admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:23:37 +00:00
parent a885df2155
commit 68815d30b9
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
64 changed files with 4742 additions and 4742 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2006/0xxx/CVE-2006-0404.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0404",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0404",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Note-A-Day Weblog 2.2 stores sensitive data under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to archive/.phpass-admin, which contains encrypted passwords."
"lang": "eng",
"value": "Note-A-Day Weblog 2.2 stores sensitive data under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to archive/.phpass-admin, which contains encrypted passwords."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060122 [eVuln] Note-A-Day Weblog Sensitive Information Disclosure",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-01/0389.html"
"name": "ADV-2006-0299",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0299"
},
{
"name" : "http://evuln.com/vulns/44/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/44/summary.html"
"name": "20060122 [eVuln] Note-A-Day Weblog Sensitive Information Disclosure",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0389.html"
},
{
"name" : "ADV-2006-0299",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0299"
"name": "371",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/371"
},
{
"name" : "22699",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22699"
"name": "18566",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18566"
},
{
"name" : "1015539",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015539"
"name": "1015539",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015539"
},
{
"name" : "18566",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18566"
"name": "22699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22699"
},
{
"name" : "371",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/371"
"name": "http://evuln.com/vulns/44/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/44/summary.html"
},
{
"name" : "noteaday-archive-information-disclosure(24270)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24270"
"name": "noteaday-archive-information-disclosure(24270)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24270"
}
]
}

92
2006/0xxx/CVE-2006-0581.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0581",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0581",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp."
"lang": "eng",
"value": "SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2006-0460",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0460"
"name": "22982",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22982"
},
{
"name" : "22982",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22982"
"name": "22983",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22983"
},
{
"name" : "22983",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22983"
"name": "hosting-controller-sql-injection(24537)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24537"
},
{
"name" : "1015584",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015584"
"name": "1015584",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015584"
},
{
"name" : "18731",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18731"
"name": "ADV-2006-0460",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0460"
},
{
"name" : "hosting-controller-sql-injection(24537)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24537"
"name": "18731",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18731"
}
]
}

68
2006/0xxx/CVE-2006-0635.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0635",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0635",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the \"i>sizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers."
"lang": "eng",
"value": "Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the \"i>sizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060207 Re: [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/424257/100/0/threaded"
"name": "20060207 Re: [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424257/100/0/threaded"
},
{
"name" : "22956",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22956"
"name": "22956",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22956"
}
]
}

22
2006/0xxx/CVE-2006-0904.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0904",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-0904",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

224
2006/1xxx/CVE-2006-1359.json
View File

@ -1,196 +1,196 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1359",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1359",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer."
"lang": "eng",
"value": "Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060322 IE crash",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428441"
"name": "http://www.computerterrorism.com/research/ct22-03-2006",
"refsource": "MISC",
"url": "http://www.computerterrorism.com/research/ct22-03-2006"
},
{
"name" : "20060322 Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428583/100/0/threaded"
"name": "20060328 EEYE: Temporary workaround for IE createTextRange vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429088/100/0/threaded"
},
{
"name" : "20060328 EEYE: Temporary workaround for IE createTextRange vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/429088/100/0/threaded"
"name": "oval:org.mitre.oval:def:1678",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1678"
},
{
"name" : "20060328 Determina Fix for CVE-2006-1359 (Zero Day MS Internet Explorer Remote \"CreateTextRange()\" Code Execution)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/429124/30/6120/threaded"
"name": "20060328 Determina Fix for CVE-2006-1359 (Zero Day MS Internet Explorer Remote \"CreateTextRange()\" Code Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429124/30/6120/threaded"
},
{
"name" : "20060322 FW: [Full-disclosure] IE crash",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1434.html"
"name": "ADV-2006-1050",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1050"
},
{
"name" : "20060322 IE crash",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1427.html"
"name": "oval:org.mitre.oval:def:985",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A985"
},
{
"name" : "20060322 Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1430.html"
"name": "VU#876678",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/876678"
},
{
"name" : "20060327 Determina Fix for the IE createTextRange() bug",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1662.html"
"name": "24050",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24050"
},
{
"name" : "http://www.computerterrorism.com/research/ct22-03-2006",
"refsource" : "MISC",
"url" : "http://www.computerterrorism.com/research/ct22-03-2006"
"name": "oval:org.mitre.oval:def:1178",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1178"
},
{
"name" : "20060323 Secunia Research: Microsoft Internet Explorer \"createTextRange()\"Code Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428600/100/0/threaded"
"name": "20060322 IE crash",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1427.html"
},
{
"name" : "http://secunia.com/secunia_research/2006-7/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2006-7/advisory/"
"name": "TA06-101A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name" : "http://www.microsoft.com/technet/security/advisory/917077.mspx",
"refsource" : "CONFIRM",
"url" : "http://www.microsoft.com/technet/security/advisory/917077.mspx"
"name": "oval:org.mitre.oval:def:1702",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1702"
},
{
"name" : "MS06-013",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
"name": "18680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18680"
},
{
"name" : "TA06-101A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
"name": "http://secunia.com/secunia_research/2006-7/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-7/advisory/"
},
{
"name" : "VU#876678",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/876678"
"name": "oval:org.mitre.oval:def:1657",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1657"
},
{
"name" : "Q-154",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/q-154.shtml"
"name": "ie-createtextrange-command-execution(25379)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25379"
},
{
"name" : "17196",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17196"
"name": "20060327 Determina Fix for the IE createTextRange() bug",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1662.html"
},
{
"name" : "ADV-2006-1050",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1050"
"name": "1015812",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015812"
},
{
"name" : "ADV-2006-1318",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1318"
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name" : "24050",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24050"
"name": "20060322 IE crash",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428441"
},
{
"name" : "oval:org.mitre.oval:def:1178",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1178"
"name": "20060322 Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1430.html"
},
{
"name" : "oval:org.mitre.oval:def:1657",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1657"
"name": "20060322 FW: [Full-disclosure] IE crash",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1434.html"
},
{
"name" : "oval:org.mitre.oval:def:1678",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1678"
"name": "20060323 Secunia Research: Microsoft Internet Explorer \"createTextRange()\"Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428600/100/0/threaded"
},
{
"name" : "oval:org.mitre.oval:def:1702",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1702"
"name": "http://www.microsoft.com/technet/security/advisory/917077.mspx",
"refsource": "CONFIRM",
"url": "http://www.microsoft.com/technet/security/advisory/917077.mspx"
},
{
"name" : "oval:org.mitre.oval:def:985",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A985"
"name": "17196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17196"
},
{
"name" : "1015812",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015812"
"name": "Q-154",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/q-154.shtml"
},
{
"name" : "18680",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18680"
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name" : "ie-createtextrange-command-execution(25379)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25379"
"name": "20060322 Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428583/100/0/threaded"
}
]
}

