diff --git a/2007/0xxx/CVE-2007-0002.json b/2007/0xxx/CVE-2007-0002.json index b7570cb7617..244887091b1 100644 --- a/2007/0xxx/CVE-2007-0002.json +++ b/2007/0xxx/CVE-2007-0002.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070316 Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490" - }, - { - "name" : "20070316 rPSA-2007-0057-1 libwpd", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463033/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=494122", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=494122" - }, - { - "name" : "DSA-1268", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1268" - }, - { - "name" : "DSA-1270", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1270" - }, - { - "name" : "FEDORA-2007-350", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2805" - }, - { - "name" : "GLSA-200704-07", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-07.xml" - }, - { - "name" : "GLSA-200704-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml" - }, - { - "name" : "MDKSA-2007:063", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:063" - }, - { - "name" : "MDKSA-2007:064", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:064" - }, - { - "name" : "RHSA-2007:0055", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0055.html" - }, - { - "name" : "SSA-2007-085-02", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.399659" - }, - { - "name" : "102863", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1" - }, - { - "name" : "SUSE-SA:2007:023", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html" - }, - { - "name" : "USN-437-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-437-1" - }, - { - "name" : "23006", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23006" - }, - { - "name" : "oval:org.mitre.oval:def:11535", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11535" - }, - { - "name" : "ADV-2007-0976", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0976" - }, - { - "name" : "ADV-2007-1032", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1032" - }, - { - "name" : "ADV-2007-1339", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1339" - }, - { - "name" : "1017789", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017789" - }, - { - "name" : "24507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24507" - }, - { - "name" : "24557", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24557" - }, - { - "name" : "24572", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24572" - }, - { - "name" : "24580", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24580" - }, - { - "name" : "24573", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24573" - }, - { - "name" : "24581", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24581" - }, - { - "name" : "24593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24593" - }, - { - "name" : "24465", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24465" - }, - { - "name" : "24794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24794" - }, - { - "name" : "24856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24856" - }, - { - "name" : "24906", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24906" - }, - { - "name" : "24588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24588" - }, - { - "name" : "24613", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24613" - }, - { - "name" : "24591", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24591" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102863", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1" + }, + { + "name": "ADV-2007-1339", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1339" + }, + { + "name": "23006", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23006" + }, + { + "name": "FEDORA-2007-350", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2805" + }, + { + "name": "24573", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24573" + }, + { + "name": "GLSA-200704-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml" + }, + { + "name": "24588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24588" + }, + { + "name": "24581", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24581" + }, + { + "name": "oval:org.mitre.oval:def:11535", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11535" + }, + { + "name": "GLSA-200704-07", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-07.xml" + }, + { + "name": "SUSE-SA:2007:023", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html" + }, + { + "name": "ADV-2007-1032", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1032" + }, + { + "name": "24613", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24613" + }, + { + "name": "24794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24794" + }, + { + "name": "MDKSA-2007:064", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:064" + }, + { + "name": "24465", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24465" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=494122", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=494122" + }, + { + "name": "DSA-1268", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1268" + }, + { + "name": "24507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24507" + }, + { + "name": "24557", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24557" + }, + { + "name": "20070316 rPSA-2007-0057-1 libwpd", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463033/100/0/threaded" + }, + { + "name": "MDKSA-2007:063", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:063" + }, + { + "name": "24591", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24591" + }, + { + "name": "24580", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24580" + }, + { + "name": "DSA-1270", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1270" + }, + { + "name": "USN-437-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-437-1" + }, + { + "name": "24572", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24572" + }, + { + "name": "20070316 Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490" + }, + { + "name": "24593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24593" + }, + { + "name": "ADV-2007-0976", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0976" + }, + { + "name": "SSA-2007-085-02", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.399659" + }, + { + "name": "1017789", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017789" + }, + { + "name": "RHSA-2007:0055", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0055.html" + }, + { + "name": "24906", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24906" + }, + { + "name": "24856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24856" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0218.json b/2007/0xxx/CVE-2007-0218.json index 507f83a61cd..64aa4c3c155 100644 --- a/2007/0xxx/CVE-2007-0218.json +++ b/2007/0xxx/CVE-2007-0218.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0218", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0218", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070612 Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=542" - }, - { - "name" : "HPSBST02231", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/471947/100/0/threaded" - }, - { - "name" : "SSRT071438", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/471947/100/0/threaded" - }, - { - "name" : "MS07-033", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-033" - }, - { - "name" : "TA07-163A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-163A.html" - }, - { - "name" : "24372", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24372" - }, - { - "name" : "35348", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35348" - }, - { - "name" : "ADV-2007-2153", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2153" - }, - { - "name" : "oval:org.mitre.oval:def:1084", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1084" - }, - { - "name" : "1018235", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018235" - }, - { - "name" : "25627", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25627" - }, - { - "name" : "webbrowser-object-code-execution(32106)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35348", + "refsource": "OSVDB", + "url": "http://osvdb.org/35348" + }, + { + "name": "25627", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25627" + }, + { + "name": "SSRT071438", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded" + }, + { + "name": "1018235", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018235" + }, + { + "name": "24372", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24372" + }, + { + "name": "ADV-2007-2153", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2153" + }, + { + "name": "oval:org.mitre.oval:def:1084", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1084" + }, + { + "name": "webbrowser-object-code-execution(32106)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32106" + }, + { + "name": "20070612 Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=542" + }, + { + "name": "TA07-163A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html" + }, + { + "name": "MS07-033", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-033" + }, + { + "name": "HPSBST02231", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0788.json b/2007/0xxx/CVE-2007-0788.json index 5bf96399a41..38aff663017 100644 --- a/2007/0xxx/CVE-2007-0788.json +++ b/2007/0xxx/CVE-2007-0788.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0788", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"sortable tables JavaScript.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0788", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20070204 MediaWiki 1.9.2 released", - "refsource" : "MLIST", - "url" : "http://lists.wikimedia.org/pipermail/mediawiki-announce/2007-February/000059.html" - }, - { - "name" : "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_2/phase3/RELEASE-NOTES", - "refsource" : "CONFIRM", - "url" : "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_2/phase3/RELEASE-NOTES" - }, - { - "name" : "22397", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22397" - }, - { - "name" : "ADV-2007-0490", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0490" - }, - { - "name" : "33091", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33091" - }, - { - "name" : "24039", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24039" - }, - { - "name" : "mediawiki-sortabletable-xss(32217)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"sortable tables JavaScript.