diff --git a/2003/1xxx/CVE-2003-1091.json b/2003/1xxx/CVE-2003-1091.json index 88ea5cdcdb0..b40a992c79e 100644 --- a/2003/1xxx/CVE-2003-1091.json +++ b/2003/1xxx/CVE-2003-1091.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1091", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1091", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030522 QuickTime/Darwin Streaming Server security issues", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2003-05/0245.html" - }, - { - "name" : "VU#148564", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/148564" - }, - { - "name" : "7660", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/7660" - }, - { - "name" : "1006822", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1006822" - }, - { - "name" : "darwin-mp3broadcaster-code-execution(12054)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12054" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7660", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/7660" + }, + { + "name": "20030522 QuickTime/Darwin Streaming Server security issues", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0245.html" + }, + { + "name": "VU#148564", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/148564" + }, + { + "name": "darwin-mp3broadcaster-code-execution(12054)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12054" + }, + { + "name": "1006822", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1006822" + } + ] + } +} \ No newline at end of file diff --git a/2003/1xxx/CVE-2003-1404.json b/2003/1xxx/CVE-2003-1404.json index 42331203367..d507379dc6f 100644 --- a/2003/1xxx/CVE-2003-1404.json +++ b/2003/1xxx/CVE-2003-1404.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030215 DotBr (PHP)", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html" - }, - { - "name" : "6865", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6865" - }, - { - "name" : "5092", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5092" - }, - { - "name" : "dotbr-config-info-disclosure(11354)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11354" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6865", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6865" + }, + { + "name": "5092", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5092" + }, + { + "name": "dotbr-config-info-disclosure(11354)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11354" + }, + { + "name": "20030215 DotBr (PHP)", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html" + } + ] + } +} \ No newline at end of file diff --git a/2003/1xxx/CVE-2003-1568.json b/2003/1xxx/CVE-2003-1568.json index 90d47c5f359..5f811b65a8b 100644 --- a/2003/1xxx/CVE-2003-1568.json +++ b/2003/1xxx/CVE-2003-1568.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1568", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1568", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#null-pointer-crash-in-webssafeurl", - "refsource" : "CONFIRM", - "url" : "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#null-pointer-crash-in-webssafeurl" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#null-pointer-crash-in-webssafeurl", + "refsource": "CONFIRM", + "url": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#null-pointer-crash-in-webssafeurl" + } + ] + } +} \ No newline at end of file diff --git a/2003/1xxx/CVE-2003-1590.json b/2003/1xxx/CVE-2003-1590.json index 7c44ae4ae2d..3f5c28da63d 100644 --- a/2003/1xxx/CVE-2003-1590.json +++ b/2003/1xxx/CVE-2003-1590.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 through SP5 on Windows allows remote attackers to cause a denial of service (daemon crash) via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "201451", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201451-1" - }, - { - "name" : "sunone-unspecified-dos(56615)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56615" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 through SP5 on Windows allows remote attackers to cause a denial of service (daemon crash) via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sunone-unspecified-dos(56615)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56615" + }, + { + "name": "201451", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201451-1" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0174.json b/2004/0xxx/CVE-2004-0174.json index c54925d1c7e..c2d8067df39 100644 --- a/2004/0xxx/CVE-2004-0174.json +++ b/2004/0xxx/CVE-2004-0174.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a \"short-lived connection on a rarely-accessed listening socket.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040319 [ANNOUNCE] Apache HTTP Server 2.0.49 Released (fwd)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107973894328806&w=2" - }, - { - "name" : "http://www.apache.org/dist/httpd/CHANGES_1.3", - "refsource" : "CONFIRM", - "url" : "http://www.apache.org/dist/httpd/CHANGES_1.3" - }, - { - "name" : "101555", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" - }, - { - "name" : "2004-0017", - "refsource" : "TRUSTIX", - "url" : "http://marc.info/?l=bugtraq&m=108066914830552&w=2" - }, - { - "name" : "APPLE-SA-2004-05-03", - "refsource" : "APPLE", - "url" : "http://marc.info/?l=bugtraq&m=108369640424244&w=2" - }, - { - "name" : "20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108437852004207&w=2" - }, - { - "name" : "SSA:2004-133", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643" - }, - { - "name" : "57628", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" - }, - { - "name" : "2004-0027", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2004/0027" - }, - { - "name" : "GLSA-200405-22", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200405-22.xml" - }, - { - "name" : "SSRT4717", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=108731648532365&w=2" - }, - { - "name" : "MDKSA-2004:046", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:046" - }, - { - "name" : "RHSA-2004:405", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-405.html" - }, - { - "name" : "VU#132110", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/132110" - }, - { - "name" : "oval:org.mitre.oval:def:100110", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100110" - }, - { - "name" : "11170", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11170" - }, - { - "name" : "9921", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9921" - }, - { - "name" : "1009495", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/alerts/2004/Mar/1009495.html" - }, - { - "name" : "oval:org.mitre.oval:def:1982", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1982" - }, - { - "name" : "apache-socket-starvation-dos(15540)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a \"short-lived connection on a rarely-accessed listening socket.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "apache-socket-starvation-dos(15540)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15540" + }, + { + "name": "1009495", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/alerts/2004/Mar/1009495.html" + }, + { + "name": "57628", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" + }, + { + "name": "RHSA-2004:405", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-405.html" + }, + { + "name": "http://www.apache.org/dist/httpd/CHANGES_1.3", + "refsource": "CONFIRM", + "url": "http://www.apache.org/dist/httpd/CHANGES_1.3" + }, + { + "name": "APPLE-SA-2004-05-03", + "refsource": "APPLE", + "url": "http://marc.info/?l=bugtraq&m=108369640424244&w=2" + }, + { + "name": "oval:org.mitre.oval:def:100110", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100110" + }, + { + "name": "101555", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" + }, + { + "name": "9921", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9921" + }, + { + "name": "SSRT4717", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=108731648532365&w=2" + }, + { + "name": "20040319 [ANNOUNCE] Apache HTTP Server 2.0.49 Released (fwd)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107973894328806&w=2" + }, + { + "name": "MDKSA-2004:046", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:046" + }, + { + "name": "11170", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11170" + }, + { + "name": "2004-0027", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2004/0027" + }, + { + "name": "oval:org.mitre.oval:def:1982", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1982" + }, + { + "name": "20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108437852004207&w=2" + }, + { + "name": "SSA:2004-133", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643" + }, + { + "name": "GLSA-200405-22", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200405-22.xml" + }, + { + "name": "2004-0017", + "refsource": "TRUSTIX", + "url": "http://marc.info/?l=bugtraq&m=108066914830552&w=2" + }, + { + "name": "VU#132110", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/132110" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0777.json b/2004/0xxx/CVE-2004-0777.json index e70f997dc19..4e63bc1ca45 100644 --- a/2004/0xxx/CVE-2004-0777.json +++ b/2004/0xxx/CVE-2004-0777.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040818 Courier-IMAP Remote Format String Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=131" - }, - { - "name" : "GLSA-200408-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200408-19.xml" - }, - { - "name" : "2004-0043", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.net/errata/2004/0043/" - }, - { - "name" : "10976", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10976" - }, - { - "name" : "courierimap-authdebug-format-string(17034)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17034" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2004-0043", + "refsource": "TRUSTIX", + "url": "http://www.trustix.net/errata/2004/0043/" + }, + { + "name": "20040818 Courier-IMAP Remote Format String Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=131" + }, + { + "name": "10976", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10976" + }, + { + "name": "GLSA-200408-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200408-19.xml" + }, + { + "name": "courierimap-authdebug-format-string(17034)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17034" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0911.json b/2004/0xxx/CVE-2004-0911.json index 18c866035b4..0fcb2e158a5 100644 --- a/2004/0xxx/CVE-2004-0911.json +++ b/2004/0xxx/CVE-2004-0911.