Desktop-Central-9-Unauthorized-Administrative-Password-Reset.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131062/Manage-Engine-Desktop-Central-9-Unauthorized-Administrative-Password-Reset.html" - }, - { - "name" : "https://www.manageengine.com/products/desktop-central/unauthorized-admin-credential-modification.html", - "refsource" : "CONFIRM", - "url" : "https://www.manageengine.com/products/desktop-central/unauthorized-admin-credential-modification.html" - }, - { - "name" : "73380", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Manage Engine Desktop Central 9 before build 90135 allows remote attackers to change passwords of users with the Administrator role via an addOrModifyUser operation to servlets/DCOperationsServlet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.manageengine.com/products/desktop-central/unauthorized-admin-credential-modification.html", + "refsource": "CONFIRM", + "url": "https://www.manageengine.com/products/desktop-central/unauthorized-admin-credential-modification.html" + }, + { + "name": "http://packetstormsecurity.com/files/131062/Manage-Engine-Desktop-Central-9-Unauthorized-Administrative-Password-Reset.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131062/Manage-Engine-Desktop-Central-9-Unauthorized-Administrative-Password-Reset.html" + }, + { + "name": "20150327 Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535004/100/1400/threaded" + }, + { + "name": "73380", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73380" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2738.json b/2015/2xxx/CVE-2015-2738.json index 26eaf5a54f4..838e405cfe0 100644 --- a/2015/2xxx/CVE-2015-2738.json +++ b/2015/2xxx/CVE-2015-2738.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2738", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-2738", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1167356", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1167356" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "DSA-3324", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3324" - }, - { - "name" : "DSA-3300", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3300" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1455.html" - }, - { - "name" : "RHSA-2015:1207", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1207.html" - }, - { - "name" : "SUSE-SU-2015:1268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" - }, - { - "name" : "SUSE-SU-2015:1269", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" - }, - { - "name" : "SUSE-SU-2015:1449", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" - }, - { - "name" : "openSUSE-SU-2015:1266", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" - }, - { - "name" : "openSUSE-SU-2015:1229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" - }, - { - "name" : "USN-2673-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2673-1" - }, - { - "name" : "USN-2656-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-1" - }, - { - "name" : "USN-2656-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-2" - }, - { - "name" : "75541", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75541" - }, - { - "name" : "1032783", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032783" - }, - { - "name" : "1032784", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" + }, + { + "name": "RHSA-2015:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1455.html" + }, + { + "name": "SUSE-SU-2015:1268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "75541", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75541" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "DSA-3324", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3324" + }, + { + "name": "USN-2673-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2673-1" + }, + { + "name": "1032784", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032784" + }, + { + "name": "RHSA-2015:1207", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1207.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1167356", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1167356" + }, + { + "name": "SUSE-SU-2015:1269", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" + }, + { + "name": "openSUSE-SU-2015:1266", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" + }, + { + "name": "USN-2656-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-1" + }, + { + "name": "SUSE-SU-2015:1449", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" + }, + { + "name": "1032783", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032783" + }, + { + "name": "DSA-3300", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3300" + }, + { + "name": "USN-2656-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2842.json b/2015/2xxx/CVE-2015-2842.json index 586d4a4f583..51172544c3d 100644 --- a/2015/2xxx/CVE-2015-2842.json +++ b/2015/2xxx/CVE-2015-2842.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in sounds/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150421 GoAutoDial 3.3 multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535319/100/1100/threaded" - }, - { - "name" : "36807", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36807/" - }, - { - "name" : "http://packetstormsecurity.com/files/131543/GoAutoDial-SQL-Injection-Command-Execution-File-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131543/GoAutoDial-SQL-Injection-Command-Execution-File-Upload.html" - }, - { - "name" : "http://goautodial.org/news/21", - "refsource" : "CONFIRM", - "url" : "http://goautodial.org/news/21" - }, - { - "name" : "74281", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in sounds/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150421 GoAutoDial 3.3 multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535319/100/1100/threaded" + }, + { + "name": "74281", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74281" + }, + { + "name": "http://goautodial.org/news/21", + "refsource": "CONFIRM", + "url": "http://goautodial.org/news/21" + }, + { + "name": "36807", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36807/" + }, + { + "name": "http://packetstormsecurity.com/files/131543/GoAutoDial-SQL-Injection-Command-Execution-File-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131543/GoAutoDial-SQL-Injection-Command-Execution-File-Upload.