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0490", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0490" + }, + { + "name": "24039", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24039" + }, + { + "name": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_2/phase3/RELEASE-NOTES", + "refsource": "CONFIRM", + "url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_2/phase3/RELEASE-NOTES" + }, + { + "name": "[MediaWiki-announce] 20070204 MediaWiki 1.9.2 released", + "refsource": "MLIST", + "url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2007-February/000059.html" + }, + { + "name": "mediawiki-sortabletable-xss(32217)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32217" + }, + { + "name": "33091", + "refsource": "OSVDB", + "url": "http://osvdb.org/33091" + }, + { + "name": "22397", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22397" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1279.json b/2007/1xxx/CVE-2007-1279.json index 4f02d704827..6ff64601106 100644 --- a/2007/1xxx/CVE-2007-1279.json +++ b/2007/1xxx/CVE-2007-1279.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1279", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1279", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb07-09.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb07-09.html" - }, - { - "name" : "23404", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23404" - }, - { - "name" : "ADV-2007-1342", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1342" - }, - { - "name" : "34896", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34896" - }, - { - "name" : "1017900", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017900" - }, - { - "name" : "24854", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24854" - }, - { - "name" : "bridge-unspecified-privilege-escalation(33570)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33570" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34896", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34896" + }, + { + "name": "24854", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24854" + }, + { + "name": "ADV-2007-1342", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1342" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb07-09.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb07-09.html" + }, + { + "name": "bridge-unspecified-privilege-escalation(33570)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33570" + }, + { + "name": "23404", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23404" + }, + { + "name": "1017900", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017900" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1476.json b/2007/1xxx/CVE-2007-1476.json index 8d4349e4760..7d26d4b522e 100644 --- a/2007/1xxx/CVE-2007-1476.json +++ b/2007/1xxx/CVE-2007-1476.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1476", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \\Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1476", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070315 Norton Insufficient validation of 'SymTDI' driver input buffer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462926/100/0/threaded" - }, - { - "name" : "20070315 Norton Insufficient validation of 'SymTDI' driver", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117396596027148&w=2" - }, - { - "name" : "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2007.09.05.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2007.09.05.html" - }, - { - "name" : "22977", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22977" - }, - { - "name" : "35088", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35088" - }, - { - "name" : "1018656", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018656" - }, - { - "name" : "2438", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2438" - }, - { - "name" : "symantec-firewall-symtdi-dos(33003)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \\Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html" + }, + { + "name": "20070315 Norton Insufficient validation of 'SymTDI' driver input buffer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462926/100/0/threaded" + }, + { + "name": "20070315 Norton Insufficient validation of 'SymTDI' driver", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117396596027148&w=2" + }, + { + "name": "symantec-firewall-symtdi-dos(33003)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003" + }, + { + "name": "22977", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22977" + }, + { + "name": "35088", + "refsource": "OSVDB", + "url": "http://osvdb.org/35088" + }, + { + "name": "2438", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2438" + }, + { + "name": "1018656", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018656" + }, + { + "name": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php", + "refsource": "MISC", + "url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1766.json b/2007/1xxx/CVE-2007-1766.json index ad93d745fc4..c9118e44b93 100644 --- a/2007/1xxx/CVE-2007-1766.json +++ b/2007/1xxx/CVE-2007-1766.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070329 Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464147/100/0/threaded" - }, - { - "name" : "3608", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3608" - }, - { - "name" : "23197", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23197" - }, - { - "name" : "ADV-2007-1179", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1179" - }, - { - "name" : "34587", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34587" - }, - { - "name" : "24695", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24695" - }, - { - "name" : "2508", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2508" - }, - { - "name" : "advanced-profiledit-file-include(33321)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33321" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24695", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24695" + }, + { + "name": "advanced-profiledit-file-include(33321)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33321" + }, + { + "name": "34587", + "refsource": "OSVDB", + "url": "http://osvdb.org/34587" + }, + { + "name": "ADV-2007-1179", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1179" + }, + { + "name": "20070329 Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464147/100/0/threaded" + }, + { + "name": "3608", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3608" + }, + { + "name": "23197", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23197" + }, + { + "name": "2508", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2508" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1878.json b/2007/1xxx/CVE-2007-1878.json index 6f28d9c3f59..563b7624ddc 100644 --- a/2007/1xxx/CVE-2007-1878.json +++ b/2007/1xxx/CVE-2007-1878.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome, as demonstrated via the runFile function, related to lack of HTML escaping in the property name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464740/100/0/threaded" - }, - { - "name" : "20070404 Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464786/100/0/threaded" - }, - { - "name" : "http://www.gnucitizen.org/blog/firebug-goes-evil", - "refsource" : "MISC", - "url" : "http://www.gnucitizen.org/blog/firebug-goes-evil" - }, - { - "name" : "http://larholm.com/2007/04/06/0day-vulnerability-in-firebug/", - "refsource" : "MISC", - "url" : "http://larholm.com/2007/04/06/0day-vulnerability-in-firebug/" - }, - { - "name" : "http://www.getfirebug.com/blog/2007/04/04/security-update/", - "refsource" : "CONFIRM", - "url" : "http://www.getfirebug.com/blog/2007/04/04/security-update/" - }, - { - "name" : "23315", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23315" - }, - { - "name" : "ADV-2007-1272", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1272" - }, - { - "name" : "24743", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24743" - }, - { - "name" : "2525", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2525" - }, - { - "name" : "firefox-firebug-console-security-bypass(33451)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33451" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome, as demonstrated via the runFile function, related to lack of HTML escaping in the property name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.getfirebug.com/blog/2007/04/04/security-update/", + "refsource": "CONFIRM", + "url": "http://www.getfirebug.com/blog/2007/04/04/security-update/" + }, + { + "name": "http://larholm.com/2007/04/06/0day-vulnerability-in-firebug/", + "refsource": "MISC", + "url": "http://larholm.com/2007/04/06/0day-vulnerability-in-firebug/" + }, + { + "name": "23315", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23315" + }, + { + "name": "24743", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24743" + }, + { + "name": "20070404 Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464740/100/0/threaded" + }, + { + "name": "ADV-2007-1272", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1272" + }, + { + "name": "2525", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2525" + }, + { + "name": "20070404 Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464786/100/0/threaded" + }, + { + "name": "http://www.gnucitizen.org/blog/firebug-goes-evil", + "refsource": "MISC", + "url": "http://www.gnucitizen.org/blog/firebug-goes-evil" + }, + { + "name": "firefox-firebug-console-security-bypass(33451)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33451" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1885.json b/2007/1xxx/CVE-2007-1885.json index 13d2a40b815..b05d127f2de 100644 --- a/2007/1xxx/CVE-2007-1885.json +++ b/2007/1xxx/CVE-2007-1885.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1885", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably the same issue as CVE-2007-0906.6." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1885", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-39-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-39-2007.html" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "HPSBMA02215", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "SSRT071423", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "HPSBTU02232", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SSRT071429", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "23233", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23233" - }, - { - "name" : "ADV-2007-1991", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1991" - }, - { - "name" : "ADV-2007-2374", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2374" - }, - { - "name" : "25423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25423" - }, - { - "name" : "25850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25850" - }, - { - "name" : "php-strreplace-bo(33767)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably the same issue as CVE-2007-0906.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1991", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1991" + }, + { + "name": "23233", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23233" + }, + { + "name": "SSRT071423", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "HPSBTU02232", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "SSRT071429", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "ADV-2007-2374", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2374" + }, + { + "name": "25423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25423" + }, + { + "name": "HPSBMA02215", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "25850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25850" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-39-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-39-2007.html" + }, + { + "name": "php-strreplace-bo(33767)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33767" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4748.json b/2007/4xxx/CVE-2007-4748.json index 6b179224591..f6da69f6f37 100644 --- a/2007/4xxx/CVE-2007-4748.json +++ b/2007/4xxx/CVE-2007-4748.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4748", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4748", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4348", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4348" - }, - { - "name" : "25502", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25502" - }, - { - "name" : "38421", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38421" - }, - { - "name" : "ppstream-powerplayer-bo(36394)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36394" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ppstream-powerplayer-bo(36394)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36394" + }, + { + "name": "38421", + "refsource": "OSVDB", + "url": "http://osvdb.org/38421" + }, + { + "name": "25502", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25502" + }, + { + "name": "4348", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4348" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4806.json b/2007/4xxx/CVE-2007-4806.json index e9bcd3fa9e3..5ad50115635 100644 --- a/2007/4xxx/CVE-2007-4806.json +++ b/2007/4xxx/CVE-2007-4806.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4806", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4806", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4377", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4377" - }, - { - "name" : "20070918 true: Focus/SIS RFI's (both vectors)", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-September/001788.html" - }, - { - "name" : "25603", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25603" - }, - { - "name" : "ADV-2007-3134", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3134" - }, - { - "name" : "36952", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36952" - }, - { - "name" : "26750", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26750" - }, - { - "name" : "focussis-focuspath-file-include(36521)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25603", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25603" + }, + { + "name": "focussis-focuspath-file-include(36521)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36521" + }, + { + "name": "36952", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36952" + }, + { + "name": "20070918 true: Focus/SIS RFI's (both vectors)", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-September/001788.html" + }, + { + "name": "ADV-2007-3134", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3134" + }, + { + "name": "4377", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4377" + }, + { + "name": "26750", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26750" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4827.json b/2007/4xxx/CVE-2007-4827.json index c47c33c72de..ee0b9b3285f 100644 --- a/2007/4xxx/CVE-2007-4827.json +++ b/2007/4xxx/CVE-2007-4827.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4827", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070918 TPTI-07-15: Automated Solutions Modbus TCP Slave ActiveX Control Heap Corruption Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479967/100/0/threaded" - }, - { - "name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-15", - "refsource" : "MISC", - "url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-15" - }, - { - "name" : "http://www.nessus.org/plugins/index.php?view=single&id=26066", - "refsource" : "MISC", - "url" : "http://www.nessus.org/plugins/index.php?view=single&id=26066" - }, - { - "name" : "http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm", - "refsource" : "CONFIRM", - "url" : "http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm" - }, - { - "name" : "VU#981849", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/981849" - }, - { - "name" : "25713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25713" - }, - { - "name" : "38259", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38259" - }, - { - "name" : "1018707", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018707" - }, - { - "name" : "modbus-tcpslave-bo(36677)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36677" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "modbus-tcpslave-bo(36677)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36677" + }, + { + "name": "1018707", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018707" + }, + { + "name": "20070918 TPTI-07-15: Automated Solutions Modbus TCP Slave ActiveX Control Heap Corruption Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479967/100/0/threaded" + }, + { + "name": "38259", + "refsource": "OSVDB", + "url": "http://osvdb.org/38259" + }, + { + "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-15", + "refsource": "MISC", + "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-15" + }, + { + "name": "25713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25713" + }, + { + "name": "http://www.nessus.org/plugins/index.php?view=single&id=26066", + "refsource": "MISC", + "url": "http://www.nessus.org/plugins/index.php?view=single&id=26066" + }, + { + "name": "VU#981849", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/981849" + }, + { + "name": "http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm", + "refsource": "CONFIRM", + "url": "http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5821.json b/2007/5xxx/CVE-2007-5821.json index 128d8efee2f..abcbba61ae5 100644 --- a/2007/5xxx/CVE-2007-5821.json +++ b/2007/5xxx/CVE-2007-5821.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5821", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_new.php; or (2) the lngdefault parameter to auto/ch_lng.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5821", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4597", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4597" - }, - { - "name" : "26300", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26300" - }, - { - "name" : "ADV-2007-3747", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3747" - }, - { - "name" : "39064", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39064" - }, - { - "name" : "39065", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39065" - }, - { - "name" : "39066", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39066" - }, - { - "name" : "39067", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39067" - }, - { - "name" : "dmguestbook-lngdefault-file-include(38219)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_new.php; or (2) the lngdefault parameter to auto/ch_lng.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39066", + "refsource": "OSVDB", + "url": "http://osvdb.org/39066" + }, + { + "name": "26300", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26300" + }, + { + "name": "39067", + "refsource": "OSVDB", + "url": "http://osvdb.org/39067" + }, + { + "name": "39065", + "refsource": "OSVDB", + "url": "http://osvdb.org/39065" + }, + { + "name": "4597", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4597" + }, + { + "name": "dmguestbook-lngdefault-file-include(38219)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38219" + }, + { + "name": "39064", + "refsource": "OSVDB", + "url": "http://osvdb.org/39064" + }, + { + "name": "ADV-2007-3747", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3747" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5959.json b/2007/5xxx/CVE-2007-5959.json index 157d01eee60..e4d2ec38127 100644 --- a/2007/5xxx/CVE-2007-5959.json +++ b/2007/5xxx/CVE-2007-5959.json @@ -1,347 +1,347 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080212 FLEA-2008-0001-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488002/100/0/threaded" - }, - { - "name" : "20080229 rPSA-2008-0093-1 thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488971/100/0/threaded" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=198965", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=198965" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=200909", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=200909" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-38.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-38.