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0911", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0911", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040918 Debian netkit telnetd vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/375743" - }, - { - "name" : "DSA-556", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2004/dsa-556" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=273694", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=273694" - }, - { - "name" : "telnetd-netkit-bo(17540)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040918 Debian netkit telnetd vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/375743" + }, + { + "name": "DSA-556", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2004/dsa-556" + }, + { + "name": "telnetd-netkit-bo(17540)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17540" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=273694", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=273694" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0958.json b/2004/0xxx/CVE-2004-0958.json index 91d067e04d3..d47d2f2106f 100644 --- a/2004/0xxx/CVE-2004-0958.json +++ b/2004/0xxx/CVE-2004-0958.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0958", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0958", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040915 PHP Vulnerability N. 1", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109527531130492&w=2" - }, - { - "name" : "20040915 [VulnWatch] PHP Vulnerability N. 1", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html" - }, - { - "name" : "FLSA:2344", - "refsource" : "FEDORA", - "url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2344" - }, - { - "name" : "RHSA-2004:687", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-687.html" - }, - { - "name" : "oval:org.mitre.oval:def:10863", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863" - }, - { - "name" : "1011279", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1011279" - }, - { - "name" : "12560", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12560/" - }, - { - "name" : "php-phpinfo-disclose-memory(17393)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17393" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040915 [VulnWatch] PHP Vulnerability N. 1", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html" + }, + { + "name": "20040915 PHP Vulnerability N. 1", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109527531130492&w=2" + }, + { + "name": "12560", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12560/" + }, + { + "name": "1011279", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1011279" + }, + { + "name": "FLSA:2344", + "refsource": "FEDORA", + "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2344" + }, + { + "name": "php-phpinfo-disclose-memory(17393)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17393" + }, + { + "name": "oval:org.mitre.oval:def:10863", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863" + }, + { + "name": "RHSA-2004:687", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-687.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1665.json b/2004/1xxx/CVE-2004-1665.json index 38ec69b94fe..653ca8b672e 100644 --- a/2004/1xxx/CVE-2004-1665.json +++ b/2004/1xxx/CVE-2004-1665.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1665", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040905 Bug XSS in PsNews 1.1", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109458516524494&w=2" - }, - { - "name" : "11124", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11124" - }, - { - "name" : "1011191", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1011191" - }, - { - "name" : "psnews-xss(17302)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17302" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11124", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11124" + }, + { + "name": "1011191", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1011191" + }, + { + "name": "psnews-xss(17302)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17302" + }, + { + "name": "20040905 Bug XSS in PsNews 1.1", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109458516524494&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1769.json b/2004/1xxx/CVE-2004-1769.json index f54e31be1fc..8c1e573e974 100644 --- a/2004/1xxx/CVE-2004-1769.json +++ b/2004/1xxx/CVE-2004-1769.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"Allow cPanel users to reset their password via email\" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040311 Cpanel 8.*.* have a problem ?", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/357064/2004-03-08/2004-03-14/0" - }, - { - "name" : "20040311 cPanel Secuirty Advisory CPANEL-2004:01-01", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107904890724201&w=2" - }, - { - "name" : "VU#831534", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/831534" - }, - { - "name" : "9848", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9848" - }, - { - "name" : "11111", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11111" - }, - { - "name" : "cpanel-resetpass-execute-commands(15443)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15443" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"Allow cPanel users to reset their password via email\" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#831534", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/831534" + }, + { + "name": "20040311 cPanel Secuirty Advisory CPANEL-2004:01-01", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107904890724201&w=2" + }, + { + "name": "cpanel-resetpass-execute-commands(15443)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15443" + }, + { + "name": "20040311 Cpanel 8.*.* have a problem ?", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/357064/2004-03-08/2004-03-14/0" + }, + { + "name": "9848", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9848" + }, + { + "name": "11111", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11111" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1812.json b/2004/1xxx/CVE-2004-1812.json index 6b2f0a6b8e9..fede0423856 100644 --- a/2004/1xxx/CVE-2004-1812.json +++ b/2004/1xxx/CVE-2004-1812.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1812", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1812", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040314 Multiple Immunity Advisories", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107936784030214&w=2" - }, - { - "name" : "20040315 Immunity Advisory: Computer Associates Unicenter TNG", - "refsource" : "VULNWATCH", - "url" : "http://www.derkeiler.com/Mailing-Lists/VulnWatch/2004-03/0008.html" - }, - { - "name" : "http://www.immunitysec.com/downloads/awservices.sxw.pdf", - "refsource" : "MISC", - "url" : "http://www.immunitysec.com/downloads/awservices.sxw.pdf" - }, - { - "name" : "ftp://ftp.ca.com/CAproducts/unicenter/CCS31/nt/qi52764/QI52764.DB0", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.ca.com/CAproducts/unicenter/CCS31/nt/qi52764/QI52764.DB0" - }, - { - "name" : "9863", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9863" - }, - { - "name" : "11131", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11131" - }, - { - "name" : "unicentertng-awservices-cam-bo(15472)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "unicentertng-awservices-cam-bo(15472)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15472" + }, + { + "name": "20040314 Multiple Immunity Advisories", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107936784030214&w=2" + }, + { + "name": "ftp://ftp.ca.com/CAproducts/unicenter/CCS31/nt/qi52764/QI52764.DB0", + "refsource": "CONFIRM", + "url": "ftp://ftp.ca.com/CAproducts/unicenter/CCS31/nt/qi52764/QI52764.DB0" + }, + { + "name": "11131", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11131" + }, + { + "name": "9863", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9863" + }, + { + "name": "20040315 Immunity Advisory: Computer Associates Unicenter TNG", + "refsource": "VULNWATCH", + "url": "http://www.derkeiler.com/Mailing-Lists/VulnWatch/2004-03/0008.html" + }, + { + "name": "http://www.immunitysec.com/downloads/awservices.sxw.pdf", + "refsource": "MISC", + "url": "http://www.immunitysec.com/downloads/awservices.sxw.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2139.json b/2004/2xxx/CVE-2004-2139.json index 012a0c8297a..054d35c0316 100644 --- a/2004/2xxx/CVE-2004-2139.json +++ b/2004/2xxx/CVE-2004-2139.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.yabbforum.com/community/YaBB.pl?board=general;action=display;num=1093133233", - "refsource" : "CONFIRM", - "url" : "http://www.yabbforum.com/community/YaBB.pl?board=general;action=display;num=1093133233" - }, - { - "name" : "11235", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11235" - }, - { - "name" : "10222", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/10222" - }, - { - "name" : "12609", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12609/" - }, - { - "name" : "yabb-admineditpl-xss(17459)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17459" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11235", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11235" + }, + { + "name": "http://www.yabbforum.com/community/YaBB.pl?board=general;action=display;num=1093133233", + "refsource": "CONFIRM", + "url": "http://www.yabbforum.com/community/YaBB.pl?board=general;action=display;num=1093133233" + }, + { + "name": "12609", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12609/" + }, + { + "name": "10222", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/10222" + }, + { + "name": "yabb-admineditpl-xss(17459)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17459" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2418.json b/2004/2xxx/CVE-2004-2418.json index 17b43caedc2..9948298f62c 100644 --- a/2004/2xxx/CVE-2004-2418.json +++ b/2004/2xxx/CVE-2004-2418.