22
2006/1xxx/CVE-2006-1521.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1521",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-1521",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

104
2006/1xxx/CVE-2006-1667.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1667",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1667",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to execute arbitrary SQL commands via the limitquery_s parameter when the $projectid variable is less than 1, which prevents the $limitquery_s from being set within slides.php."
"lang": "eng",
"value": "SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to execute arbitrary SQL commands via the limitquery_s parameter when the $projectid variable is less than 1, which prevents the $limitquery_s from being set within slides.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bash-x.net/undef/adv/craftygallery.html",
"refsource" : "MISC",
"url" : "http://bash-x.net/undef/adv/craftygallery.html"
"name": "ADV-2006-1239",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1239"
},
{
"name" : "http://bash-x.net/undef/exploits/crappy_syntax.txt",
"refsource" : "MISC",
"url" : "http://bash-x.net/undef/exploits/crappy_syntax.txt"
"name": "17379",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17379"
},
{
"name" : "1645",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1645"
"name": "24386",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24386"
},
{
"name" : "17379",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17379"
"name": "http://bash-x.net/undef/exploits/crappy_syntax.txt",
"refsource": "MISC",
"url": "http://bash-x.net/undef/exploits/crappy_syntax.txt"
},
{
"name" : "ADV-2006-1239",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1239"
"name": "crafty-slides-sql-injection(25654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25654"
},
{
"name" : "24386",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24386"
"name": "http://bash-x.net/undef/adv/craftygallery.html",
"refsource": "MISC",
"url": "http://bash-x.net/undef/adv/craftygallery.html"
},
{
"name" : "19478",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19478"
"name": "1645",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1645"
},
{
"name" : "crafty-slides-sql-injection(25654)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25654"
"name": "19478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19478"
}
]
}

92
2006/1xxx/CVE-2006-1696.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1696",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1696",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=408602&group_id=7130",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=408602&group_id=7130"
"name": "17437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17437"
},
{
"name" : "17437",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17437"
"name": "24466",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24466"
},
{
"name" : "ADV-2006-1285",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1285"
"name": "gallery-unspecified-xss(25707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25707"
},
{
"name" : "24466",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24466"
"name": "http://sourceforge.net/project/shownotes.php?release_id=408602&group_id=7130",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=408602&group_id=7130"
},
{
"name" : "19580",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19580"
"name": "ADV-2006-1285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1285"
},
{
"name" : "gallery-unspecified-xss(25707)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25707"
"name": "19580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19580"
}
]
}

110
2006/1xxx/CVE-2006-1786.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1786",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1786",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses this issue."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses this issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060413 Secunia Research: Adobe Document Server for Reader ExtensionsMultiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430869/100/0/threaded"
"name": "20060413 Secunia Research: Adobe Document Server for Reader ExtensionsMultiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430869/100/0/threaded"
},
{
"name" : "http://secunia.com/secunia_research/2005-68/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2005-68/advisory/"
"name": "24589",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24589"
},
{
"name" : "http://www.adobe.com/support/techdocs/322699.html",
"refsource" : "MISC",
"url" : "http://www.adobe.com/support/techdocs/322699.html"
"name": "http://www.adobe.com/support/techdocs/322699.html",
"refsource": "MISC",
"url": "http://www.adobe.com/support/techdocs/322699.html"
},
{
"name" : "17500",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17500"
"name": "24590",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24590"
},
{
"name" : "ADV-2006-1342",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1342"
"name": "15924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15924"
},
{
"name" : "24590",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24590"
"name": "http://secunia.com/secunia_research/2005-68/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-68/advisory/"
},
{
"name" : "24589",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24589"
"name": "ADV-2006-1342",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1342"
},
{
"name" : "15924",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15924"
"name": "17500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17500"
},
{
"name" : "adobe-actionid-op-xss(25771)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25771"
"name": "adobe-actionid-op-xss(25771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25771"
}
]
}

22
2006/4xxx/CVE-2006-4701.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4701",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-4701",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

62
2006/5xxx/CVE-2006-5041.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5041",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5041",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://forum.joomla.org/index.php/topic,79477.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.joomla.org/index.php/topic,79477.0.html"
"name": "http://forum.joomla.org/index.php/topic,79477.0.html",
"refsource": "CONFIRM",
"url": "http://forum.joomla.org/index.php/topic,79477.0.html"
}
]
}

74
2006/5xxx/CVE-2006-5394.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5394",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5394",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of Cisco Secure Desktop (CSD) has an unchecked \"Disable printing\" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session."
"lang": "eng",
"value": "The default configuration of Cisco Secure Desktop (CSD) has an unchecked \"Disable printing\" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061009 Limitations in Cisco Secure Desktop",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080754f34.shtml"
"name": "20061009 Limitations in Cisco Secure Desktop",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080754f34.shtml"
},
{
"name" : "20410",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20410"
"name": "20410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20410"
},
{
"name" : "1017018",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017018"
"name": "1017018",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017018"
}
]
}

80
2006/5xxx/CVE-2006-5669.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5669",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5669",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in gestion/savebackup.php in Gepi 1.4.0 and earlier, and possibly other versions before 1.4.4, allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in gestion/savebackup.php in Gepi 1.4.0 and earlier, and possibly other versions before 1.4.4, allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2692",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2692"
"name": "2692",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2692"
},
{
"name" : "20061102 Source VERIFY and patch for gepi RFI",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-November/001104.html"
"name": "gepi-savebackup-file-include(29921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29921"
},
{
"name" : "20830",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20830"
"name": "20061102 Source VERIFY and patch for gepi RFI",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-November/001104.html"
},
{
"name" : "gepi-savebackup-file-include(29921)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29921"
"name": "20830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20830"
}
]
}

98
2006/5xxx/CVE-2006-5806.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5806",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5806",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not cleared after the VPN connection terminates and allows local users to read unencrypted data."
"lang": "eng",
"value": "SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not cleared after the VPN connection terminates and allows local users to read unencrypted data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061108 Multiple Vulnerabilities in Cisco Secure Desktop",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml"
"name": "1017195",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017195"
},
{
"name" : "20964",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20964"
"name": "cisco-csd-ssl-vpn-information-disclosure(30129)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30129"
},
{
"name" : "ADV-2006-4409",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4409"
"name": "22747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22747"
},
{
"name" : "30306",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/30306"
"name": "30306",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30306"
},
{
"name" : "1017195",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017195"
"name": "20061108 Multiple Vulnerabilities in Cisco Secure Desktop",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml"
},
{
"name" : "22747",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22747"
"name": "ADV-2006-4409",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4409"
},
{
"name" : "cisco-csd-ssl-vpn-information-disclosure(30129)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30129"
"name": "20964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20964"
}
]
}