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1984", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1984" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260" - }, - { - "name" : "http://browser.netscape.com/releasenotes/", - "refsource" : "CONFIRM", - "url" : "http://browser.netscape.com/releasenotes/" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0093", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0093" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1995", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1995" - }, - { - "name" : "DSA-1424", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1424" - }, - { - "name" : "DSA-1425", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1425" - }, - { - "name" : "FEDORA-2007-3952", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg01011.html" - }, - { - "name" : "FEDORA-2007-4098", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00168.html" - }, - { - "name" : "FEDORA-2007-4106", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00135.html" - }, - { - "name" : "FEDORA-2007-756", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00115.html" - }, - { - "name" : "GLSA-200712-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-21.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:246", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:246" - }, - { - "name" : "RHSA-2007:1082", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1082.html" - }, - { - "name" : "RHSA-2007:1084", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1084.html" - }, - { - "name" : "RHSA-2007:1083", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1083.html" - }, - { - "name" : "SSA:2007-331-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374833" - }, - { - "name" : "SSA:2007-333-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.365006" - }, - { - "name" : "231441", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1" - }, - { - "name" : "1018977", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1" - }, - { - "name" : "SUSE-SA:2007:066", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html" - }, - { - "name" : "USN-546-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/546-1/" - }, - { - "name" : "USN-546-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-546-2" - }, - { - "name" : "26593", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26593" - }, - { - "name" : "oval:org.mitre.oval:def:11014", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11014" - }, - { - "name" : "ADV-2007-4002", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4002" - }, - { - "name" : "ADV-2007-4018", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4018" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "ADV-2008-0643", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0643" - }, - { - "name" : "1018994", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018994" - }, - { - "name" : "27725", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27725" - }, - { - "name" : "27793", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27793" - }, - { - "name" : "27796", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27796" - }, - { - "name" : "27797", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27797" - }, - { - "name" : "27816", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27816" - }, - { - "name" : "27944", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27944" - }, - { - "name" : "27957", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27957" - }, - { - "name" : "28001", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28001" - }, - { - "name" : "28016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28016" - }, - { - "name" : "27955", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27955" - }, - { - "name" : "28171", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28171" - }, - { - "name" : "28277", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28277" - }, - { - "name" : "27800", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27800" - }, - { - "name" : "27838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27838" - }, - { - "name" : "27845", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27845" - }, - { - "name" : "28398", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28398" - }, - { - "name" : "27855", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27855" - }, - { - "name" : "27979", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27979" - }, - { - "name" : "29164", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29164" - }, - { - "name" : "mozilla-multiple-memcorrupt-code-execution(38643)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38643" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27816", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27816" + }, + { + "name": "mozilla-multiple-memcorrupt-code-execution(38643)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38643" + }, + { + "name": "http://browser.netscape.com/releasenotes/", + "refsource": "CONFIRM", + "url": "http://browser.netscape.com/releasenotes/" + }, + { + "name": "27855", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27855" + }, + { + "name": "DSA-1424", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1424" + }, + { + "name": "SUSE-SA:2007:066", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html" + }, + { + "name": "GLSA-200712-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-21.xml" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1995", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1995" + }, + { + "name": "28277", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28277" + }, + { + "name": "27845", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27845" + }, + { + "name": "RHSA-2007:1083", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1083.html" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=200909", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=200909" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-38.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-38.html" + }, + { + "name": "ADV-2008-0643", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0643" + }, + { + "name": "FEDORA-2007-3952", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg01011.html" + }, + { + "name": "RHSA-2007:1082", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1082.html" + }, + { + "name": "SSA:2007-331-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374833" + }, + { + "name": "28016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28016" + }, + { + "name": "FEDORA-2007-4098", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00168.html" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "MDKSA-2007:246", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:246" + }, + { + "name": "USN-546-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/546-1/" + }, + { + "name": "ADV-2007-4018", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4018" + }, + { + "name": "20080229 rPSA-2008-0093-1 thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488971/100/0/threaded" + }, + { + "name": "27838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27838" + }, + { + "name": "FEDORA-2007-4106", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00135.html" + }, + { + "name": "20080212 FLEA-2008-0001-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488002/100/0/threaded" + }, + { + "name": "ADV-2007-4002", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4002" + }, + { + "name": "1018977", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1" + }, + { + "name": "27793", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27793" + }, + { + "name": "oval:org.mitre.oval:def:11014", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11014" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=198965", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=198965" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "27955", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27955" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0093", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0093" + }, + { + "name": "1018994", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018994" + }, + { + "name": "USN-546-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-546-2" + }, + { + "name": "FEDORA-2007-756", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00115.html" + }, + { + "name": "231441", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1" + }, + { + "name": "27957", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27957" + }, + { + "name": "28398", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28398" + }, + { + "name": "29164", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29164" + }, + { + "name": "28001", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28001" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "27796", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27796" + }, + { + "name": "26593", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26593" + }, + { + "name": "SSA:2007-333-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.365006" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1984", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1984" + }, + { + "name": "27797", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27797" + }, + { + "name": "27979", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27979" + }, + { + "name": "28171", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28171" + }, + { + "name": "27800", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27800" + }, + { + "name": "RHSA-2007:1084", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1084.html" + }, + { + "name": "DSA-1425", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1425" + }, + { + "name": "27944", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27944" + }, + { + "name": "27725", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27725" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2099.json b/2015/2xxx/CVE-2015-2099.json index 47d2774dafd..b34041e5bf2 100644 --- a/2015/2xxx/CVE-2015-2099.json +++ b/2015/2xxx/CVE-2015-2099.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2099", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2099", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2375.json b/2015/2xxx/CVE-2015-2375.json index 92380752f72..ae829ab9271 100644 --- a/2015/2xxx/CVE-2015-2375.json +++ b/2015/2xxx/CVE-2015-2375.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka \"Microsoft Excel ASLR Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-070", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070" - }, - { - "name" : "1032899", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka \"Microsoft Excel ASLR Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032899", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032899" + }, + { + "name": "MS15-070", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3351.json b/2015/3xxx/CVE-2015-3351.json index 3b37a85b1c4..795cb0860aa 100644 --- a/2015/3xxx/CVE-2015-3351.json +++ b/2015/3xxx/CVE-2015-3351.