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2418", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041110 [Advisory + Exploit] SlimFTPd <= 3.15", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0293.html" - }, - { - "name" : "http://www.whitsoftdev.com/slimftpd/", - "refsource" : "CONFIRM", - "url" : "http://www.whitsoftdev.com/slimftpd/" - }, - { - "name" : "11645", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11645" - }, - { - "name" : "11604", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/11604" - }, - { - "name" : "1012167", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1012167" - }, - { - "name" : "13161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13161" - }, - { - "name" : "slimftpd-multiple-command-bo(18014)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18014" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "13161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13161" + }, + { + "name": "slimftpd-multiple-command-bo(18014)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18014" + }, + { + "name": "11604", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/11604" + }, + { + "name": "20041110 [Advisory + Exploit] SlimFTPd <= 3.15", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0293.html" + }, + { + "name": "1012167", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1012167" + }, + { + "name": "http://www.whitsoftdev.com/slimftpd/", + "refsource": "CONFIRM", + "url": "http://www.whitsoftdev.com/slimftpd/" + }, + { + "name": "11645", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11645" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2708.json b/2004/2xxx/CVE-2004-2708.json index 16ef2a247bd..4658cad8843 100644 --- a/2004/2xxx/CVE-2004-2708.json +++ b/2004/2xxx/CVE-2004-2708.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phrozensmoke.com/projects/pyvoicechat/changelog.php", - "refsource" : "CONFIRM", - "url" : "http://www.phrozensmoke.com/projects/pyvoicechat/changelog.php" - }, - { - "name" : "8834", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/8834" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "8834", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/8834" + }, + { + "name": "http://www.phrozensmoke.com/projects/pyvoicechat/changelog.php", + "refsource": "CONFIRM", + "url": "http://www.phrozensmoke.com/projects/pyvoicechat/changelog.php" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2150.json b/2008/2xxx/CVE-2008-2150.json index 076097fc663..5f93a81af4b 100644 --- a/2008/2xxx/CVE-2008-2150.json +++ b/2008/2xxx/CVE-2008-2150.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2150", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2150", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2182.json b/2008/2xxx/CVE-2008-2182.json index a9fa13d5857..9b33063cfd5 100644 --- a/2008/2xxx/CVE-2008-2182.json +++ b/2008/2xxx/CVE-2008-2182.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2182", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.1.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2182", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-20080505-2/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-20080505-2/" - }, - { - "name" : "29040", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29040" - }, - { - "name" : "30079", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30079" - }, - { - "name" : "powermail-typo3-unspecified-xss(42188)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.1.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30079", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30079" + }, + { + "name": "powermail-typo3-unspecified-xss(42188)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42188" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-20080505-2/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080505-2/" + }, + { + "name": "29040", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29040" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2525.json b/2008/2xxx/CVE-2008-2525.json index b652d9bbf35..751b25b0bbe 100644 --- a/2008/2xxx/CVE-2008-2525.json +++ b/2008/2xxx/CVE-2008-2525.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2525", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2525", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-20080513-3/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-20080513-3/" - }, - { - "name" : "29180", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29180" - }, - { - "name" : "30218", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30218" - }, - { - "name" : "rlmpeventdb-unspecified-xss(42361)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42361" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-20080513-3/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080513-3/" + }, + { + "name": "29180", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29180" + }, + { + "name": "30218", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30218" + }, + { + "name": "rlmpeventdb-unspecified-xss(42361)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42361" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2800.json b/2008/2xxx/CVE-2008-2800.json index de572ea4331..1ebef8cae93 100644 --- a/2008/2xxx/CVE-2008-2800.json +++ b/2008/2xxx/CVE-2008-2800.json @@ -1,297 +1,297 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2800", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-2800", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080708 rPSA-2008-0216-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/494080/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15" - }, - { - "name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-22.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-22.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=428672", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=428672" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=432591", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=432591" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=433328", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=433328" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=439035", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=439035" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=440308", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=440308" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2646", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2646" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216" - }, - { - "name" : "DSA-1607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1607" - }, - { - "name" : "DSA-1615", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1615" - }, - { - "name" : "DSA-1697", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1697" - }, - { - "name" : "FEDORA-2008-6127", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html" - }, - { - "name" : "FEDORA-2008-6193", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html" - }, - { - "name" : "FEDORA-2008-6196", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html" - }, - { - "name" : "GLSA-200808-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200808-03.xml" - }, - { - "name" : "MDVSA-2008:136", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136" - }, - { - "name" : "RHSA-2008:0547", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0547.html" - }, - { - "name" : "RHSA-2008:0549", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0549.html" - }, - { - "name" : "RHSA-2008:0569", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0569.html" - }, - { - "name" : "RHSA-2008:0616", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2008-0616.html" - }, - { - "name" : "SSA:2008-191-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152" - }, - { - "name" : "SSA:2008-191", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911" - }, - { - "name" : "256408", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" - }, - { - "name" : "SUSE-SA:2008:034", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html" - }, - { - "name" : "USN-619-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-619-1" - }, - { - "name" : "30038", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30038" - }, - { - "name" : "oval:org.mitre.oval:def:9386", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9386" - }, - { - "name" : "34501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34501" - }, - { - "name" : "31076", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31076" - }, - { - "name" : "ADV-2008-1993", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1993/references" - }, - { - "name" : "1020419", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020419" - }, - { - "name" : "30911", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30911" - }, - { - "name" : "30878", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30878" - }, - { - "name" : "30898", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30898" - }, - { - "name" : "30903", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30903" - }, - { - "name" : "30949", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30949" - }, - { - "name" : "31005", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31005" - }, - { - "name" : "31008", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31008" - }, - { - "name" : "31069", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31069" - }, - { - "name" : "31023", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31023" - }, - { - "name" : "31183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31183" - }, - { - "name" : "31195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31195" - }, - { - "name" : "31377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31377" - }, - { - "name" : "31021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31021" - }, - { - "name" : "33433", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33433" - }, - { - "name" : "ADV-2009-0977", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0977" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SA:2008:034", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=433328", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=433328" + }, + { + "name": "RHSA-2008:0549", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html" + }, + { + "name": "DSA-1697", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1697" + }, + { + "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-22.