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3265.json b/2015/3xxx/CVE-2015-3265.json index d334717f9c7..4f7028546e1 100644 --- a/2015/3xxx/CVE-2015-3265.json +++ b/2015/3xxx/CVE-2015-3265.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3265", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3265", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3577.json b/2015/3xxx/CVE-2015-3577.json index 8652d1445b5..b2f3dbcb876 100644 --- a/2015/3xxx/CVE-2015-3577.json +++ b/2015/3xxx/CVE-2015-3577.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3577", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3577", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6091.json b/2015/6xxx/CVE-2015-6091.json index 11b35ba1747..586599dd0cd 100644 --- a/2015/6xxx/CVE-2015-6091.json +++ b/2015/6xxx/CVE-2015-6091.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6091", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6091", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-116", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-116" - }, - { - "name" : "1034122", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034122" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034122", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034122" + }, + { + "name": "MS15-116", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-116" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6144.json b/2015/6xxx/CVE-2015-6144.json index a52c9ea003f..4af9e945559 100644 --- a/2015/6xxx/CVE-2015-6144.json +++ b/2015/6xxx/CVE-2015-6144.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6144", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka \"Microsoft Browser XSS Filter Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6144", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-124", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" - }, - { - "name" : "MS15-125", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125" - }, - { - "name" : "1034315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka \"Microsoft Browser XSS Filter Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034315" + }, + { + "name": "MS15-124", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" + }, + { + "name": "MS15-125", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6255.json b/2015/6xxx/CVE-2015-6255.json index 9ad849b1ae9..fd21f8d1832 100644 --- a/2015/6xxx/CVE-2015-6255.json +++ b/2015/6xxx/CVE-2015-6255.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via a crafted chat message, aka Bug ID CSCuo89051." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150818 Cisco Unified Interaction Manager Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40555" - }, - { - "name" : "76406", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76406" - }, - { - "name" : "1033330", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033330" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via a crafted chat message, aka Bug ID CSCuo89051." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033330", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033330" + }, + { + "name": "20150818 Cisco Unified Interaction Manager Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40555" + }, + { + "name": "76406", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76406" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7147.json b/2015/7xxx/CVE-2015-7147.json index c12fb4b8add..61724d1d715 100644 --- a/2015/7xxx/CVE-2015-7147.json +++ b/2015/7xxx/CVE-2015-7147.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7147", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7147", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7279.json b/2015/7xxx/CVE-2015-7279.json index b6292d6c897..0a1de39c987 100644 --- a/2015/7xxx/CVE-2015-7279.json +++ b/2015/7xxx/CVE-2015-7279.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7279", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7279", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#763576", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/763576" - }, - { - "name" : "78818", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78818" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78818", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78818" + }, + { + "name": "VU#763576", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/763576" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7377.json b/2015/7xxx/CVE-2015-7377.json index 08bf4a1d5f5..0ce69e7c127 100644 --- a/2015/7xxx/CVE-2015-7377.json +++ b/2015/7xxx/CVE-2015-7377.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7377", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7377", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151012 CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536668/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8212", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8212" - }, - { - "name" : "https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt", - "refsource" : "CONFIRM", - "url" : "https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html" + }, + { + "name": "20151012 CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536668/100/0/threaded" + }, + { + "name": "https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt", + "refsource": "CONFIRM", + "url": "https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/8212", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8212" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0041.json b/2016/0xxx/CVE-2016-0041.json index 1f12521a443..8db2586925a 100644 --- a/2016/0xxx/CVE-2016-0041.json +++ b/2016/0xxx/CVE-2016-0041.