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3351", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3351", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2403463", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2403463" - }, - { - "name" : "https://www.drupal.org/node/2402767", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2402767" - }, - { - "name" : "71957", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71957" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2403463", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2403463" + }, + { + "name": "71957", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71957" + }, + { + "name": "https://www.drupal.org/node/2402767", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2402767" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3707.json b/2015/3xxx/CVE-2015-3707.json index a57fad0253f..8c0725e625f 100644 --- a/2015/3xxx/CVE-2015-3707.json +++ b/2015/3xxx/CVE-2015-3707.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3707", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3707", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3861.json b/2015/3xxx/CVE-2015-3861.json index 528551459ad..3ec68744840 100644 --- a/2015/3xxx/CVE-2015-3861.json +++ b/2015/3xxx/CVE-2015-3861.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allow remote attackers to cause a denial of service (device inoperability) via crafted Matroska data, aka internal bug 21296336." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20150909 Nexus Security Bulletin (September 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/304ef91624e12661e7e35c2c0c235da84a73e9c0", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/304ef91624e12661e7e35c2c0c235da84a73e9c0" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allow remote attackers to cause a denial of service (device inoperability) via crafted Matroska data, aka internal bug 21296336." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20150909 Nexus Security Bulletin (September 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/304ef91624e12661e7e35c2c0c235da84a73e9c0", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/304ef91624e12661e7e35c2c0c235da84a73e9c0" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6180.json b/2015/6xxx/CVE-2015-6180.json index 964c60d00f0..3f333777c11 100644 --- a/2015/6xxx/CVE-2015-6180.json +++ b/2015/6xxx/CVE-2015-6180.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6180", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6180", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6575.json b/2015/6xxx/CVE-2015-6575.json index 66522226f8b..d6d4488375e 100644 --- a/2015/6xxx/CVE-2015-6575.json +++ b/2015/6xxx/CVE-2015-6575.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6575", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted atoms in MP4 data, aka internal bug 20139950, a different vulnerability than CVE-2015-1538. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-7915, CVE-2014-7916, and/or CVE-2014-7917." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6575", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/cf1581c66c2ad8c5b1aaca2e43e350cf5974f46d", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/cf1581c66c2ad8c5b1aaca2e43e350cf5974f46d" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted atoms in MP4 data, aka internal bug 20139950, a different vulnerability than CVE-2015-1538. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-7915, CVE-2014-7916, and/or CVE-2014-7917." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/cf1581c66c2ad8c5b1aaca2e43e350cf5974f46d", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/cf1581c66c2ad8c5b1aaca2e43e350cf5974f46d" + }, + { + "name": "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6637.json b/2015/6xxx/CVE-2015-6637.json index a6ba9713d5a..56c26319172 100644 --- a/2015/6xxx/CVE-2015-6637.json +++ b/2015/6xxx/CVE-2015-6637.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6637", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6637", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-01-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-01-01.html" - }, - { - "name" : "1034592", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034592" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034592", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034592" + }, + { + "name": "http://source.android.com/security/bulletin/2016-01-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-01-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6702.json b/2015/6xxx/CVE-2015-6702.json index e9b29d59145..030c287eab6 100644 --- a/2015/6xxx/CVE-2015-6702.json +++ b/2015/6xxx/CVE-2015-6702.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6703, and CVE-2015-6704." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-480", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-480" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6703, and CVE-2015-6704." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-480", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-480" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6776.json b/2015/6xxx/CVE-2015-6776.json index eaa44c5eb35..8a04598873f 100644 --- a/2015/6xxx/CVE-2015-6776.json +++ b/2015/6xxx/CVE-2015-6776.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6776", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6776", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=457480", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=457480" - }, - { - "name" : "https://codereview.chromium.org/1416783002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1416783002" - }, - { - "name" : "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/0003-dwt-decode.patch", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/0003-dwt-decode.patch" - }, - { - "name" : "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/README.pdfium", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/README.pdfium" - }, - { - "name" : "DSA-3415", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3415" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "openSUSE-SU-2015:2290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:2291", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" - }, - { - "name" : "78416", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78416" - }, - { - "name" : "1034298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/0003-dwt-decode.patch", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/0003-dwt-decode.patch" + }, + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" + }, + { + "name": "https://codereview.chromium.org/1416783002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1416783002" + }, + { + "name": "openSUSE-SU-2015:2290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=457480", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=457480" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "78416", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78416" + }, + { + "name": "DSA-3415", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3415" + }, + { + "name": "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/README.pdfium", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/README.pdfium" + }, + { + "name": "openSUSE-SU-2015:2291", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" + }, + { + "name": "1034298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034298" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7217.json b/2015/7xxx/CVE-2015-7217.json index af8655e0ddf..af8471b81d0 100644 --- a/2015/7xxx/CVE-2015-7217.json +++ b/2015/7xxx/CVE-2015-7217.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-143.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-143.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1203078", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1203078" - }, - { - "name" : "FEDORA-2015-51b1105902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" - }, - { - "name" : "FEDORA-2015-7ab3d3afcf", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2016:0307", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0308", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:2353", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" - }, - { - "name" : "USN-2833-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2833-1" - }, - { - "name" : "79278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79278" - }, - { - "name" : "1034426", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "openSUSE-SU-2015:2353", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" + }, + { + "name": "openSUSE-SU-2016:0308", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" + }, + { + "name": "FEDORA-2015-7ab3d3afcf", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" + }, + { + "name": "USN-2833-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2833-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1203078", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1203078" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-143.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-143.html" + }, + { + "name": "79278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79278" + }, + { + "name": "openSUSE-SU-2016:0307", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" + }, + { + "name": "FEDORA-2015-51b1105902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" + }, + { + "name": "1034426", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034426" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7227.json b/2015/7xxx/CVE-2015-7227.json index 10365c3c15c..fa8f05970a4 100644 --- a/2015/7xxx/CVE-2015-7227.json +++ b/2015/7xxx/CVE-2015-7227.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7227", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7227", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2561971", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2561971" - }, - { - "name" : "https://www.drupal.org/node/2561981", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2561981" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2561971", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2561971" + }, + { + "name": "https://www.drupal.org/node/2561981", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2561981" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7599.json b/2015/7xxx/CVE-2015-7599.json index af68640fb77..c306bef447a 100644 --- a/2015/7xxx/CVE-2015-7599.json +++ b/2015/7xxx/CVE-2015-7599.