74
2010/0xxx/CVE-2010-0470.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0470",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0470",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/1001-exploits/comtrend-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1001-exploits/comtrend-xss.txt"
"name": "38309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38309"
},
{
"name" : "38004",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38004"
"name": "38004",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38004"
},
{
"name" : "38309",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38309"
"name": "http://packetstormsecurity.org/1001-exploits/comtrend-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1001-exploits/comtrend-xss.txt"
}
]
}

68
2010/0xxx/CVE-2010-0510.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0510",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-0510",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password."
"lang": "eng",
"value": "Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4077",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4077"
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name" : "APPLE-SA-2010-03-29-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
}
]
}

74
2010/0xxx/CVE-2010-0591.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0591",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0591",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362."
"lang": "eng",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100303 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml"
"name": "1023670",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023670"
},
{
"name" : "38498",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38498"
"name": "20100303 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml"
},
{
"name" : "1023670",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023670"
"name": "38498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38498"
}
]
}

62
2010/0xxx/CVE-2010-0835.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0835",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0835",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}
]
}

278
2010/0xxx/CVE-2010-0847.json
View File

@ -1,241 +1,241 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0847",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0847",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image."
"lang": "eng",
"value": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100330 Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=865"
"name": "APPLE-SA-2010-05-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
"name": "39317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39317"
},
{
"name" : "http://support.apple.com/kb/HT4170",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4170"
"name": "40545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40545"
},
{
"name" : "http://support.apple.com/kb/HT4171",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4171"
"name": "39819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39819"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "ADV-2010-1107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"name": "RHSA-2010:0338",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
"name": "ADV-2010-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name" : "APPLE-SA-2010-05-18-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
"name": "APPLE-SA-2010-05-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name" : "APPLE-SA-2010-05-18-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
"name": "SUSE-SR:2010:011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name" : "HPSBMA02547",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "43308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43308"
},
{
"name" : "SSRT100179",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "39071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39071"
},
{
"name" : "HPSBMU02799",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name" : "HPSBUX02524",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
"name": "SSRT100179",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "SSRT100089",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
"name": "SSRT100089",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
},
{
"name" : "MDVSA-2010:084",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
"name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
},
{
"name" : "RHSA-2010:0337",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
"name": "RHSA-2010:0339",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
},
{
"name" : "RHSA-2010:0338",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
"name": "HPSBUX02524",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
},
{
"name" : "RHSA-2010:0339",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
"name": "39292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39292"
},
{
"name" : "RHSA-2010:0489",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
"name": "http://support.apple.com/kb/HT4170",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4170"
},
{
"name" : "SUSE-SR:2010:008",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
"name": "ADV-2010-1523",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1523"
},
{
"name" : "SUSE-SR:2010:011",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
"name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name" : "SUSE-SR:2010:017",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
"name": "oval:org.mitre.oval:def:14453",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14453"
},
{
"name" : "USN-923-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-923-1"
"name": "20100330 Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=865"
},
{
"name" : "39071",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39071"
"name": "SUSE-SR:2010:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name" : "oval:org.mitre.oval:def:10392",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10392"
"name": "SUSE-SR:2010:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name" : "oval:org.mitre.oval:def:14453",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14453"
"name": "USN-923-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"name" : "39292",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39292"
"name": "oval:org.mitre.oval:def:10392",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10392"
},
{
"name" : "39317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39317"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "39819",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39819"
"name": "RHSA-2010:0337",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name" : "40211",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40211"
"name": "RHSA-2010:0489",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
},
{
"name" : "40545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40545"
"name": "HPSBMA02547",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "43308",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43308"
"name": "40211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40211"
},
{
"name" : "ADV-2010-1107",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1107"
"name": "http://support.apple.com/kb/HT4171",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4171"
},
{
"name" : "ADV-2010-1191",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1191"
"name": "MDVSA-2010:084",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name" : "ADV-2010-1523",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1523"
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "ADV-2010-1793",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1793"
"name": "ADV-2010-1191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1191"
}
]
}

68
2010/2xxx/CVE-2010-2412.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2412",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-2412",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name" : "TA10-287A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
"name": "TA10-287A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
}
]
}

86
2010/3xxx/CVE-2010-3042.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3042",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3042",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044."
"lang": "eng",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name" : "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name" : "46075",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46075"
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name" : "1025016",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1025016"
"name": "1025016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025016"
},
{
"name" : "cisco-arf-bo(65073)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
"name": "cisco-arf-bo(65073)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
}
]
}

68
2010/3xxx/CVE-2010-3576.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3576",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-3576",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name" : "TA10-287A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
"name": "TA10-287A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
}
]
}

22
2010/3xxx/CVE-2010-3675.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3675",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3675",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