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-22.html" + }, + { + "name": "31021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31021" + }, + { + "name": "oval:org.mitre.oval:def:9386", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9386" + }, + { + "name": "30898", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30898" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0216", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2646", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2646" + }, + { + "name": "30949", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30949" + }, + { + "name": "SSA:2008-191-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152" + }, + { + "name": "ADV-2009-0977", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0977" + }, + { + "name": "31069", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31069" + }, + { + "name": "31008", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31008" + }, + { + "name": "31377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31377" + }, + { + "name": "RHSA-2008:0616", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html" + }, + { + "name": "ADV-2008-1993", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1993/references" + }, + { + "name": "31023", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31023" + }, + { + "name": "30038", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30038" + }, + { + "name": "DSA-1607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1607" + }, + { + "name": "GLSA-200808-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml" + }, + { + "name": "31005", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31005" + }, + { + "name": "33433", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33433" + }, + { + "name": "FEDORA-2008-6127", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html" + }, + { + "name": "1020419", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020419" + }, + { + "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15" + }, + { + "name": "31183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31183" + }, + { + "name": "30903", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30903" + }, + { + "name": "RHSA-2008:0547", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html" + }, + { + "name": "FEDORA-2008-6193", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html" + }, + { + "name": "256408", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=439035", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=439035" + }, + { + "name": "SSA:2008-191", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=428672", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=428672" + }, + { + "name": "DSA-1615", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1615" + }, + { + "name": "31195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31195" + }, + { + "name": "31076", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31076" + }, + { + "name": "USN-619-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-619-1" + }, + { + "name": "30911", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30911" + }, + { + "name": "RHSA-2008:0569", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html" + }, + { + "name": "30878", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30878" + }, + { + "name": "20080708 rPSA-2008-0216-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded" + }, + { + "name": "FEDORA-2008-6196", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html" + }, + { + "name": "34501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34501" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=432591", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=432591" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=440308", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=440308" + }, + { + "name": "MDVSA-2008:136", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2937.json b/2008/2xxx/CVE-2008-2937.json index f5aa267e782..a37b50e514c 100644 --- a/2008/2xxx/CVE-2008-2937.json +++ b/2008/2xxx/CVE-2008-2937.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2937", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-2937", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080821 rPSA-2008-0259-1 postfix", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/495632/100/0/threaded" - }, - { - "name" : "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY" - }, - { - "name" : "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0259", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0259" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2689", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2689" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" - }, - { - "name" : "FEDORA-2008-8593", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html" - }, - { - "name" : "FEDORA-2008-8595", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html" - }, - { - "name" : "GLSA-200808-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200808-12.xml" - }, - { - "name" : "MDVSA-2009:224", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:224" - }, - { - "name" : "RHSA-2011:0422", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0422.html" - }, - { - "name" : "SUSE-SA:2008:040", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html" - }, - { - "name" : "30691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30691" - }, - { - "name" : "ADV-2008-2385", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2385" - }, - { - "name" : "31485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31485" - }, - { - "name" : "31500", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31500" - }, - { - "name" : "31477", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31477" - }, - { - "name" : "32231", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32231" - }, - { - "name" : "postfix-email-information-disclosure(44461)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44461" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2008-8595", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html" + }, + { + "name": "32231", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32231" + }, + { + "name": "MDVSA-2009:224", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:224" + }, + { + "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY", + "refsource": "CONFIRM", + "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY" + }, + { + "name": "FEDORA-2008-8593", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2689", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2689" + }, + { + "name": "20080821 rPSA-2008-0259-1 postfix", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded" + }, + { + "name": "postfix-email-information-disclosure(44461)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44461" + }, + { + "name": "30691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30691" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0259", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259" + }, + { + "name": "SUSE-SA:2008:040", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html" + }, + { + "name": "RHSA-2011:0422", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0422.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" + }, + { + "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY", + "refsource": "CONFIRM", + "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY" + }, + { + "name": "31500", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31500" + }, + { + "name": "31477", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31477" + }, + { + "name": "31485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31485" + }, + { + "name": "ADV-2008-2385", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2385" + }, + { + "name": "GLSA-200808-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6162.json b/2008/6xxx/CVE-2008-6162.json index bd51674e53c..fff15bfe04c 100644 --- a/2008/6xxx/CVE-2008-6162.json +++ b/2008/6xxx/CVE-2008-6162.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6162", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bux.to Clone script allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1 and the usNick cookie to admin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6162", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6652", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6652" - }, - { - "name" : "31542", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31542" - }, - { - "name" : "buxtoclone-cookie-auth-bypass(45640)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bux.to Clone script allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1 and the usNick cookie to admin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6652", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6652" + }, + { + "name": "31542", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31542" + }, + { + "name": "buxtoclone-cookie-auth-bypass(45640)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45640" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6219.json b/2008/6xxx/CVE-2008-6219.json index ee3c06770c8..60d04ff21c8 100644 --- a/2008/6xxx/CVE-2008-6219.json +++ b/2008/6xxx/CVE-2008-6219.