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160210 NPS Datastore server DLL side loading vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Feb/49" - }, - { - "name" : "https://www.securify.nl/advisory/SFY20150905/nps_datastore_server_dll_side_loading_vulnerability.html", - "refsource" : "MISC", - "url" : "https://www.securify.nl/advisory/SFY20150905/nps_datastore_server_dll_side_loading_vulnerability.html" - }, - { - "name" : "MS16-009", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" - }, - { - "name" : "MS16-014", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014" - }, - { - "name" : "1034971", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034971" - }, - { - "name" : "1034985", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034985" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034985", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034985" + }, + { + "name": "20160210 NPS Datastore server DLL side loading vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Feb/49" + }, + { + "name": "https://www.securify.nl/advisory/SFY20150905/nps_datastore_server_dll_side_loading_vulnerability.html", + "refsource": "MISC", + "url": "https://www.securify.nl/advisory/SFY20150905/nps_datastore_server_dll_side_loading_vulnerability.html" + }, + { + "name": "MS16-014", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014" + }, + { + "name": "1034971", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034971" + }, + { + "name": "MS16-009", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0078.json b/2016/0xxx/CVE-2016-0078.json index de4c651a923..967e4a67710 100644 --- a/2016/0xxx/CVE-2016-0078.json +++ b/2016/0xxx/CVE-2016-0078.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0078", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0078", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0509.json b/2016/0xxx/CVE-2016-0509.json index 49add06db28..51313fe5e4f 100644 --- a/2016/0xxx/CVE-2016-0509.json +++ b/2016/0xxx/CVE-2016-0509.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to AP Web Utilities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to AP Web Utilities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0632.json b/2016/0xxx/CVE-2016-0632.json index 5152912ae25..0e4b73221e0 100644 --- a/2016/0xxx/CVE-2016-0632.json +++ b/2016/0xxx/CVE-2016-0632.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0632", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0632", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0683.json b/2016/0xxx/CVE-2016-0683.json index 6299b5b1265..079f7a5e191 100644 --- a/2016/0xxx/CVE-2016-0683.json +++ b/2016/0xxx/CVE-2016-0683.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Search Framework." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035610", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035610" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Search Framework." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035610", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035610" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0839.json b/2016/0xxx/CVE-2016-0839.json index 0dd267d7ba7..b9566ae5c8f 100644 --- a/2016/0xxx/CVE-2016-0839.json +++ b/2016/0xxx/CVE-2016-0839.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0839", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25753245." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0839", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-04-02.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-04-02.html" - }, - { - "name" : "https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25753245." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351" + }, + { + "name": "http://source.android.com/security/bulletin/2016-04-02.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-04-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000128.json b/2016/1000xxx/CVE-2016-1000128.json index b9742a76c37..fed2a0fd057 100644 --- a/2016/1000xxx/CVE-2016-1000128.json +++ b/2016/1000xxx/CVE-2016-1000128.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Reflected XSS in wordpress plugin anti-plagiarism v3.60" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=161", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=161" - }, - { - "name" : "https://wordpress.org/plugins/anti-plagiarism", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/anti-plagiarism" - }, - { - "name" : "93890", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Reflected XSS in wordpress plugin anti-plagiarism v3.60" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=161", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=161" + }, + { + "name": "93890", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93890" + }, + { + "name": "https://wordpress.org/plugins/anti-plagiarism", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/anti-plagiarism" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10685.json b/2016/10xxx/CVE-2016-10685.json index 907c52ab5c0..bb3695b7896 100644 --- a/2016/10xxx/CVE-2016-10685.json +++ b/2016/10xxx/CVE-2016-10685.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "pk-app-wonderbox node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "pk-app-wonderbox node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/289", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/289" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/289", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/289" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1235.json b/2016/1xxx/CVE-2016-1235.json index f5fbc10799c..099126f19d8 100644 --- a/2016/1xxx/CVE-2016-1235.json +++ b/2016/1xxx/CVE-2016-1235.