170
2010/3xxx/CVE-2010-3695.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3695",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3695",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100927 XSS in Horde IMP <=4.3.7, fetchmailprefs.php",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/513992/100/0/threaded"
"name": "[announce] 20100928 Horde Groupware Webmail Edition 1.2.7 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2010/000568.html"
},
{
"name" : "20100927 XSS in Horde IMP <=4.3.7, fetchmailprefs.php",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html"
"name": "43515",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43515"
},
{
"name" : "[announce] 20100928 Horde Groupware Webmail Edition 1.2.7 (final)",
"refsource" : "MLIST",
"url" : "http://lists.horde.org/archives/announce/2010/000568.html"
"name": "DSA-2204",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2204"
},
{
"name" : "[announce] 20100928 IMP H3 (4.3.8) (final)",
"refsource" : "MLIST",
"url" : "http://lists.horde.org/archives/announce/2010/000558.html"
"name": "http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11",
"refsource": "CONFIRM",
"url": "http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11"
},
{
"name" : "[oss-security] 20100930 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/09/30/8"
"name": "[oss-security] 20101001 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/10/01/6"
},
{
"name" : "[oss-security] 20100930 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/09/30/7"
"name": "http://cvs.horde.org/diff.php/imp/docs/CHANGES?rt=horde&r1=1.699.2.424&r2=1.699.2.430&ty=h",
"refsource": "CONFIRM",
"url": "http://cvs.horde.org/diff.php/imp/docs/CHANGES?rt=horde&r1=1.699.2.424&r2=1.699.2.430&ty=h"
},
{
"name" : "[oss-security] 20101001 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/10/01/6"
"name": "20100927 XSS in Horde IMP <=4.3.7, fetchmailprefs.php",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513992/100/0/threaded"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598584",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598584"
"name": "20100927 XSS in Horde IMP <=4.3.7, fetchmailprefs.php",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html"
},
{
"name" : "http://cvs.horde.org/diff.php/imp/docs/CHANGES?rt=horde&r1=1.699.2.424&r2=1.699.2.430&ty=h",
"refsource" : "CONFIRM",
"url" : "http://cvs.horde.org/diff.php/imp/docs/CHANGES?rt=horde&r1=1.699.2.424&r2=1.699.2.430&ty=h"
"name": "[announce] 20100928 IMP H3 (4.3.8) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2010/000558.html"
},
{
"name" : "http://git.horde.org/diff.php/groupware/docs/webmail/CHANGES?rt=horde&r1=1.35.2.11&r2=1.35.2.13&ty=h",
"refsource" : "CONFIRM",
"url" : "http://git.horde.org/diff.php/groupware/docs/webmail/CHANGES?rt=horde&r1=1.35.2.11&r2=1.35.2.13&ty=h"
"name": "http://git.horde.org/diff.php/groupware/docs/webmail/CHANGES?rt=horde&r1=1.35.2.11&r2=1.35.2.13&ty=h",
"refsource": "CONFIRM",
"url": "http://git.horde.org/diff.php/groupware/docs/webmail/CHANGES?rt=horde&r1=1.35.2.11&r2=1.35.2.13&ty=h"
},
{
"name" : "http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11",
"refsource" : "CONFIRM",
"url" : "http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11"
"name": "ADV-2011-0769",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0769"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=641069",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=641069"
"name": "8170",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8170"
},
{
"name" : "DSA-2204",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2204"
"name": "41627",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41627"
},
{
"name" : "43515",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/43515"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=641069",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=641069"
},
{
"name" : "41627",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41627"
"name": "ADV-2010-2513",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2513"
},
{
"name" : "43896",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43896"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598584",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598584"
},
{
"name" : "8170",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8170"
"name": "[oss-security] 20100930 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/09/30/8"
},
{
"name" : "ADV-2010-2513",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2513"
"name": "[oss-security] 20100930 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/09/30/7"
},
{
"name" : "ADV-2011-0769",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0769"
"name": "43896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43896"
}
]
}

92
2010/3xxx/CVE-2010-3922.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3922",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3922",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html"
"name": "1024833",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024833"
},
{
"name" : "JVN#78536512",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN78536512/index.html"
"name": "JVNDB-2010-000061",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000061.html"
},
{
"name" : "JVNDB-2010-000061",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000061.html"
"name": "ADV-2010-3145",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3145"
},
{
"name" : "1024833",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024833"
"name": "42539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42539"
},
{
"name" : "42539",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42539"
"name": "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html",
"refsource": "CONFIRM",
"url": "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html"
},
{
"name" : "ADV-2010-3145",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3145"
"name": "JVN#78536512",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN78536512/index.html"
}
]
}

80
2010/3xxx/CVE-2010-3954.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3954",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3954",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka \"Microsoft Publisher Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka \"Microsoft Publisher Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-103",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-103"
"name": "oval:org.mitre.oval:def:12381",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12381"
},
{
"name" : "TA10-348A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name": "TA10-348A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
},
{
"name" : "oval:org.mitre.oval:def:12381",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12381"
"name": "MS10-103",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-103"
},
{
"name" : "1024885",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024885"
"name": "1024885",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024885"
}
]
}

116
2010/3xxx/CVE-2010-3972.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3972",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3972",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka \"IIS FTP Service Heap Buffer Overrun Vulnerability.\" NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka \"IIS FTP Service Heap Buffer Overrun Vulnerability.\" NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15803",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15803"
"name": "45542",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45542"
},
{
"name" : "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx",
"refsource" : "MISC",
"url" : "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx"
"name": "MS11-004",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-004"
},
{
"name" : "MS11-004",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-004"
"name": "ms-iis-onsenddata-bo(64248)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64248"
},
{
"name" : "VU#842372",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/842372"
"name": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx",
"refsource": "MISC",
"url": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx"
},
{
"name" : "45542",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45542"
"name": "VU#842372",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/842372"
},
{
"name" : "oval:org.mitre.oval:def:12370",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12370"
"name": "1024921",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024921"
},
{
"name" : "1024921",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024921"
"name": "oval:org.mitre.oval:def:12370",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12370"
},
{
"name" : "42713",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42713"
"name": "ADV-2010-3305",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3305"
},
{
"name" : "ADV-2010-3305",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3305"
"name": "15803",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15803"
},
{
"name" : "ms-iis-onsenddata-bo(64248)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64248"
"name": "42713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42713"
}
]
}

104
2010/4xxx/CVE-2010-4388.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4388",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4388",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allow remote attackers to inject code into the RealOneActiveXObject process, and consequently bypass intended Local Machine Zone restrictions and load arbitrary ActiveX controls, via unspecified vectors."
"lang": "eng",
"value": "The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allow remote attackers to inject code into the RealOneActiveXObject process, and consequently bypass intended Local Machine Zone restrictions and load arbitrary ActiveX controls, via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-276",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-276"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-276",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-276"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-277",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-277"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-278",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-278"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-278",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-278"
"name": "69859",
"refsource": "OSVDB",
"url": "http://osvdb.org/69859"
},
{
"name" : "http://service.real.com/realplayer/security/12102010_player/en/",
"refsource" : "CONFIRM",
"url" : "http://service.real.com/realplayer/security/12102010_player/en/"
"name": "69858",
"refsource": "OSVDB",
"url": "http://osvdb.org/69858"
},
{
"name" : "69857",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69857"
"name": "1024861",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024861"
},
{
"name" : "69858",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69858"
"name": "http://service.real.com/realplayer/security/12102010_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/12102010_player/en/"
},
{
"name" : "69859",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69859"
"name": "69857",
"refsource": "OSVDB",
"url": "http://osvdb.org/69857"
},
{
"name" : "1024861",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024861"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-277",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-277"
}
]
}