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6219", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6219", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081022 FGA-2008-23:EMC NetWorker Denial of Service Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497645/100/0/threaded" - }, - { - "name" : "20081022 Re: FGA-2008-23:EMC NetWorker Denial of Service Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497666/100/0/threaded" - }, - { - "name" : "http://www.fortiguardcenter.com/advisory/FGA-2008-23.html", - "refsource" : "MISC", - "url" : "http://www.fortiguardcenter.com/advisory/FGA-2008-23.html" - }, - { - "name" : "31866", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31866" - }, - { - "name" : "ADV-2008-2894", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2894" - }, - { - "name" : "1021095", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021095" - }, - { - "name" : "32383", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32383" - }, - { - "name" : "emc-networker-nsrexecd-dos(46035)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20081022 FGA-2008-23:EMC NetWorker Denial of Service Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497645/100/0/threaded" + }, + { + "name": "emc-networker-nsrexecd-dos(46035)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46035" + }, + { + "name": "20081022 Re: FGA-2008-23:EMC NetWorker Denial of Service Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497666/100/0/threaded" + }, + { + "name": "31866", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31866" + }, + { + "name": "1021095", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021095" + }, + { + "name": "32383", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32383" + }, + { + "name": "http://www.fortiguardcenter.com/advisory/FGA-2008-23.html", + "refsource": "MISC", + "url": "http://www.fortiguardcenter.com/advisory/FGA-2008-23.html" + }, + { + "name": "ADV-2008-2894", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2894" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6285.json b/2008/6xxx/CVE-2008-6285.json index 3203aa7b413..4c8079923df 100644 --- a/2008/6xxx/CVE-2008-6285.json +++ b/2008/6xxx/CVE-2008-6285.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6285", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7284", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7284" - }, - { - "name" : "32532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32532" - }, - { - "name" : "32925", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32925" - }, - { - "name" : "ADV-2008-3307", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/3307" - }, - { - "name" : "phptvportal-index-sql-injection(46926)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32532" + }, + { + "name": "phptvportal-index-sql-injection(46926)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46926" + }, + { + "name": "7284", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7284" + }, + { + "name": "ADV-2008-3307", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/3307" + }, + { + "name": "32925", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32925" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6630.json b/2008/6xxx/CVE-2008-6630.json index 1f06b35f5a1..6fcf4e92861 100644 --- a/2008/6xxx/CVE-2008-6630.json +++ b/2008/6xxx/CVE-2008-6630.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6630", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6630", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-20080513-1/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-20080513-1/" - }, - { - "name" : "29182", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29182" - }, - { - "name" : "45050", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45050" - }, - { - "name" : "30217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30217" - }, - { - "name" : "wtgallery-image-info-disclosure(42364)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42364" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30217" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-20080513-1/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080513-1/" + }, + { + "name": "wtgallery-image-info-disclosure(42364)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42364" + }, + { + "name": "29182", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29182" + }, + { + "name": "45050", + "refsource": "OSVDB", + "url": "http://osvdb.org/45050" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6696.json b/2008/6xxx/CVE-2008-6696.json index bd90135e8e5..2e1336ba168 100644 --- a/2008/6xxx/CVE-2008-6696.json +++ b/2008/6xxx/CVE-2008-6696.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6696", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6696", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/" - }, - { - "name" : "http://typo3.org/extensions/repository/view/toto/0.1.2/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/extensions/repository/view/toto/0.1.2/" - }, - { - "name" : "29824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29824" - }, - { - "name" : "46394", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46394" - }, - { - "name" : "toto-unspecified-sql-injection(43212)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43212" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/extensions/repository/view/toto/0.1.2/", + "refsource": "CONFIRM", + "url": "http://typo3.org/extensions/repository/view/toto/0.1.2/" + }, + { + "name": "toto-unspecified-sql-injection(43212)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43212" + }, + { + "name": "29824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29824" + }, + { + "name": "46394", + "refsource": "OSVDB", + "url": "http://osvdb.org/46394" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/" + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1353.json b/2012/1xxx/CVE-2012-1353.json index c6ae860c89c..bf5d23038b7 100644 --- a/2012/1xxx/CVE-2012-1353.json +++ b/2012/1xxx/CVE-2012-1353.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1353", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-1353", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5434.json b/2012/5xxx/CVE-2012-5434.json index 5e354aaa879..427829dea6c 100644 --- a/2012/5xxx/CVE-2012-5434.json +++ b/2012/5xxx/CVE-2012-5434.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5434", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5434", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5467.json b/2012/5xxx/CVE-2012-5467.json index 5b5e4f3d62f..d32828c6856 100644 --- a/2012/5xxx/CVE-2012-5467.json +++ b/2012/5xxx/CVE-2012-5467.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5467", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5467", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5776.json b/2012/5xxx/CVE-2012-5776.json index 3b920344f98..3bb062054e5 100644 --- a/2012/5xxx/CVE-2012-5776.json +++ b/2012/5xxx/CVE-2012-5776.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5776", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5776", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5885.json b/2012/5xxx/CVE-2012-5885.json index b10bed624bc..a39d710fb08 100644 --- a/2012/5xxx/CVE-2012-5885.json +++ b/2012/5xxx/CVE-2012-5885.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5885", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5885", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1377807", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1377807" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1380829", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1380829" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1392248", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1392248" - }, - { - "name" : "http://tomcat.apache.org/security-5.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-5.html" - }, - { - "name" : "http://tomcat.apache.org/security-6.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-6.html" - }, - { - "name" : "http://tomcat.apache.org/security-7.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-7.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626891", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626891" - }, - { - "name" : "HPSBUX02860", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136485229118404&w=2" - }, - { - "name" : "SSRT101146", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136485229118404&w=2" - }, - { - "name" : "HPSBUX02866", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136612293908376&w=2" - }, - { - "name" : "SSRT101139", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136612293908376&w=2" - }, - { - "name" : "RHSA-2013:0623", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0623.html" - }, - { - "name" : "RHSA-2013:0629", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0629.html" - }, - { - "name" : "RHSA-2013:0631", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0631.html" - }, - { - "name" : "RHSA-2013:0632", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0632.html" - }, - { - "name" : "RHSA-2013:0633", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0633.html" - }, - { - "name" : "RHSA-2013:0640", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0640.html" - }, - { - "name" : "RHSA-2013:0647", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0647.html" - }, - { - "name" : "RHSA-2013:0648", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0648.html" - }, - { - "name" : "RHSA-2013:0726", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0726.html" - }, - { - "name" : "openSUSE-SU-2012:1700", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" - }, - { - "name" : "openSUSE-SU-2012:1701", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" - }, - { - "name" : "openSUSE-SU-2013:0147", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" - }, - { - "name" : "USN-1637-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1637-1" - }, - { - "name" : "56403", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56403" - }, - { - "name" : "oval:org.mitre.oval:def:19432", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19432" - }, - { - "name" : "51371", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51371" - }, - { - "name" : "tomcat-replay-security-bypass(80408)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80408" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21626891", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21626891" + }, + { + "name": "SSRT101139", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" + }, + { + "name": "51371", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51371" + }, + { + "name": "oval:org.mitre.oval:def:19432", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19432" + }, + { + "name": "openSUSE-SU-2012:1700", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1392248", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1392248" + }, + { + "name": "HPSBUX02860", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2" + }, + { + "name": "RHSA-2013:0631", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0631.html" + }, + { + "name": "RHSA-2013:0640", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0640.html" + }, + { + "name": "USN-1637-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1637-1" + }, + { + "name": "56403", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56403" + }, + { + "name": "http://tomcat.apache.org/security-7.