From 64f44dc2c03af98e379b178090f938a7e4087d1e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 26 Apr 2019 14:00:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/5xxx/CVE-2018-5179.json | 58 ++++++++++++++++++++++++++++++---- 2019/11xxx/CVE-2019-11493.json | 56 ++++++++++++++++++++++++++++---- 2 files changed, 101 insertions(+), 13 deletions(-) diff --git a/2018/5xxx/CVE-2018-5179.json b/2018/5xxx/CVE-2018-5179.json index 27fb98c9d13..884a079bd5c 100644 --- a/2018/5xxx/CVE-2018-5179.json +++ b/2018/5xxx/CVE-2018-5179.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-5179", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-5179", + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "All versions prior to Firefox 60" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Covert Channel" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/", + "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A service worker can send the activate event on itself periodically which allows itself to run perpetually in Firefox before version 60. This allows it to background monitor activity by users such as IP addresses visited." } ] } diff --git a/2019/11xxx/CVE-2019-11493.json b/2019/11xxx/CVE-2019-11493.json index 2405152ef5d..cce0de9d734 100644 --- a/2019/11xxx/CVE-2019-11493.json +++ b/2019/11xxx/CVE-2019-11493.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11493", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11493", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VeryPDF 4.1 has a Memory Overflow leading to Code Execution because pdfocx!CxImageTIF::operator in pdfocx.ocx (used by pdfeditor.exe and pdfcmd.exe) is mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vdalabs.com/2019/04/25/microsoft-security-risk-detection-0day-in-verypdf-reader-part-1/", + "url": "https://www.vdalabs.com/2019/04/25/microsoft-security-risk-detection-0day-in-verypdf-reader-part-1/" } ] }