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The oarsh script in OAR before 2.5.7 allows remote authenticated users of a cluster to obtain sensitive information and possibly gain privileges via vectors related to OpenSSH options." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://oar.imag.fr/oar_2.5.7", - "refsource" : "CONFIRM", - "url" : "http://oar.imag.fr/oar_2.5.7" - }, - { - "name" : "https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue", - "refsource" : "CONFIRM", - "url" : "https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue" - }, - { - "name" : "DSA-3543", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3543" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The oarsh script in OAR before 2.5.7 allows remote authenticated users of a cluster to obtain sensitive information and possibly gain privileges via vectors related to OpenSSH options." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3543", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3543" + }, + { + "name": "http://oar.imag.fr/oar_2.5.7", + "refsource": "CONFIRM", + "url": "http://oar.imag.fr/oar_2.5.7" + }, + { + "name": "https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue", + "refsource": "CONFIRM", + "url": "https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1490.json b/2016/1xxx/CVE-2016-1490.json index b81828d31c9..2f59122f5fa 100644 --- a/2016/1xxx/CVE-2016-1490.json +++ b/2016/1xxx/CVE-2016-1490.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1490", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1490", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537365/100/0/threaded" - }, - { - "name" : "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/67" - }, - { - "name" : "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities" - }, - { - "name" : "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html" - }, - { - "name" : "https://support.lenovo.com/us/en/product_security/len_4058", - "refsource" : "CONFIRM", - "url" : "https://support.lenovo.com/us/en/product_security/len_4058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html" + }, + { + "name": "https://support.lenovo.com/us/en/product_security/len_4058", + "refsource": "CONFIRM", + "url": "https://support.lenovo.com/us/en/product_security/len_4058" + }, + { + "name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities", + "refsource": "MISC", + "url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities" + }, + { + "name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded" + }, + { + "name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/67" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1724.json b/2016/1xxx/CVE-2016-1724.json index f3f2b11e642..d3fc185e3b4 100644 --- a/2016/1xxx/CVE-2016-1724.json +++ b/2016/1xxx/CVE-2016-1724.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1724", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1724", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160311 WebKitGTK+ Security Advisory WSA-2016-0002", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537771/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html" - }, - { - "name" : "https://support.apple.com/HT205729", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205729" - }, - { - "name" : "https://support.apple.com/HT205730", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205730" - }, - { - "name" : "https://support.apple.com/HT205732", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205732" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "APPLE-SA-2016-01-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-01-19-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html" - }, - { - "name" : "APPLE-SA-2016-01-25-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "GLSA-201706-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201706-15" - }, - { - "name" : "81263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81263" - }, - { - "name" : "1034737", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034737" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html" + }, + { + "name": "81263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81263" + }, + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "20160311 WebKitGTK+ Security Advisory WSA-2016-0002", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537771/100/0/threaded" + }, + { + "name": "https://support.apple.com/HT205729", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205729" + }, + { + "name": "1034737", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034737" + }, + { + "name": "https://support.apple.com/HT205730", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205730" + }, + { + "name": "APPLE-SA-2016-01-25-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "APPLE-SA-2016-01-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" + }, + { + "name": "GLSA-201706-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201706-15" + }, + { + "name": "https://support.apple.com/HT205732", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205732" + }, + { + "name": "APPLE-SA-2016-01-19-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4307.json b/2016/4xxx/CVE-2016-4307.json index 6e447bec4b2..2e7feab62b8 100644 --- a/2016/4xxx/CVE-2016-4307.json +++ b/2016/4xxx/CVE-2016-4307.