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-7.html" + }, + { + "name": "RHSA-2013:0648", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" + }, + { + "name": "RHSA-2013:0633", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0633.html" + }, + { + "name": "RHSA-2013:0629", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0629.html" + }, + { + "name": "RHSA-2013:0647", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" + }, + { + "name": "RHSA-2013:0632", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0632.html" + }, + { + "name": "http://tomcat.apache.org/security-6.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-6.html" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1380829", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1380829" + }, + { + "name": "openSUSE-SU-2013:0147", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" + }, + { + "name": "RHSA-2013:0623", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0623.html" + }, + { + "name": "http://tomcat.apache.org/security-5.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-5.html" + }, + { + "name": "tomcat-replay-security-bypass(80408)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80408" + }, + { + "name": "SSRT101146", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1377807", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1377807" + }, + { + "name": "HPSBUX02866", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" + }, + { + "name": "openSUSE-SU-2012:1701", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" + }, + { + "name": "RHSA-2013:0726", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11112.json b/2017/11xxx/CVE-2017-11112.json index 6f136cd0d71..49a4bb766a0 100644 --- a/2017/11xxx/CVE-2017-11112.json +++ b/2017/11xxx/CVE-2017-11112.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11112", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11112", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1464686", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1464686" - }, - { - "name" : "GLSA-201804-13", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201804-13" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201804-13", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201804-13" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1464686", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1464686" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11125.json b/2017/11xxx/CVE-2017-11125.json index c457b9aff39..583ac273fe4 100644 --- a/2017/11xxx/CVE-2017-11125.json +++ b/2017/11xxx/CVE-2017-11125.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_get_path-util-c/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_get_path-util-c/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_get_path-util-c/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_get_path-util-c/" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11147.json b/2017/11xxx/CVE-2017-11147.json index c8e4ab4967a..22e05f9fc6f 100644 --- a/2017/11xxx/CVE-2017-11147.json +++ b/2017/11xxx/CVE-2017-11147.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11147", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11147", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=e5246580a85f031e1a3b8064edbaa55c1643a451", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=e5246580a85f031e1a3b8064edbaa55c1643a451" - }, - { - "name" : "http://openwall.com/lists/oss-security/2017/07/10/6", - "refsource" : "CONFIRM", - "url" : "http://openwall.com/lists/oss-security/2017/07/10/6" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=73773", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=73773" - }, - { - "name" : "https://www.tenable.com/security/tns-2017-12", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2017-12" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180112-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180112-0001/" - }, - { - "name" : "RHSA-2018:1296", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1296" - }, - { - "name" : "99607", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99607" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://openwall.com/lists/oss-security/2017/07/10/6", + "refsource": "CONFIRM", + "url": "http://openwall.com/lists/oss-security/2017/07/10/6" + }, + { + "name": "https://www.tenable.com/security/tns-2017-12", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2017-12" + }, + { + "name": "RHSA-2018:1296", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1296" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180112-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180112-0001/" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=e5246580a85f031e1a3b8064edbaa55c1643a451", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=e5246580a85f031e1a3b8064edbaa55c1643a451" + }, + { + "name": "99607", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99607" + }, + { + "name": "https://bugs.php.net/bug.php?id=73773", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=73773" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11267.json b/2017/11xxx/CVE-2017-11267.json index 5fb91b0fcbf..92786925316 100644 --- a/2017/11xxx/CVE-2017-11267.json +++ b/2017/11xxx/CVE-2017-11267.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-11267", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Acrobat Reader", - "version" : { - "version_data" : [ - { - "version_value" : "2017.009.20058 and earlier" - }, - { - "version_value" : "2017.008.30051 and earlier" - }, - { - "version_value" : "2015.006.30306 and earlier" - }, - { - "version_value" : "11.0.20 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Adobe Systems Incorporated" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-11267", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "2017.009.20058 and earlier" + }, + { + "version_value": "2017.008.30051 and earlier" + }, + { + "version_value": "2015.006.30306 and earlier" + }, + { + "version_value": "11.0.20 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Adobe Systems Incorporated" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" - }, - { - "name" : "100179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100179" - }, - { - "name" : "1039098", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" + }, + { + "name": "1039098", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039098" + }, + { + "name": "100179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100179" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11293.json b/2017/11xxx/CVE-2017-11293.json index ca166be9fa2..c556ce8cf84 100644 --- a/2017/11xxx/CVE-2017-11293.json +++ b/2017/11xxx/CVE-2017-11293.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2017-11293", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Out-of-bounds Read" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2017-11293", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/aspb17-36.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/aspb17-36.html" - }, - { - "name" : "102140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102140" - }, - { - "name" : "1039791", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039791" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1039791", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039791" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/aspb17-36.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/aspb17-36.html" + }, + { + "name": "102140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102140" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11478.json b/2017/11xxx/CVE-2017-11478.json index 82cf563783a..ca434e46a3b 100644 --- a/2017/11xxx/CVE-2017-11478.json +++ b/2017/11xxx/CVE-2017-11478.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11478", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11478", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/issues/528", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/issues/528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/issues/528", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/issues/528" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11822.json b/2017/11xxx/CVE-2017-11822.json index 403945150d3..1687675e3f0 100644 --- a/2017/11xxx/CVE-2017-11822.json +++ b/2017/11xxx/CVE-2017-11822.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2017-10-10T00:00:00", - "ID" : "CVE-2017-11822", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Internet Explorer", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11813." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2017-10-10T00:00:00", + "ID": "CVE-2017-11822", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Internet Explorer", + "version": { + "version_data": [ + { + "version_value": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11822", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11822" - }, - { - "name" : "101122", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101122" - }, - { - "name" : "1039532", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11813." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101122", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101122" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11822", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11822" + }, + { + "name": "1039532", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039532" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15367.json b/2017/15xxx/CVE-2017-15367.json index 1747980261d..c536f5e448b 100644 --- a/2017/15xxx/CVE-2017-15367.json +++ b/2017/15xxx/CVE-2017-15367.