From 694ea5b9e136ecdd9e8d99643fd6d39c6102afb7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 24 Jul 2019 04:00:48 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/12xxx/CVE-2019-12735.json | 5 +++ 2019/12xxx/CVE-2019-12838.json | 5 +++ 2019/14xxx/CVE-2019-14247.json | 62 +++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14248.json | 62 +++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14249.json | 67 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14250.json | 67 ++++++++++++++++++++++++++++++++++ 6 files changed, 268 insertions(+) create mode 100644 2019/14xxx/CVE-2019-14247.json create mode 100644 2019/14xxx/CVE-2019-14248.json create mode 100644 2019/14xxx/CVE-2019-14249.json create mode 100644 2019/14xxx/CVE-2019-14250.json diff --git a/2019/12xxx/CVE-2019-12735.json b/2019/12xxx/CVE-2019-12735.json index 6e8364d369e..d25ebddc39b 100644 --- a/2019/12xxx/CVE-2019-12735.json +++ b/2019/12xxx/CVE-2019-12735.json @@ -156,6 +156,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1796", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00050.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4487", + "url": "https://www.debian.org/security/2019/dsa-4487" } ] } diff --git a/2019/12xxx/CVE-2019-12838.json b/2019/12xxx/CVE-2019-12838.json index fe95b9110c6..210dc61e090 100644 --- a/2019/12xxx/CVE-2019-12838.json +++ b/2019/12xxx/CVE-2019-12838.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-5d0d2619df", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQ6EV3OWKGMTBWCSXZGS4MYADUBLVXSQ/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-4ca3a39825", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2O47F72FWMYLEGF35QGNYY5VS33SUQS5/" } ] }, diff --git a/2019/14xxx/CVE-2019-14247.json b/2019/14xxx/CVE-2019-14247.json new file mode 100644 index 00000000000..96e00640ce1 --- /dev/null +++ b/2019/14xxx/CVE-2019-14247.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14247", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/p/mpg321/bugs/51/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/mpg321/bugs/51/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14248.json b/2019/14xxx/CVE-2019-14248.json new file mode 100644 index 00000000000..2e3f78a2074 --- /dev/null +++ b/2019/14xxx/CVE-2019-14248.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when \"%pragma limit\" is mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392576", + "refsource": "MISC", + "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392576" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14249.json b/2019/14xxx/CVE-2019-14249.json new file mode 100644 index 00000000000..e40f71ad7aa --- /dev/null +++ b/2019/14xxx/CVE-2019-14249.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/p/libdwarf/code/merge-requests/4/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/libdwarf/code/merge-requests/4/" + }, + { + "url": "https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599", + "refsource": "MISC", + "name": "https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14250.json b/2019/14xxx/CVE-2019-14250.json new file mode 100644 index 00000000000..333106055b3 --- /dev/null +++ b/2019/14xxx/CVE-2019-14250.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "refsource": "MISC", + "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924" + }, + { + "url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "refsource": "MISC", + "name": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html" + } + ] + } +} \ No newline at end of file