80
2010/4xxx/CVE-2010-4615.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4615",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4615",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15777",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15777"
"name": "otogalerisistemi-carsdetail-sql-injection(64210)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64210"
},
{
"name" : "45513",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45513"
"name": "15777",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15777"
},
{
"name" : "42706",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42706"
"name": "45513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45513"
},
{
"name" : "otogalerisistemi-carsdetail-sql-injection(64210)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64210"
"name": "42706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42706"
}
]
}

74
2010/4xxx/CVE-2010-4663.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4663",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4663",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown impact and attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110329 CVE request: cmsmadesimple before 1.9.1",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/29/2"
"name": "[oss-security] 20110330 Re: CVE request: cmsmadesimple before 1.9.1",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/30/9"
},
{
"name" : "[oss-security] 20110330 Re: CVE request: cmsmadesimple before 1.9.1",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/30/9"
"name": "[oss-security] 20110329 CVE request: cmsmadesimple before 1.9.1",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/29/2"
},
{
"name" : "http://forum.cmsmadesimple.org/viewtopic.php?t=49245",
"refsource" : "CONFIRM",
"url" : "http://forum.cmsmadesimple.org/viewtopic.php?t=49245"
"name": "http://forum.cmsmadesimple.org/viewtopic.php?t=49245",
"refsource": "CONFIRM",
"url": "http://forum.cmsmadesimple.org/viewtopic.php?t=49245"
}
]
}

80
2010/4xxx/CVE-2010-4868.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4868",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4868",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20101022 Vulnerabilities in W-Agora",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/514420/100/0/threaded"
"name": "http://packetstormsecurity.org/1010-exploits/wagora-lfixss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1010-exploits/wagora-lfixss.txt"
},
{
"name" : "http://packetstormsecurity.org/1010-exploits/wagora-lfixss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1010-exploits/wagora-lfixss.txt"
"name": "8426",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8426"
},
{
"name" : "44370",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44370"
"name": "20101022 Vulnerabilities in W-Agora",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514420/100/0/threaded"
},
{
"name" : "8426",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8426"
"name": "44370",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44370"
}
]
}

80
2014/0xxx/CVE-2014-0804.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0804",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-0804",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors."
"lang": "eng",
"value": "Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free",
"refsource" : "CONFIRM",
"url" : "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free"
"name": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free",
"refsource": "CONFIRM",
"url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free"
},
{
"name" : "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro",
"refsource" : "CONFIRM",
"url" : "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro"
"name": "JVN#44392991",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44392991/index.html"
},
{
"name" : "JVN#44392991",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN44392991/index.html"
"name": "JVNDB-2014-000003",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000003"
},
{
"name" : "JVNDB-2014-000003",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000003"
"name": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro",
"refsource": "CONFIRM",
"url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro"
}
]
}

104
2014/10xxx/CVE-2014-10023.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-10023",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10023",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "31419",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/31419"
"name": "102834",
"refsource": "OSVDB",
"url": "http://osvdb.org/102834"
},
{
"name" : "http://packetstormsecurity.com/files/125007",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/125007"
"name": "65283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65283"
},
{
"name" : "65283",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65283"
"name": "topicsviewer-id-sql-injection(90918)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90918"
},
{
"name" : "102834",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102834"
"name": "31419",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31419"
},
{
"name" : "102835",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102835"
"name": "102836",
"refsource": "OSVDB",
"url": "http://osvdb.org/102836"
},
{
"name" : "102836",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102836"
"name": "http://packetstormsecurity.com/files/125007",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125007"
},
{
"name" : "102837",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102837"
"name": "102837",
"refsource": "OSVDB",
"url": "http://osvdb.org/102837"
},
{
"name" : "topicsviewer-id-sql-injection(90918)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90918"
"name": "102835",
"refsource": "OSVDB",
"url": "http://osvdb.org/102835"
}
]
}

86
2014/3xxx/CVE-2014-3969.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3969",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3969",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors."
"lang": "eng",
"value": "Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140604 Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/06/04/14"
"name": "1030333",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030333"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-98.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-98.html"
"name": "http://xenbits.xen.org/xsa/advisory-98.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-98.html"
},
{
"name" : "67819",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67819"
"name": "58975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58975"
},
{
"name" : "1030333",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030333"
"name": "67819",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67819"
},
{
"name" : "58975",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58975"
"name": "[oss-security] 20140604 Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/06/04/14"
}
]
}

80
2014/4xxx/CVE-2014-4081.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4081",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4081",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111."
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-052",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
"name": "69584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69584"
},
{
"name" : "69584",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69584"
"name": "1030818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030818"
},
{
"name" : "1030818",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030818"
"name": "MS14-052",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
},
{
"name" : "ms-ie-cve20144081-code-exec(95511)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95511"
"name": "ms-ie-cve20144081-code-exec(95511)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95511"
}
]
}

80
2014/4xxx/CVE-2014-4088.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4088",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4088",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111."
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, CVE-2014-4110, and CVE-2014-4111."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-052",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
"name": "1030818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030818"
},
{
"name" : "69595",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69595"
"name": "ms-ie-cve20144088-code-exec(95518)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95518"
},
{
"name" : "1030818",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030818"
"name": "MS14-052",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
},
{
"name" : "ms-ie-cve20144088-code-exec(95518)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95518"
"name": "69595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69595"
}
]
}

80
2014/4xxx/CVE-2014-4095.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4095",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4095",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4087, CVE-2014-4096, and CVE-2014-4101."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4087, CVE-2014-4096, and CVE-2014-4101."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-052",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
"name": "69604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69604"
},
{
"name" : "69604",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69604"
"name": "1030818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030818"
},
{
"name" : "1030818",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030818"
"name": "MS14-052",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
},
{
"name" : "ms-ie-cve20144095-code-exec(95525)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95525"
"name": "ms-ie-cve20144095-code-exec(95525)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95525"
}
]
}

22
2014/4xxx/CVE-2014-4183.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4183",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4183",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2014/4xxx/CVE-2014-4448.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4448",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-4448",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID."
"lang": "eng",
"value": "House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/kb/HT6541",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6541"
"name": "https://support.apple.com/kb/HT6541",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6541"
},
{
"name" : "APPLE-SA-2014-10-20-1",
"refsource" : "APPLE",
"url" : "http://www.securityfocus.com/archive/1/533747"
"name": "1031077",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031077"
},
{
"name" : "70661",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70661"
"name": "70661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70661"
},
{
"name" : "1031077",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031077"
"name": "appleios-cve20144448-weak-security(97664)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97664"
},
{
"name" : "appleios-cve20144448-weak-security(97664)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97664"
"name": "APPLE-SA-2014-10-20-1",
"refsource": "APPLE",
"url": "http://www.securityfocus.com/archive/1/533747"
}
]
}