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7599", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7599", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", - "refsource" : "MISC", - "url" : "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf" - }, - { - "name" : "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", - "refsource" : "CONFIRM", - "url" : "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html" - }, - { - "name" : "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", - "refsource" : "CONFIRM", - "url" : "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20151029-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20151029-0001/" - }, - { - "name" : "79205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79205" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.netapp.com/advisory/ntap-20151029-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20151029-0001/" + }, + { + "name": "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", + "refsource": "MISC", + "url": "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf" + }, + { + "name": "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", + "refsource": "CONFIRM", + "url": "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html" + }, + { + "name": "79205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79205" + }, + { + "name": "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", + "refsource": "CONFIRM", + "url": "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7784.json b/2015/7xxx/CVE-2015-7784.json index af3f490e24e..e68010170aa 100644 --- a/2015/7xxx/CVE-2015-7784.json +++ b/2015/7xxx/CVE-2015-7784.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7784", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2) BbAdminViewsControl plugin before 2.1 for EC-CUBE allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7784", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ec-cube.net/products/detail.php?product_id=288", - "refsource" : "CONFIRM", - "url" : "http://www.ec-cube.net/products/detail.php?product_id=288" - }, - { - "name" : "http://www.ec-cube.net/products/detail.php?product_id=781", - "refsource" : "CONFIRM", - "url" : "http://www.ec-cube.net/products/detail.php?product_id=781" - }, - { - "name" : "JVN#55545372", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN55545372/index.html" - }, - { - "name" : "JVNDB-2015-000190", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000190" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2) BbAdminViewsControl plugin before 2.1 for EC-CUBE allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ec-cube.net/products/detail.php?product_id=288", + "refsource": "CONFIRM", + "url": "http://www.ec-cube.net/products/detail.php?product_id=288" + }, + { + "name": "http://www.ec-cube.net/products/detail.php?product_id=781", + "refsource": "CONFIRM", + "url": "http://www.ec-cube.net/products/detail.php?product_id=781" + }, + { + "name": "JVNDB-2015-000190", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000190" + }, + { + "name": "JVN#55545372", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN55545372/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0442.json b/2016/0xxx/CVE-2016-0442.json index 0eb25e205d5..20a4576ff65 100644 --- a/2016/0xxx/CVE-2016-0442.json +++ b/2016/0xxx/CVE-2016-0442.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034734", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034734", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034734" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0633.json b/2016/0xxx/CVE-2016-0633.json index b50cfc3c877..6922676116c 100644 --- a/2016/0xxx/CVE-2016-0633.json +++ b/2016/0xxx/CVE-2016-0633.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0633", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0633", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0723.json b/2016/0xxx/CVE-2016-0723.json index e03455746d9..ecc200a4aa0 100644 --- a/2016/0xxx/CVE-2016-0723.json +++ b/2016/0xxx/CVE-2016-0723.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1296253", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1296253" - }, - { - "name" : "https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2016-0723", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2016-0723" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-07-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-07-01.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" - }, - { - "name" : "DSA-3503", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3503" - }, - { - "name" : "DSA-3448", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3448" - }, - { - "name" : "FEDORA-2016-2f25d12c51", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html" - }, - { - "name" : "FEDORA-2016-5d43766e33", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html" - }, - { - "name" : "SUSE-SU-2016:1764", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" - }, - { - "name" : "SUSE-SU-2016:2074", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" - }, - { - "name" : "openSUSE-SU-2016:1008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" - }, - { - "name" : "SUSE-SU-2016:0911", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html" - }, - { - "name" : "SUSE-SU-2016:1102", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html" - }, - { - "name" : "USN-2967-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2967-1" - }, - { - "name" : "USN-2967-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2967-2" - }, - { - "name" : "USN-2929-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2929-1" - }, - { - "name" : "USN-2929-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2929-2" - }, - { - "name" : "USN-2930-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2930-1" - }, - { - "name" : "USN-2930-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2930-2" - }, - { - "name" : "USN-2930-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2930-3" - }, - { - "name" : "USN-2932-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2932-1" - }, - { - "name" : "USN-2948-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2948-1" - }, - { - "name" : "USN-2948-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2948-2" - }, - { - "name" : "82950", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82950" - }, - { - "name" : "1035695", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security-tracker.debian.org/tracker/CVE-2016-0723", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2016-0723" + }, + { + "name": "USN-2930-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2930-1" + }, + { + "name": "USN-2967-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2967-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1296253", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296253" + }, + { + "name": "USN-2930-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2930-2" + }, + { + "name": "DSA-3503", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3503" + }, + { + "name": "USN-2967-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2967-2" + }, + { + "name": "SUSE-SU-2016:1764", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439" + }, + { + "name": "USN-2930-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2930-3" + }, + { + "name": "SUSE-SU-2016:1102", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html" + }, + { + "name": "http://source.android.com/security/bulletin/2016-07-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-07-01.html" + }, + { + "name": "USN-2929-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2929-1" + }, + { + "name": "USN-2932-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2932-1" + }, + { + "name": "82950", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82950" + }, + { + "name": "FEDORA-2016-5d43766e33", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html" + }, + { + "name": "SUSE-SU-2016:2074", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" + }, + { + "name": "1035695", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035695" + }, + { + "name": "USN-2948-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2948-1" + }, + { + "name": "DSA-3448", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3448" + }, + { + "name": "openSUSE-SU-2016:1008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" + }, + { + "name": "USN-2929-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2929-2" + }, + { + "name": "https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439" + }, + { + "name": "USN-2948-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2948-2" + }, + { + "name": "FEDORA-2016-2f25d12c51", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html" + }, + { + "name": "SUSE-SU-2016:0911", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000363.json b/2016/1000xxx/CVE-2016-1000363.json index d9125b7ceda..3698377f119 100644 --- a/2016/1000xxx/CVE-2016-1000363.json +++ b/2016/1000xxx/CVE-2016-1000363.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000363", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9850. Reason: This candidate is a reservation duplicate of CVE-2016-9850. Notes: All CVE users should reference CVE-2016-9850 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1000363", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9850. Reason: This candidate is a reservation duplicate of CVE-2016-9850. Notes: All CVE users should reference CVE-2016-9850 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1330.json b/2016/1xxx/CVE-2016-1330.json index 824bcfd46b9..f9304e1b2e2 100644 --- a/2016/1xxx/CVE-2016-1330.json +++ b/2016/1xxx/CVE-2016-1330.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160215 Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000" - }, - { - "name" : "1035013", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035013" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035013", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035013" + }, + { + "name": "20160215 Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1903.json b/2016/1xxx/CVE-2016-1903.json index 50ea8bef4fd..7c62f042374 100644 --- a/2016/1xxx/CVE-2016-1903.json +++ b/2016/1xxx/CVE-2016-1903.