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Internet Security", - "version" : { - "version_data" : [ - { - "version_value" : "16.0.0, KLIF driver version 10.0.0.1532" - } - ] - } - } - ] - }, - "vendor_name" : "Kaspersky" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Internet Security", + "version": { + "version_data": [ + { + "version_value": "16.0.0, KLIF driver version 10.0.0.1532" + } + ] + } + } + ] + }, + "vendor_name": "Kaspersky" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0169/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0169/" - }, - { - "name" : "1036702", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036702" - }, - { - "name" : "1036703", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036702", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036702" + }, + { + "name": "1036703", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036703" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0169/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0169/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4421.json b/2016/4xxx/CVE-2016-4421.json index 7879ebbfac4..7d5129a0827 100644 --- a/2016/4xxx/CVE-2016-4421.json +++ b/2016/4xxx/CVE-2016-4421.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4421", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption, and application crash) via a packet that specifies deeply nested data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4421", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11822", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11822" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2016-18.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2016-18.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "openSUSE-SU-2016:0660", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0661", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00016.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption, and application crash) via a packet that specifies deeply nested data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0661", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00016.html" + }, + { + "name": "openSUSE-SU-2016:0660", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html" + }, + { + "name": "https://www.wireshark.org/security/wnpa-sec-2016-18.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2016-18.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11822", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11822" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4504.json b/2016/4xxx/CVE-2016-4504.json index ccd4a20d0bf..e2f408f72b5 100644 --- a/2016/4xxx/CVE-2016-4504.json +++ b/2016/4xxx/CVE-2016-4504.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2016-4504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Meteocontrol WEB'log", - "version" : { - "version_data" : [ - { - "version_value" : "Meteocontrol WEB'log" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CSRF" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-4504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Meteocontrol WEB'log", + "version": { + "version_data": [ + { + "version_value": "Meteocontrol WEB'log" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CSRF" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4511.json b/2016/4xxx/CVE-2016-4511.json index 63708504373..3e61b46ea9f 100644 --- a/2016/4xxx/CVE-2016-4511.json +++ b/2016/4xxx/CVE-2016-4511.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-4511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4871.json b/2016/4xxx/CVE-2016-4871.json index d89b16983d0..c3b280aafa0 100644 --- a/2016/4xxx/CVE-2016-4871.json +++ b/2016/4xxx/CVE-2016-4871.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4871", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4871", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9426", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9426" - }, - { - "name" : "JVN#10092452", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN10092452/index.html" - }, - { - "name" : "JVNDB-2016-000192", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000192.html" - }, - { - "name" : "97716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97716" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97716" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/9426", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9426" + }, + { + "name": "JVN#10092452", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN10092452/index.html" + }, + { + "name": "JVNDB-2016-000192", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000192.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0347.json b/2019/0xxx/CVE-2019-0347.json index f49ce30d7b5..a616ffaa6b4 100644 --- a/2019/0xxx/CVE-2019-0347.json +++ b/2019/0xxx/CVE-2019-0347.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0347", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0347", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0398.json b/2019/0xxx/CVE-2019-0398.json index a05925ef540..95b58aa86cd 100644 --- a/2019/0xxx/CVE-2019-0398.json +++ b/2019/0xxx/CVE-2019-0398.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0398", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0398", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3062.json b/2019/3xxx/CVE-2019-3062.json index dc88a0cfa42..bd3d9cddd31 100644 --- a/2019/3xxx/CVE-2019-3062.json +++ b/2019/3xxx/CVE-2019-3062.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3062", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3062", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3640.json b/2019/3xxx/CVE-2019-3640.json index bd717b0bd3c..a86fecb3cfc 100644 --- a/2019/3xxx/CVE-2019-3640.json +++ b/2019/3xxx/CVE-2019-3640.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3640", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3640", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3758.json b/2019/3xxx/CVE-2019-3758.json index 3af04483a09..2d97dcd2512 100644 --- a/2019/3xxx/CVE-2019-3758.json +++ b/2019/3xxx/CVE-2019-3758.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3758", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3758", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4563.json b/2019/4xxx/CVE-2019-4563.json index f5eb38aed76..053c09c1214 100644 --- a/2019/4xxx/CVE-2019-4563.json +++ b/2019/4xxx/CVE-2019-4563.