22
2014/4xxx/CVE-2014-4931.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4931",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4931",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/8xxx/CVE-2014-8230.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8230",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8230",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

80
2014/8xxx/CVE-2014-8438.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8438",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-8438",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html"
"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html"
},
{
"name" : "openSUSE-SU-2015:0725",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html"
"name": "71049",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71049"
},
{
"name" : "71049",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71049"
"name": "adobe-flash-cve20148438-code-exec(98619)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98619"
},
{
"name" : "adobe-flash-cve20148438-code-exec(98619)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98619"
"name": "openSUSE-SU-2015:0725",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html"
}
]
}

62
2014/8xxx/CVE-2014-8456.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8456",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-8456",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158."
"lang": "eng",
"value": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://helpx.adobe.com/security/products/reader/apsb14-28.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
"name": "http://helpx.adobe.com/security/products/reader/apsb14-28.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
}
]
}

22
2014/8xxx/CVE-2014-8719.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8719",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8719",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/9xxx/CVE-2014-9097.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9097",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9097",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly as distributed before 2014-07-23, for WordPress allow (1) remote attackers to execute arbitrary SQL commands via the vid parameter in a myextract action to wp-admin/admin-ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the playlistId parameter in the newplaylist page or (3) videoId parameter in a newvideo page to wp-admin/admin.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly as distributed before 2014-07-23, for WordPress allow (1) remote attackers to execute arbitrary SQL commands via the vid parameter in a myextract action to wp-admin/admin-ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the playlistId parameter in the newplaylist page or (3) videoId parameter in a newvideo page to wp-admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/127611/WordPress-Video-Gallery-2.5-Cross-Site-Scripting-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127611/WordPress-Video-Gallery-2.5-Cross-Site-Scripting-SQL-Injection.html"
"name": "http://packetstormsecurity.com/files/127611/WordPress-Video-Gallery-2.5-Cross-Site-Scripting-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127611/WordPress-Video-Gallery-2.5-Cross-Site-Scripting-SQL-Injection.html"
},
{
"name" : "http://wordpress.org/plugins/contus-video-gallery/changelog",
"refsource" : "MISC",
"url" : "http://wordpress.org/plugins/contus-video-gallery/changelog"
"name": "http://wordpress.org/plugins/contus-video-gallery/changelog",
"refsource": "MISC",
"url": "http://wordpress.org/plugins/contus-video-gallery/changelog"
},
{
"name" : "68883",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68883"
"name": "68883",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68883"
}
]
}

74
2014/9xxx/CVE-2014-9595.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9595",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9595",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Spool System, aka SAP Note 2061271."
"lang": "eng",
"value": "Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Spool System, aka SAP Note 2061271."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://erpscan.io/advisories/erpscan-14-024-sap-kernel-rce-dos/",
"refsource" : "MISC",
"url" : "https://erpscan.io/advisories/erpscan-14-024-sap-kernel-rce-dos/"
"name": "https://erpscan.io/advisories/erpscan-14-024-sap-kernel-rce-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-024-sap-kernel-rce-dos/"
},
{
"name" : "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/",
"refsource" : "MISC",
"url" : "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/"
"name": "62150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62150"
},
{
"name" : "62150",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62150"
"name": "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/"
}
]
}

74
2014/9xxx/CVE-2014-9831.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9831",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9831",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file."
"lang": "eng",
"value": "coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343487",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343487"
},
{
"name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f",
"refsource" : "CONFIRM",
"url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
"name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343487",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343487"
"name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f",
"refsource": "CONFIRM",
"url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
}
]
}

110
2016/2xxx/CVE-2016-2119.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-2119",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-2119",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag."
"lang": "eng",
"value": "libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.samba.org/samba/security/CVE-2016-2119.html",
"refsource" : "CONFIRM",
"url" : "https://www.samba.org/samba/security/CVE-2016-2119.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name": "RHSA-2016:1494",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1494.html"
},
{
"name" : "GLSA-201805-07",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201805-07"
"name": "91700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91700"
},
{
"name" : "RHSA-2016:1486",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1486.html"
"name": "RHSA-2016:1486",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1486.html"
},
{
"name" : "RHSA-2016:1487",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1487.html"
"name": "GLSA-201805-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201805-07"
},
{
"name" : "RHSA-2016:1494",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1494.html"
"name": "openSUSE-SU-2016:1830",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00060.html"
},
{
"name" : "openSUSE-SU-2016:1830",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00060.html"
"name": "RHSA-2016:1487",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1487.html"
},
{
"name" : "91700",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91700"
"name": "1036244",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036244"
},
{
"name" : "1036244",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036244"
"name": "https://www.samba.org/samba/security/CVE-2016-2119.html",
"refsource": "CONFIRM",
"url": "https://www.samba.org/samba/security/CVE-2016-2119.html"
}
]
}

128
2016/2xxx/CVE-2016-2317.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2317",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2317",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
"lang": "eng",
"value": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/02/11/6"
"name": "openSUSE-SU-2016:2073",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"name" : "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/20/4"
"name": "openSUSE-SU-2016:1724",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"name" : "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/27/4"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"name" : "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/31/3"
"name": "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"name" : "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/07/4"
"name": "83241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83241"
},
{
"name" : "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/18/8"
"name": "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1306148",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
"name": "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"name" : "DSA-3746",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3746"
"name": "DSA-3746",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"name" : "SUSE-SU-2016:1783",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
"name": "SUSE-SU-2016:1783",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"name" : "openSUSE-SU-2016:1724",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
"name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"name" : "openSUSE-SU-2016:2073",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
"name": "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"name" : "83241",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/83241"
"name": "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
}
]
}

104
2016/2xxx/CVE-2016-2517.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2517",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2517",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression."
"lang": "eng",
"value": "NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.ntp.org/bin/view/Main/NtpBug3010",
"refsource" : "CONFIRM",
"url" : "http://support.ntp.org/bin/view/Main/NtpBug3010"
"name": "http://support.ntp.org/bin/view/Main/NtpBug3010",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug3010"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "88189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/88189"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20171004-0002/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20171004-0002/"
"name": "VU#718152",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"name" : "FreeBSD-SA-16:16",
"refsource" : "FREEBSD",
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc"
"name": "1035705",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035705"
},
{
"name" : "GLSA-201607-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201607-15"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "VU#718152",
"refsource" : "CERT-VN",
"url" : "https://www.kb.cert.org/vuls/id/718152"
"name": "https://security.netapp.com/advisory/ntap-20171004-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"name" : "88189",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/88189"
"name": "FreeBSD-SA-16:16",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc"
},
{
"name" : "1035705",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035705"
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
}
]
}