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1903", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1903", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160115 [CVE Request] Multiple PHP issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/14/8" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php" - }, - { - "name" : "http://www.php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70976", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70976" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "SSA:2016-034-04", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720" - }, - { - "name" : "openSUSE-SU-2016:0366", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html" - }, - { - "name" : "openSUSE-SU-2016:0251", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" - }, - { - "name" : "USN-2952-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2952-1" - }, - { - "name" : "USN-2952-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2952-2" - }, - { - "name" : "79916", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79916" - }, - { - "name" : "1034608", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034608" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2952-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2952-1" + }, + { + "name": "79916", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79916" + }, + { + "name": "http://www.php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-7.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=70976", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70976" + }, + { + "name": "openSUSE-SU-2016:0251", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "USN-2952-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2952-2" + }, + { + "name": "SSA:2016-034-04", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720" + }, + { + "name": "[oss-security] 20160115 [CVE Request] Multiple PHP issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/8" + }, + { + "name": "http://www.php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" + }, + { + "name": "openSUSE-SU-2016:0366", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html" + }, + { + "name": "1034608", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034608" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1904.json b/2016/1xxx/CVE-2016-1904.json index 804b63d1a10..37e9d21f135 100644 --- a/2016/1xxx/CVE-2016-1904.json +++ b/2016/1xxx/CVE-2016-1904.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160115 [CVE Request] Multiple PHP issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/14/8" - }, - { - "name" : "http://www.php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=71270", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=71270" - }, - { - "name" : "https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b", - "refsource" : "CONFIRM", - "url" : "https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b" - }, - { - "name" : "1034608", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034608" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-7.php" + }, + { + "name": "https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b", + "refsource": "CONFIRM", + "url": "https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b" + }, + { + "name": "[oss-security] 20160115 [CVE Request] Multiple PHP issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/8" + }, + { + "name": "https://bugs.php.net/bug.php?id=71270", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=71270" + }, + { + "name": "1034608", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034608" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1922.json b/2016/1xxx/CVE-2016-1922.json index f02365ce6e1..2a3aeac76f6 100644 --- a/2016/1xxx/CVE-2016-1922.json +++ b/2016/1xxx/CVE-2016-1922.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-1922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160116 CVE request Qemu: i386: null pointer dereference in vapic_write", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/16/1" - }, - { - "name" : "[oss-security] 20160116 Re: CVE request Qemu: i386: null pointer dereference in vapic_write", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/16/6" - }, - { - "name" : "[qemu-devel] 20160115 [PULL] i386: avoid null pointer dereference", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg02812.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283934", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283934" - }, - { - "name" : "DSA-3469", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3469" - }, - { - "name" : "DSA-3470", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3470" - }, - { - "name" : "DSA-3471", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3471" - }, - { - "name" : "GLSA-201604-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-01" - }, - { - "name" : "81058", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160116 CVE request Qemu: i386: null pointer dereference in vapic_write", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/16/1" + }, + { + "name": "GLSA-201604-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-01" + }, + { + "name": "[oss-security] 20160116 Re: CVE request Qemu: i386: null pointer dereference in vapic_write", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/16/6" + }, + { + "name": "DSA-3469", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3469" + }, + { + "name": "DSA-3470", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3470" + }, + { + "name": "DSA-3471", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3471" + }, + { + "name": "[qemu-devel] 20160115 [PULL] i386: avoid null pointer dereference", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg02812.html" + }, + { + "name": "81058", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81058" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283934", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283934" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4409.json b/2016/4xxx/CVE-2016-4409.json index 0c41c1d1d00..ea9a12cf0ba 100644 --- a/2016/4xxx/CVE-2016-4409.json +++ b/2016/4xxx/CVE-2016-4409.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4409", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4409", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4469.json b/2016/4xxx/CVE-2016-4469.json index f063dc6fb61..458a5c5940e 100644 --- a/2016/4xxx/CVE-2016-4469.json +++ b/2016/4xxx/CVE-2016-4469.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4469", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538877/100/0/threaded" - }, - { - "name" : "40109", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40109/" - }, - { - "name" : "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jul/37" - }, - { - "name" : "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html" - }, - { - "name" : "91703", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91703" - }, - { - "name" : "1036475", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036475" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html" + }, + { + "name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jul/37" + }, + { + "name": "1036475", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036475" + }, + { + "name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded" + }, + { + "name": "91703", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91703" + }, + { + "name": "40109", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40109/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4911.json b/2016/4xxx/CVE-2016-4911.json index 7d36372ab6a..2b5348ba3b6 100644 --- a/2016/4xxx/CVE-2016-4911.json +++ b/2016/4xxx/CVE-2016-4911.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4911", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x before 9.0.1 (mitaka) allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4911", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160517 CVE request for vulnerability in OpenStack Keystone", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/17/10" - }, - { - "name" : "[oss-security] 20160517 Re: CVE request for vulnerability in OpenStack Keystone", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/17/11" - }, - { - "name" : "https://bugs.launchpad.net/keystone/+bug/1577558", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/keystone/+bug/1577558" - }, - { - "name" : "https://review.openstack.org/#/c/311886/", - "refsource" : "CONFIRM", - "url" : "https://review.openstack.org/#/c/311886/" - }, - { - "name" : "https://security.openstack.org/ossa/OSSA-2016-008.html", - "refsource" : "CONFIRM", - "url" : "https://security.openstack.org/ossa/OSSA-2016-008.html" - }, - { - "name" : "90728", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90728" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x before 9.0.1 (mitaka) allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.launchpad.net/keystone/+bug/1577558", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/keystone/+bug/1577558" + }, + { + "name": "[oss-security] 20160517 CVE request for vulnerability in OpenStack Keystone", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/17/10" + }, + { + "name": "90728", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90728" + }, + { + "name": "https://security.openstack.org/ossa/OSSA-2016-008.html", + "refsource": "CONFIRM", + "url": "https://security.openstack.org/ossa/OSSA-2016-008.html" + }, + { + "name": "https://review.openstack.org/#/c/311886/", + "refsource": "CONFIRM", + "url": "https://review.openstack.org/#/c/311886/" + }, + { + "name": "[oss-security] 20160517 Re: CVE request for vulnerability in OpenStack Keystone", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/17/11" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4990.json b/2016/4xxx/CVE-2016-4990.json index 16d977e779f..437769c3da1 100644 --- a/2016/4xxx/CVE-2016-4990.json +++ b/2016/4xxx/CVE-2016-4990.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4990", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-4990", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5033.json b/2016/5xxx/CVE-2016-5033.json index 2f636464c7b..3593991a162 100644 --- a/2016/5xxx/CVE-2016-5033.json +++ b/2016/5xxx/CVE-2016-5033.