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15367", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44272", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44272/" - }, - { - "name" : "http://bacula-web.org/download/articles/bacula-web-8-0-0-rc2.html", - "refsource" : "CONFIRM", - "url" : "http://bacula-web.org/download/articles/bacula-web-8-0-0-rc2.html" - }, - { - "name" : "http://bugs.bacula-web.org/view.php?id=211", - "refsource" : "CONFIRM", - "url" : "http://bugs.bacula-web.org/view.php?id=211" - }, - { - "name" : "https://github.com/bacula-web/bacula-web/commit/90d4c44a0dd0d65c6fb3ab2417b83d700c8413ae", - "refsource" : "CONFIRM", - "url" : "https://github.com/bacula-web/bacula-web/commit/90d4c44a0dd0d65c6fb3ab2417b83d700c8413ae" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bacula-web.org/download/articles/bacula-web-8-0-0-rc2.html", + "refsource": "CONFIRM", + "url": "http://bacula-web.org/download/articles/bacula-web-8-0-0-rc2.html" + }, + { + "name": "44272", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44272/" + }, + { + "name": "http://bugs.bacula-web.org/view.php?id=211", + "refsource": "CONFIRM", + "url": "http://bugs.bacula-web.org/view.php?id=211" + }, + { + "name": "https://github.com/bacula-web/bacula-web/commit/90d4c44a0dd0d65c6fb3ab2417b83d700c8413ae", + "refsource": "CONFIRM", + "url": "https://github.com/bacula-web/bacula-web/commit/90d4c44a0dd0d65c6fb3ab2417b83d700c8413ae" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15654.json b/2017/15xxx/CVE-2017-15654.json index 8eada0597b7..3a8b562718f 100644 --- a/2017/15xxx/CVE-2017-15654.json +++ b/2017/15xxx/CVE-2017-15654.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20180116 Multiple vulnerabilities in all versions of ASUS routers", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2018/Jan/63" - }, - { - "name" : "http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20180116 Multiple vulnerabilities in all versions of ASUS routers", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2018/Jan/63" + }, + { + "name": "http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3030.json b/2017/3xxx/CVE-2017-3030.json index 29944fcdef4..e8658e31fd7 100644 --- a/2017/3xxx/CVE-2017-3030.json +++ b/2017/3xxx/CVE-2017-3030.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2017-3030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier." - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2017-3030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier." + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html" - }, - { - "name" : "97556", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97556" - }, - { - "name" : "1038228", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038228" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1038228", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038228" + }, + { + "name": "97556", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97556" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3153.json b/2017/3xxx/CVE-2017-3153.json index 111d15622c9..7d2ad5555b4 100644 --- a/2017/3xxx/CVE-2017-3153.json +++ b/2017/3xxx/CVE-2017-3153.json @@ -1,71 +1,71 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2017-05-07T00:00:00", - "ID" : "CVE-2017-3153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache Atlas", - "version" : { - "version_data" : [ - { - "version_value" : "0.6.0-incubating" - }, - { - "version_value" : "0.7.0-incubating" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Reflected XSS vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "DATE_PUBLIC": "2017-05-07T00:00:00", + "ID": "CVE-2017-3153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Atlas", + "version": { + "version_data": [ + { + "version_value": "0.6.0-incubating" + }, + { + "version_value": "0.7.0-incubating" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dev] 20170507 CVE updates: fixes in Apache Atlas 0.7.1-incubating", - "refsource" : "MLIST", - "url" : "https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea@%3Cdev.atlas.apache.org%3E" - }, - { - "name" : "100578", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100578" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reflected XSS vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[dev] 20170507 CVE updates: fixes in Apache Atlas 0.7.1-incubating", + "refsource": "MLIST", + "url": "https://lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea@%3Cdev.atlas.apache.org%3E" + }, + { + "name": "100578", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100578" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3389.json b/2017/3xxx/CVE-2017-3389.json index 0c453b78fea..30bdef86e80 100644 --- a/2017/3xxx/CVE-2017-3389.json +++ b/2017/3xxx/CVE-2017-3389.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2017-3389", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Advanced Outbound Telephony", - "version" : { - "version_data" : [ - { - "version_value" : "12.1.1" - }, - { - "version_value" : "12.1.2" - }, - { - "version_value" : "12.1.3" - }, - { - "version_value" : "12.2.3" - }, - { - "version_value" : "12.2.4" - }, - { - "version_value" : "12.2.5" - }, - { - "version_value" : "12.2.6" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Advanced Outbound Telephony, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data as well as unauthorized update, insert or delete access to some of Oracle Advanced Outbound Telephony accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2017-3389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Advanced Outbound Telephony", + "version": { + "version_data": [ + { + "version_value": "12.1.1" + }, + { + "version_value": "12.1.2" + }, + { + "version_value": "12.1.3" + }, + { + "version_value": "12.2.3" + }, + { + "version_value": "12.2.4" + }, + { + "version_value": "12.2.5" + }, + { + "version_value": "12.2.6" + } + ] + } + } + ] + }, + "vendor_name": "Oracle" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" - }, - { - "name" : "95531", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95531" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Advanced Outbound Telephony, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data as well as unauthorized update, insert or delete access to some of Oracle Advanced Outbound Telephony accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95531", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95531" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8836.json b/2017/8xxx/CVE-2017-8836.json index 660bab64bb3..df9c7f4ac90 100644 --- a/2017/8xxx/CVE-2017-8836.json +++ b/2017/8xxx/CVE-2017-8836.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42130", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42130/" - }, - { - "name" : "http://seclists.org/bugtraq/2017/Jun/1", - "refsource" : "MISC", - "url" : "http://seclists.org/bugtraq/2017/Jun/1" - }, - { - "name" : "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/", - "refsource" : "MISC", - "url" : "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://seclists.org/bugtraq/2017/Jun/1", + "refsource": "MISC", + "url": "http://seclists.org/bugtraq/2017/Jun/1" + }, + { + "name": "42130", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42130/" + }, + { + "name": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/", + "refsource": "MISC", + "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/" + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10263.json b/2018/10xxx/CVE-2018-10263.json index 5183e9cff01..3522a3dbe49 100644 --- a/2018/10xxx/CVE-2018-10263.json +++ b/2018/10xxx/CVE-2018-10263.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10263", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10263", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10730.json b/2018/10xxx/CVE-2018-10730.json index daaa39ae1f5..8b4317dd6b7 100644 --- a/2018/10xxx/CVE-2018-10730.json +++ b/2018/10xxx/CVE-2018-10730.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10730", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10730", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02" - }, - { - "name" : "https://cert.vde.com/de-de/advisories/vde-2018-004", - "refsource" : "CONFIRM", - "url" : "https://cert.vde.com/de-de/advisories/vde-2018-004" - }, - { - "name" : "104231", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02" + }, + { + "name": "https://cert.vde.com/de-de/advisories/vde-2018-004", + "refsource": "CONFIRM", + "url": "https://cert.vde.com/de-de/advisories/vde-2018-004" + }, + { + "name": "104231", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104231" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12142.json b/2018/12xxx/CVE-2018-12142.json index 0d5aa036fe1..56cce92125c 100644 --- a/2018/12xxx/CVE-2018-12142.json +++ b/2018/12xxx/CVE-2018-12142.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12142", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12142", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12155.json b/2018/12xxx/CVE-2018-12155.json index 188d2b65d63..75003cc4bfe 100644 --- a/2018/12xxx/CVE-2018-12155.json +++ b/2018/12xxx/CVE-2018-12155.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "ID" : "CVE-2018-12155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Intel Integrated Performance Primitives", - "version" : { - "version_data" : [ - { - "version_value" : "before 2019 update 1" - } - ] - } - } - ] - }, - "vendor_name" : "Intel Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "ID": "CVE-2018-12155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intel Integrated Performance Primitives", + "version": { + "version_data": [ + { + "version_value": "before 2019 update 1" + } + ] + } + } + ] + }, + "vendor_name": "Intel Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00202.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00202.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00202.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00202.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12541.json b/2018/12xxx/CVE-2018-12541.json index 89e566dc511..1866c7dbdce 100644 --- a/2018/12xxx/CVE-2018-12541.json +++ b/2018/12xxx/CVE-2018-12541.