22
2016/2xxx/CVE-2016-2661.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2661",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-2661",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

74
2016/3xxx/CVE-2016-3368.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3368",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3368",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a crafted request, aka \"Windows Remote Code Execution Vulnerability.\""
"lang": "eng",
"value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a crafted request, aka \"Windows Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-110",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-110"
"name": "MS16-110",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-110"
},
{
"name" : "92847",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92847"
"name": "92847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92847"
},
{
"name" : "1036798",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036798"
"name": "1036798",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036798"
}
]
}

104
2016/3xxx/CVE-2016-3403.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3403",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3403",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging failure to use of a CSRF token and perform referer header checks, aka bugs 100885 and 100899."
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging failure to use of a CSRF token and perform referer header checks, aka bugs 100885 and 100899."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20170112 [CVE-2016-3403] [Zimbra] Multiple CSRF in Administration interface - all versions",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2017/Jan/30"
"name": "95383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95383"
},
{
"name" : "https://sysdream.com/news/lab/2017-01-12-cve-2016-3403-multiple-csrf-in-zimbra-administration-interface/",
"refsource" : "MISC",
"url" : "https://sysdream.com/news/lab/2017-01-12-cve-2016-3403-multiple-csrf-in-zimbra-administration-interface/"
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.6_Patch_8",
"refsource": "CONFIRM",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.6_Patch_8"
},
{
"name" : "https://bugzilla.zimbra.com/show_bug.cgi?id=100885",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=100885"
"name": "https://bugzilla.zimbra.com/show_bug.cgi?id=100899",
"refsource": "CONFIRM",
"url": "https://bugzilla.zimbra.com/show_bug.cgi?id=100899"
},
{
"name" : "https://bugzilla.zimbra.com/show_bug.cgi?id=100899",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=100899"
"name": "https://bugzilla.zimbra.com/show_bug.cgi?id=100885",
"refsource": "CONFIRM",
"url": "https://bugzilla.zimbra.com/show_bug.cgi?id=100885"
},
{
"name" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.6_Patch_8",
"refsource" : "CONFIRM",
"url" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.6_Patch_8"
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0",
"refsource": "CONFIRM",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0"
},
{
"name" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0",
"refsource" : "CONFIRM",
"url" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0"
"name": "20170112 [CVE-2016-3403] [Zimbra] Multiple CSRF in Administration interface - all versions",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2017/Jan/30"
},
{
"name" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"refsource" : "CONFIRM",
"url" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
"name": "https://sysdream.com/news/lab/2017-01-12-cve-2016-3403-multiple-csrf-in-zimbra-administration-interface/",
"refsource": "MISC",
"url": "https://sysdream.com/news/lab/2017-01-12-cve-2016-3403-multiple-csrf-in-zimbra-administration-interface/"
},
{
"name" : "95383",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95383"
"name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"refsource": "CONFIRM",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
}
]
}

68
2016/3xxx/CVE-2016-3762.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3762",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3762",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka internal bug 28612709."
"lang": "eng",
"value": "The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka internal bug 28612709."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-07-01.html"
"name": "https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39"
},
{
"name" : "https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39"
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
}
]
}

74
2016/6xxx/CVE-2016-6164.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6164",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6164",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size."
"lang": "eng",
"value": "Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823"
"name": "http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823"
},
{
"name" : "https://www.ffmpeg.org/security.html",
"refsource" : "CONFIRM",
"url" : "https://www.ffmpeg.org/security.html"
"name": "95862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95862"
},
{
"name" : "95862",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95862"
"name": "https://www.ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "https://www.ffmpeg.org/security.html"
}
]
}

22
2016/6xxx/CVE-2016-6280.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6280",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6280",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2016/6xxx/CVE-2016-6483.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6483",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6483",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x before 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x before 5.2.0 Patch Level 3, 5.2.1 before Patch Level 1, and 5.2.2 before Patch Level 1 allows remote attackers to conduct SSRF attacks via a crafted URL that results in a Redirection HTTP status code."
"lang": "eng",
"value": "The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x before 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x before 5.2.0 Patch Level 3, 5.2.1 before Patch Level 1, and 5.2.2 before Patch Level 1 allows remote attackers to conduct SSRF attacks via a crafted URL that results in a Redirection HTTP status code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40225",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40225/"
"name": "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349551-security-patch-vbulletin-5-2-0-5-2-1-5-2-2",
"refsource": "CONFIRM",
"url": "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349551-security-patch-vbulletin-5-2-0-5-2-1-5-2-2"
},
{
"name" : "http://legalhackers.com/advisories/vBulletin-SSRF-Vulnerability-Exploit.txt",
"refsource" : "MISC",
"url" : "http://legalhackers.com/advisories/vBulletin-SSRF-Vulnerability-Exploit.txt"
"name": "40225",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40225/"
},
{
"name" : "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349548-security-patch-vbulletin-3-8-7-3-8-8-3-8-9-3-8-10-beta",
"refsource" : "CONFIRM",
"url" : "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349548-security-patch-vbulletin-3-8-7-3-8-8-3-8-9-3-8-10-beta"
"name": "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349548-security-patch-vbulletin-3-8-7-3-8-8-3-8-9-3-8-10-beta",
"refsource": "CONFIRM",
"url": "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349548-security-patch-vbulletin-3-8-7-3-8-8-3-8-9-3-8-10-beta"
},
{
"name" : "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349549-security-patch-vbulletin-4-2-2-4-2-3-4-2-4-beta",
"refsource" : "CONFIRM",
"url" : "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349549-security-patch-vbulletin-4-2-2-4-2-3-4-2-4-beta"
"name": "http://legalhackers.com/advisories/vBulletin-SSRF-Vulnerability-Exploit.txt",
"refsource": "MISC",
"url": "http://legalhackers.com/advisories/vBulletin-SSRF-Vulnerability-Exploit.txt"
},
{
"name" : "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349551-security-patch-vbulletin-5-2-0-5-2-1-5-2-2",
"refsource" : "CONFIRM",
"url" : "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349551-security-patch-vbulletin-5-2-0-5-2-1-5-2-2"
"name": "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349549-security-patch-vbulletin-4-2-2-4-2-3-4-2-4-beta",
"refsource": "CONFIRM",
"url": "http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4349549-security-patch-vbulletin-4-2-2-4-2-3-4-2-4-beta"
},
{
"name" : "92350",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92350"
"name": "1036553",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036553"
},
{
"name" : "1036553",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036553"
"name": "92350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92350"
}
]
}