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5033", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The print_exprloc_content function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5033", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/24/1" - }, - { - "name" : "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/25/1" - }, - { - "name" : "https://www.prevanders.net/dwarfbug.html", - "refsource" : "CONFIRM", - "url" : "https://www.prevanders.net/dwarfbug.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The print_exprloc_content function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.prevanders.net/dwarfbug.html", + "refsource": "CONFIRM", + "url": "https://www.prevanders.net/dwarfbug.html" + }, + { + "name": "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/24/1" + }, + { + "name": "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/25/1" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5839.json b/2016/5xxx/CVE-2016-5839.json index 0794f185d79..12af9a0c44f 100644 --- a/2016/5xxx/CVE-2016-5839.json +++ b/2016/5xxx/CVE-2016-5839.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5839", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-5839", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://codex.wordpress.org/Version_4.5.3", - "refsource" : "CONFIRM", - "url" : "https://codex.wordpress.org/Version_4.5.3" - }, - { - "name" : "https://wordpress.org/news/2016/06/wordpress-4-5-3/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/news/2016/06/wordpress-4-5-3/" - }, - { - "name" : "DSA-3639", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3639" - }, - { - "name" : "91364", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91364" - }, - { - "name" : "1036163", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036163" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/news/2016/06/wordpress-4-5-3/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/news/2016/06/wordpress-4-5-3/" + }, + { + "name": "https://codex.wordpress.org/Version_4.5.3", + "refsource": "CONFIRM", + "url": "https://codex.wordpress.org/Version_4.5.3" + }, + { + "name": "1036163", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036163" + }, + { + "name": "91364", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91364" + }, + { + "name": "DSA-3639", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3639" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0114.json b/2019/0xxx/CVE-2019-0114.json index bc49b4b71af..70c19f6f76a 100644 --- a/2019/0xxx/CVE-2019-0114.json +++ b/2019/0xxx/CVE-2019-0114.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0114", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0114", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0653.json b/2019/0xxx/CVE-2019-0653.json index 27a33a6299f..0866788568e 100644 --- a/2019/0xxx/CVE-2019-0653.json +++ b/2019/0xxx/CVE-2019-0653.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0653", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0653", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0803.json b/2019/0xxx/CVE-2019-0803.json index e8e54f89ca3..f493c3b97a3 100644 --- a/2019/0xxx/CVE-2019-0803.json +++ b/2019/0xxx/CVE-2019-0803.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0803", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0803", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0826.json b/2019/0xxx/CVE-2019-0826.json index b3981df1117..c484b33c499 100644 --- a/2019/0xxx/CVE-2019-0826.json +++ b/2019/0xxx/CVE-2019-0826.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0826", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0826", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1669.json b/2019/1xxx/CVE-2019-1669.json index d9c41dc1fe5..17f3db1a874 100644 --- a/2019/1xxx/CVE-2019-1669.json +++ b/2019/1xxx/CVE-2019-1669.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2019-01-23T14:00:00-0800", - "ID" : "CVE-2019-1669", - "STATE" : "PUBLIC", - "TITLE" : "Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Firepower Threat Defense Software ", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "8.6", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-693" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2019-01-23T14:00:00-0800", + "ID": "CVE-2019-1669", + "STATE": "PUBLIC", + "TITLE": "Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Threat Defense Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20190123 Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass" - }, - { - "name" : "106721", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106721" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20190123-firepowertds-bypass", - "defect" : [ - [ - "CSCvo02577" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allow the attacker to exhaust system memory resources used for traffic inspection. Depending on the configuration, the FTD Software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This vulnerability may require manual intervention to restore the software." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "8.6", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-693" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20190123 Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass" + }, + { + "name": "106721", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106721" + } + ] + }, + "source": { + "advisory": "cisco-sa-20190123-firepowertds-bypass", + "defect": [ + [ + "CSCvo02577" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3044.json b/2019/3xxx/CVE-2019-3044.json index 6caa6de1ed2..2ea238d7980 100644 --- a/2019/3xxx/CVE-2019-3044.json +++ b/2019/3xxx/CVE-2019-3044.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3044", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3044", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3188.json b/2019/3xxx/CVE-2019-3188.json index f8e6bb06bed..eca00ff84f4 100644 --- a/2019/3xxx/CVE-2019-3188.json +++ b/2019/3xxx/CVE-2019-3188.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3188", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3188", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3325.json b/2019/3xxx/CVE-2019-3325.json index 8cb3b3704a4..c67704dce96 100644 --- a/2019/3xxx/CVE-2019-3325.json +++ b/2019/3xxx/CVE-2019-3325.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3325", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3325", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3507.json b/2019/3xxx/CVE-2019-3507.json index e508f4a79a0..102e55e42f9 100644 --- a/2019/3xxx/CVE-2019-3507.json +++ b/2019/3xxx/CVE-2019-3507.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3507", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3507", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3840.json b/2019/3xxx/CVE-2019-3840.json index 1e4149e9ea8..9afcc8782e2 100644 --- a/2019/3xxx/CVE-2019-3840.json +++ b/2019/3xxx/CVE-2019-3840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4731.json b/2019/4xxx/CVE-2019-4731.json index bf48112f506..ceb3cd4f909 100644 --- a/2019/4xxx/CVE-2019-4731.json +++ b/2019/4xxx/CVE-2019-4731.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4731", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4731", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4847.json b/2019/4xxx/CVE-2019-4847.json index 4f3e01ab757..4db7a88d140 100644 --- a/2019/4xxx/CVE-2019-4847.json +++ b/2019/4xxx/CVE-2019-4847.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4847", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4847", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4924.json b/2019/4xxx/CVE-2019-4924.json index a1aa12d5a62..da55fb25dda 100644 --- a/2019/4xxx/CVE-2019-4924.json +++ b/2019/4xxx/CVE-2019-4924.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4924", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4924", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4957.json b/2019/4xxx/CVE-2019-4957.json index 6fd9a0a41da..d12db9f97b9 100644 --- a/2019/4xxx/CVE-2019-4957.json +++ b/2019/4xxx/CVE-2019-4957.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4957", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4957", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7452.json b/2019/7xxx/CVE-2019-7452.json index abf4970ba79..e85c57b8e9e 100644 --- a/2019/7xxx/CVE-2019-7452.json +++ b/2019/7xxx/CVE-2019-7452.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7452", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7452", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7859.json b/2019/7xxx/CVE-2019-7859.json index b6e2a0d9912..9f6c41fa4b8 100644 --- a/2019/7xxx/CVE-2019-7859.json +++ b/2019/7xxx/CVE-2019-7859.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7859", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7859", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8249.json b/2019/8xxx/CVE-2019-8249.json index 7486941d054..0e17fa09c61 100644 --- a/2019/8xxx/CVE-2019-8249.json +++ b/2019/8xxx/CVE-2019-8249.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8249", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8249", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8877.json b/2019/8xxx/CVE-2019-8877.json index 7ee51be2928..6f51e364eb5 100644 --- a/2019/8xxx/CVE-2019-8877.json +++ b/2019/8xxx/CVE-2019-8877.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8877", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8877", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8978.json b/2019/8xxx/CVE-2019-8978.json index 1811a4477f6..2c7590f04ae 100644 --- a/2019/8xxx/CVE-2019-8978.json +++ b/2019/8xxx/CVE-2019-8978.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8978", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8978", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9416.json b/2019/9xxx/CVE-2019-9416.json index 72c976ff59e..4cdb1653789 100644 --- a/2019/9xxx/CVE-2019-9416.json +++ b/2019/9xxx/CVE-2019-9416.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9416", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9416", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9670.json b/2019/9xxx/CVE-2019-9670.json index c122a1e1310..2b388edfb4f 100644 --- a/2019/9xxx/CVE-2019-9670.json +++ b/2019/9xxx/CVE-2019-9670.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9670", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9670", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file