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "emo@eclipse.org", - "ID" : "CVE-2018-12541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Eclipse Vert.x", - "version" : { - "version_data" : [ - { - "version_affected" : ">=", - "version_value" : "3.0" - }, - { - "version_affected" : "<=", - "version_value" : "3.5.3" - } - ] - } - } - ] - }, - "vendor_name" : "The Eclipse Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit (8192 bytes) above which the WebSocket gets an HTTP response with the 413 status code and the connection gets closed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-789: Uncontrolled Memory Allocation" - } + "CVE_data_meta": { + "ASSIGNER": "security@eclipse.org", + "ID": "CVE-2018-12541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Eclipse Vert.x", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_value": "3.0" + }, + { + "version_affected": "<=", + "version_value": "3.5.3" + } + ] + } + } + ] + }, + "vendor_name": "The Eclipse Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.eclipse.org/bugs/show_bug.cgi?id=539170", - "refsource" : "CONFIRM", - "url" : "https://bugs.eclipse.org/bugs/show_bug.cgi?id=539170" - }, - { - "name" : "https://github.com/eclipse-vertx/vert.x/issues/2648", - "refsource" : "CONFIRM", - "url" : "https://github.com/eclipse-vertx/vert.x/issues/2648" - }, - { - "name" : "RHSA-2018:2946", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit (8192 bytes) above which the WebSocket gets an HTTP response with the 413 status code and the connection gets closed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-789: Uncontrolled Memory Allocation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=539170", + "refsource": "CONFIRM", + "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=539170" + }, + { + "name": "https://github.com/eclipse-vertx/vert.x/issues/2648", + "refsource": "CONFIRM", + "url": "https://github.com/eclipse-vertx/vert.x/issues/2648" + }, + { + "name": "RHSA-2018:2946", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2946" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12720.json b/2018/12xxx/CVE-2018-12720.json index 84ae7c4bffe..46706cd31b4 100644 --- a/2018/12xxx/CVE-2018-12720.json +++ b/2018/12xxx/CVE-2018-12720.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12720", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12720", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12850.json b/2018/12xxx/CVE-2018-12850.json index c222370611d..1bf9fb16400 100644 --- a/2018/12xxx/CVE-2018-12850.json +++ b/2018/12xxx/CVE-2018-12850.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2018-12850", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Acrobat and Reader", - "version" : { - "version_data" : [ - { - "version_value" : "2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "Adobe" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Out-of-bounds read" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2018-12850", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acrobat and Reader", + "version": { + "version_data": [ + { + "version_value": "2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-34.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-34.html" - }, - { - "name" : "105358", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105358" - }, - { - "name" : "1041702", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041702" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-34.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-34.html" + }, + { + "name": "105358", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105358" + }, + { + "name": "1041702", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041702" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13118.json b/2018/13xxx/CVE-2018-13118.json index 956c4ccd22b..3ef7a2d00a2 100644 --- a/2018/13xxx/CVE-2018-13118.json +++ b/2018/13xxx/CVE-2018-13118.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13118", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13118", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13248.json b/2018/13xxx/CVE-2018-13248.json index ae22d62708e..08535ef481f 100644 --- a/2018/13xxx/CVE-2018-13248.json +++ b/2018/13xxx/CVE-2018-13248.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13248", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13248", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13441.json b/2018/13xxx/CVE-2018-13441.json index e07dd6440b9..134cc19938f 100644 --- a/2018/13xxx/CVE-2018-13441.json +++ b/2018/13xxx/CVE-2018-13441.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13441", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45082", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45082/" - }, - { - "name" : "https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8", - "refsource" : "MISC", - "url" : "https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8" - }, - { - "name" : "https://knowledge.opsview.com/v5.3/docs/whats-new", - "refsource" : "CONFIRM", - "url" : "https://knowledge.opsview.com/v5.3/docs/whats-new" - }, - { - "name" : "https://knowledge.opsview.com/v5.4/docs/whats-new", - "refsource" : "CONFIRM", - "url" : "https://knowledge.opsview.com/v5.4/docs/whats-new" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://knowledge.opsview.com/v5.4/docs/whats-new", + "refsource": "CONFIRM", + "url": "https://knowledge.opsview.com/v5.4/docs/whats-new" + }, + { + "name": "https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8", + "refsource": "MISC", + "url": "https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8" + }, + { + "name": "45082", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45082/" + }, + { + "name": "https://knowledge.opsview.com/v5.3/docs/whats-new", + "refsource": "CONFIRM", + "url": "https://knowledge.opsview.com/v5.3/docs/whats-new" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13562.json b/2018/13xxx/CVE-2018-13562.json index b25856ce484..50021552f58 100644 --- a/2018/13xxx/CVE-2018-13562.json +++ b/2018/13xxx/CVE-2018-13562.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13562", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13562", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" - }, - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/BMVCoin", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/BMVCoin" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/BMVCoin", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/BMVCoin" + }, + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16059.json b/2018/16xxx/CVE-2018-16059.json index 722af953acd..59ab5d22cee 100644 --- a/2018/16xxx/CVE-2018-16059.json +++ b/2018/16xxx/CVE-2018-16059.json @@ -1,62 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45342", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45342/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "107416", + "url": "http://www.securityfocus.com/bid/107416" + }, + { + "name": "45342", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45342/" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17101.json b/2018/17xxx/CVE-2018-17101.json index 90ec61ae0f6..3322dccb976 100644 --- a/2018/17xxx/CVE-2018-17101.json +++ b/2018/17xxx/CVE-2018-17101.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181028 [SECURITY] [DLA 1557-1] tiff security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/10/msg00019.html" - }, - { - "name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2807", - "refsource" : "MISC", - "url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2807" - }, - { - "name" : "https://gitlab.com/libtiff/libtiff/merge_requests/33/diffs?commit_id=f1b94e8a3ba49febdd3361c0214a1d1149251577", - "refsource" : "MISC", - "url" : "https://gitlab.com/libtiff/libtiff/merge_requests/33/diffs?commit_id=f1b94e8a3ba49febdd3361c0214a1d1149251577" - }, - { - "name" : "DSA-4349", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4349" - }, - { - "name" : "USN-3864-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3864-1/" - }, - { - "name" : "105370", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitlab.com/libtiff/libtiff/merge_requests/33/diffs?commit_id=f1b94e8a3ba49febdd3361c0214a1d1149251577", + "refsource": "MISC", + "url": "https://gitlab.com/libtiff/libtiff/merge_requests/33/diffs?commit_id=f1b94e8a3ba49febdd3361c0214a1d1149251577" + }, + { + "name": "USN-3864-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3864-1/" + }, + { + "name": "105370", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105370" + }, + { + "name": "DSA-4349", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4349" + }, + { + "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2807", + "refsource": "MISC", + "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2807" + }, + { + "name": "[debian-lts-announce] 20181028 [SECURITY] [DLA 1557-1] tiff security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00019.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17164.json b/2018/17xxx/CVE-2018-17164.json index 465c754c268..25b9de7278d 100644 --- a/2018/17xxx/CVE-2018-17164.json +++ b/2018/17xxx/CVE-2018-17164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17164", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17164", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17493.json b/2018/17xxx/CVE-2018-17493.json index a90b4bff378..511e1f00459 100644 --- a/2018/17xxx/CVE-2018-17493.json +++ b/2018/17xxx/CVE-2018-17493.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17493", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17493", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17965.json b/2018/17xxx/CVE-2018-17965.json index 66b2fce781d..2f4c87b7792 100644 --- a/2018/17xxx/CVE-2018-17965.json +++ b/2018/17xxx/CVE-2018-17965.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17965", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17965", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ImageMagick/ImageMagick/issues/1052", - "refsource" : "MISC", - "url" : "https://github.com/ImageMagick/ImageMagick/issues/1052" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ImageMagick/ImageMagick/issues/1052", + "refsource": "MISC", + "url": "https://github.com/ImageMagick/ImageMagick/issues/1052" + } + ] + } +} \ No newline at end of file