68
2016/7xxx/CVE-2016-7038.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-7038",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7038",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Moodle 2.x and 3.x",
"version" : {
"version_data" : [
"product_name": "Moodle 2.x and 3.x",
"version": {
"version_data": [
{
"version_value" : "Moodle 2.x and 3.x"
"version_value": "Moodle 2.x and 3.x"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed."
"lang": "eng",
"value": "In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "unspecified"
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://moodle.org/mod/forum/discuss.php?d=339631",
"refsource" : "CONFIRM",
"url" : "https://moodle.org/mod/forum/discuss.php?d=339631"
"name": "https://moodle.org/mod/forum/discuss.php?d=339631",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=339631"
},
{
"name" : "93174",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93174"
"name": "93174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93174"
}
]
}

86
2016/7xxx/CVE-2016-7399.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7399",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7399",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense."
"lang": "eng",
"value": "scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.sec-1.com/blog/2016/veritas-netbackup-appliance-unauthenticated-remote-command-execution",
"refsource" : "MISC",
"url" : "http://www.sec-1.com/blog/2016/veritas-netbackup-appliance-unauthenticated-remote-command-execution"
"name": "http://www.sec-1.com/blog/2016/veritas-netbackup-appliance-unauthenticated-remote-command-execution",
"refsource": "MISC",
"url": "http://www.sec-1.com/blog/2016/veritas-netbackup-appliance-unauthenticated-remote-command-execution"
},
{
"name" : "https://www.veritas.com/content/support/en_US/security/VTS16-002.html",
"refsource" : "CONFIRM",
"url" : "https://www.veritas.com/content/support/en_US/security/VTS16-002.html"
"name": "94384",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94384"
},
{
"name" : "https://www.veritas.com/support/en_US/article.000116055",
"refsource" : "CONFIRM",
"url" : "https://www.veritas.com/support/en_US/article.000116055"
"name": "https://www.veritas.com/support/en_US/article.000116055",
"refsource": "CONFIRM",
"url": "https://www.veritas.com/support/en_US/article.000116055"
},
{
"name" : "94384",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94384"
"name": "1037555",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037555"
},
{
"name" : "1037555",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037555"
"name": "https://www.veritas.com/content/support/en_US/security/VTS16-002.html",
"refsource": "CONFIRM",
"url": "https://www.veritas.com/content/support/en_US/security/VTS16-002.html"
}
]
}

22
2016/7xxx/CVE-2016-7778.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7778",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7778",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/7xxx/CVE-2016-7801.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2016-7801",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7801",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cybozu Garoon",
"version" : {
"version_data" : [
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value" : "3.0.0 to 4.2.2"
"version_value": "3.0.0 to 4.2.2"
}
]
}
}
]
},
"vendor_name" : "Cybozu, Inc."
"vendor_name": "Cybozu, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors."
"lang": "eng",
"value": "Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Fails to restrict access"
"lang": "eng",
"value": "Fails to restrict access"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.cybozu.com/ja-jp/article/9437",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/9437"
"name": "JVN#14631222",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14631222/index.html"
},
{
"name" : "JVN#14631222",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN14631222/index.html"
"name": "94966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94966"
},
{
"name" : "94966",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94966"
"name": "https://support.cybozu.com/ja-jp/article/9437",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9437"
}
]
}

98
2016/7xxx/CVE-2016-7906.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7906",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7906",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file."
"lang": "eng",
"value": "magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161002 Re: imagemagick mogrify use after free",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/02/3"
"name": "93271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93271"
},
{
"name" : "[oss-security] 20161002 imagemagick mogrify use after free",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/02/1"
"name": "[oss-security] 20161002 Re: imagemagick mogrify use after free",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/02/3"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0"
"name": "https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/281",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/281"
"name": "[oss-security] 20161002 imagemagick mogrify use after free",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/02/1"
},
{
"name" : "DSA-3726",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3726"
"name": "GLSA-201611-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-21"
},
{
"name" : "GLSA-201611-21",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-21"
"name": "https://github.com/ImageMagick/ImageMagick/issues/281",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/281"
},
{
"name" : "93271",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93271"
"name": "DSA-3726",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3726"
}
]
}

116
2016/7xxx/CVE-2016-7942.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7942",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2016-7942",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations."
"lang": "eng",
"value": "The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/4"
"name": "1036945",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036945"
},
{
"name" : "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/2"
"name": "USN-3758-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3758-2/"
},
{
"name" : "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource" : "MLIST",
"url" : "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
"name": "GLSA-201704-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201704-03"
},
{
"name" : "https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17",
"refsource" : "CONFIRM",
"url" : "https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17"
"name": "93363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93363"
},
{
"name" : "FEDORA-2016-0df69ab477",
"refsource" : "FEDORA",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMCVDXMFPXR7QGMKDG22WPPJCXH2X3L7/"
"name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
},
{
"name" : "GLSA-201704-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201704-03"
"name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
},
{
"name" : "USN-3758-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3758-2/"
"name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
},
{
"name" : "USN-3758-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3758-1/"
"name": "USN-3758-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3758-1/"
},
{
"name" : "93363",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93363"
"name": "FEDORA-2016-0df69ab477",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMCVDXMFPXR7QGMKDG22WPPJCXH2X3L7/"
},
{
"name" : "1036945",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036945"
"name": "https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17",
"refsource": "CONFIRM",
"url": "https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17"
}
]
}

92
2016/7xxx/CVE-2016-7994.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7994",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7994",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands."
"lang": "eng",
"value": "Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161007 CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/07/2"
"name": "93453",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93453"
},
{
"name" : "[oss-security] 20161008 Re: CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/08/3"
"name": "GLSA-201611-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-11"
},
{
"name" : "[qemu-devel] 20160919 Re: [PATCH] virtio-gpu: fix memory leak in virtio_gpu_resource_create_2d",
"refsource" : "MLIST",
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04083.html"
"name": "[oss-security] 20161007 CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/07/2"
},
{
"name" : "GLSA-201611-11",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-11"
"name": "openSUSE-SU-2016:3237",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html"
},
{
"name" : "openSUSE-SU-2016:3237",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html"
"name": "[qemu-devel] 20160919 Re: [PATCH] virtio-gpu: fix memory leak in virtio_gpu_resource_create_2d",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04083.html"
},
{
"name" : "93453",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93453"
"name": "[oss-security] 20161008 Re: CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/08/3"
}
]
}