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4563", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4563", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4752.json b/2019/4xxx/CVE-2019-4752.json index dd4c78dc652..26a9d853fa3 100644 --- a/2019/4xxx/CVE-2019-4752.json +++ b/2019/4xxx/CVE-2019-4752.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4752", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4752", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4849.json b/2019/4xxx/CVE-2019-4849.json index b6ce9fdb174..6784e2954ab 100644 --- a/2019/4xxx/CVE-2019-4849.json +++ b/2019/4xxx/CVE-2019-4849.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4849", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4849", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4951.json b/2019/4xxx/CVE-2019-4951.json index d2f44ce1452..1281b6a45cd 100644 --- a/2019/4xxx/CVE-2019-4951.json +++ b/2019/4xxx/CVE-2019-4951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4951", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4951", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7036.json b/2019/7xxx/CVE-2019-7036.json index 1f9e3726571..86086f81978 100644 --- a/2019/7xxx/CVE-2019-7036.json +++ b/2019/7xxx/CVE-2019-7036.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7036", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7036", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7148.json b/2019/7xxx/CVE-2019-7148.json index 75975255c56..5f95ba5af50 100644 --- a/2019/7xxx/CVE-2019-7148.json +++ b/2019/7xxx/CVE-2019-7148.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24085", - "refsource" : "MISC", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24085" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24085", + "refsource": "MISC", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24085" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7209.json b/2019/7xxx/CVE-2019-7209.json index ad0b087209e..2b096bae018 100644 --- a/2019/7xxx/CVE-2019-7209.json +++ b/2019/7xxx/CVE-2019-7209.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7209", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7209", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7307.json b/2019/7xxx/CVE-2019-7307.json index 21f65287121..786ffb073d1 100644 --- a/2019/7xxx/CVE-2019-7307.json +++ b/2019/7xxx/CVE-2019-7307.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7307", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7307", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7768.json b/2019/7xxx/CVE-2019-7768.json index e2eca900884..6a9a6fd1730 100644 --- a/2019/7xxx/CVE-2019-7768.json +++ b/2019/7xxx/CVE-2019-7768.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7768", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7768", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8171.json b/2019/8xxx/CVE-2019-8171.json index b51f6292612..897e4e4108a 100644 --- a/2019/8xxx/CVE-2019-8171.json +++ b/2019/8xxx/CVE-2019-8171.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8171", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8171", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8598.json b/2019/8xxx/CVE-2019-8598.json index a18d2166b97..d4813fcd9ce 100644 --- a/2019/8xxx/CVE-2019-8598.json +++ b/2019/8xxx/CVE-2019-8598.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8598", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8598", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8814.json b/2019/8xxx/CVE-2019-8814.json index 0ee1dfb6d6d..37b57d13183 100644 --- a/2019/8xxx/CVE-2019-8814.json +++ b/2019/8xxx/CVE-2019-8814.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8814", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8814", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8894.json b/2019/8xxx/CVE-2019-8894.json index 03235e59f84..4c6853fa324 100644 --- a/2019/8xxx/CVE-2019-8894.json +++ b/2019/8xxx/CVE-2019-8894.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8894", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8894", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8955.json b/2019/8xxx/CVE-2019-8955.json index 9d4968dd7d1..7e0bc7596aa 100644 --- a/2019/8xxx/CVE-2019-8955.json +++ b/2019/8xxx/CVE-2019-8955.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8955", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8955", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312", - "refsource" : "MISC", - "url" : "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312" - }, - { - "name" : "https://trac.torproject.org/projects/tor/ticket/29168", - "refsource" : "MISC", - "url" : "https://trac.torproject.org/projects/tor/ticket/29168" - }, - { - "name" : "107136", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107136", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107136" + }, + { + "name": "https://trac.torproject.org/projects/tor/ticket/29168", + "refsource": "MISC", + "url": "https://trac.torproject.org/projects/tor/ticket/29168" + }, + { + "name": "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312", + "refsource": "MISC", + "url": "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9113.json b/2019/9xxx/CVE-2019-9113.json index 62b220ad8e6..0bd0cc98311 100644 --- a/2019/9xxx/CVE-2019-9113.json +++ b/2019/9xxx/CVE-2019-9113.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9113", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9113", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/libming/libming/issues/171", - "refsource" : "MISC", - "url" : "https://github.com/libming/libming/issues/171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/libming/libming/issues/171", + "refsource": "MISC", + "url": "https://github.com/libming/libming/issues/171" + } + ] + } +} \ No newline at end of file