admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 19:01:12 +00:00
parent acfc855076
commit 697f56d753
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 1240 additions and 968 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

406
2007/5xxx/CVE-2007-5503.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5503",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function."
"value": "CVE-2007-5503 cairo integer overflow"
}
]
},
@ -44,238 +21,273 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.2.4-3.el5_1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://issues.rpath.com/browse/RPL-1966",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1966"
},
{
"name": "USN-550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/550-2/"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "28529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28529"
},
{
"name": "28555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28555"
},
{
"name": "27985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27985"
},
{
"name": "27880",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27880"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0015",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0015"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=387431",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=387431"
},
{
"name": "SSA:2007-337-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.362119"
},
{
"name": "http://gitweb.freedesktop.org/?p=cairo;a=commitdiff;h=e49bcde27f88e21d5b8037a0089a226096f6514b",
"refsource": "CONFIRM",
"url": "http://gitweb.freedesktop.org/?p=cairo;a=commitdiff;h=e49bcde27f88e21d5b8037a0089a226096f6514b"
},
{
"name": "DSA-1542",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1542"
},
{
"name": "28289",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28289"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "28476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28476"
},
{
"name": "27887",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27887"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=201860",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=201860"
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26650",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26650"
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "MISC",
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "cario-readpng-bo(38771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38771"
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "MISC",
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
},
{
"name": "GLSA-200712-24",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-24.xml"
"url": "http://secunia.com/advisories/28838",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28838"
},
{
"name": "MDVSA-2008:019",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:019"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200350",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200350"
},
{
"name": "27819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27819"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=201860",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=201860"
},
{
"name": "USN-550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/550-1/"
"url": "http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360",
"refsource": "MISC",
"name": "http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200350",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200350"
"url": "http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=e49bcde27f88e21d5b8037a0089a226096f6514b",
"refsource": "MISC",
"name": "http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=e49bcde27f88e21d5b8037a0089a226096f6514b"
},
{
"name": "FEDORA-2007-3818",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00630.html"
"url": "http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff_plain%3Bh=6020f67f1a49cfe3844c4938d4af24c63c8424cc%3Bhp=c79fc9af334fd6f2d1078071d64178125561b187",
"refsource": "MISC",
"name": "http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff_plain%3Bh=6020f67f1a49cfe3844c4938d4af24c63c8424cc%3Bhp=c79fc9af334fd6f2d1078071d64178125561b187"
},
{
"name": "GLSA-200712-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-04.xml"
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html",
"refsource": "MISC",
"name": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
"url": "http://rhn.redhat.com/errata/RHSA-2007-1078.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2007-1078.html"
},
{
"name": "ADV-2007-4045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4045"
"url": "http://secunia.com/advisories/27775",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27775"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
"url": "http://secunia.com/advisories/27819",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27819"
},
{
"name": "31711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31711"
"url": "http://secunia.com/advisories/27880",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27880"
},
{
"name": "http://gitweb.freedesktop.org/?p=cairo;a=commitdiff_plain;h=6020f67f1a49cfe3844c4938d4af24c63c8424cc;hp=c79fc9af334fd6f2d1078071d64178125561b187",
"refsource": "CONFIRM",
"url": "http://gitweb.freedesktop.org/?p=cairo;a=commitdiff_plain;h=6020f67f1a49cfe3844c4938d4af24c63c8424cc;hp=c79fc9af334fd6f2d1078071d64178125561b187"
"url": "http://secunia.com/advisories/27887",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27887"
},
{
"name": "http://gitweb.freedesktop.org/?p=cairo;a=commitdiff;h=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360",
"refsource": "CONFIRM",
"url": "http://gitweb.freedesktop.org/?p=cairo;a=commitdiff;h=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360"
"url": "http://secunia.com/advisories/27985",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27985"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
"url": "http://secunia.com/advisories/28289",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28289"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
"url": "http://secunia.com/advisories/28476",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28476"
},
{
"name": "oval:org.mitre.oval:def:11251",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11251"
"url": "http://secunia.com/advisories/28529",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28529"
},
{
"name": "1019027",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019027"
"url": "http://secunia.com/advisories/28555",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28555"
},
{
"name": "28838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28838"
"url": "http://secunia.com/advisories/29767",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29767"
},
{
"name": "27775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27775"
"url": "http://secunia.com/advisories/31707",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31707"
},
{
"name": "SUSE-SR:2008:003",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
"url": "http://secunia.com/advisories/31711",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31711"
},
{
"name": "29767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29767"
"url": "http://security.gentoo.org/glsa/glsa-200712-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200712-04.xml"
},
{
"name": "20080115 rPSA-2008-0015-1 cairo",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486405/100/0/threaded"
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "RHSA-2007:1078",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-1078.html"
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.362119",
"refsource": "MISC",
"name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.362119"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0015",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0015"
},
{
"url": "http://www.debian.org/security/2008/dsa-1542",
"refsource": "MISC",
"name": "http://www.debian.org/security/2008/dsa-1542"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-24.xml",
"refsource": "MISC",
"name": "http://www.gentoo.org/security/en/glsa/glsa-200712-24.xml"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:019",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:019"
},
{
"url": "http://www.securityfocus.com/archive/1/486405/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/486405/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/26650",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/26650"
},
{
"url": "http://www.securitytracker.com/id?1019027",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1019027"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"url": "http://www.vupen.com/english/advisories/2007/4045",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2007/4045"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2466",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"url": "https://access.redhat.com/errata/RHSA-2007:1078",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2007:1078"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2007-5503",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2007-5503"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=387431",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=387431"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38771",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38771"
},
{
"url": "https://issues.rpath.com/browse/RPL-1966",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-1966"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11251",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11251"
},
{
"url": "https://usn.ubuntu.com/550-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/550-1/"
},
{
"url": "https://usn.ubuntu.com/550-2/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/550-2/"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00630.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00630.html"
}
]
}

608
2007/5xxx/CVE-2007-5960.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5960",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent."
"value": "CVE-2007-5960 Mozilla Cross-site Request Forgery flaw"
}
]
},
@ -44,303 +21,404 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 2.1",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.7.el2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.7.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:1.5.0.12-0.8.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.0.12-7.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-7.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4.5 Z Stream",
"version": {
"version_data": [
{
"version_value": "0:1.5.0.12-0.8.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-7.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.5.0.12-7.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "27816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27816"
},
{
"name": "http://browser.netscape.com/releasenotes/",
"refsource": "CONFIRM",
"url": "http://browser.netscape.com/releasenotes/"
},
{
"name": "27855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27855"
},
{
"name": "DSA-1424",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1424"
},
{
"name": "26589",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26589"
},
{
"name": "SUSE-SA:2007:066",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html"
},
{
"name": "GLSA-200712-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-21.xml"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260"
},
{
"name": "https://issues.rpath.com/browse/RPL-1995",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1995"
},
{
"name": "28277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28277"
},
{
"name": "27845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27845"
},
{
"name": "RHSA-2007:1083",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1083.html"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093"
},
{
"name": "oval:org.mitre.oval:def:9794",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9794"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200909",
"url": "http://www.vupen.com/english/advisories/2008/0083",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200909"
"name": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name": "ADV-2008-0643",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0643"
},
{
"name": "FEDORA-2007-3952",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg01011.html"
},
{
"name": "RHSA-2007:1082",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1082.html"
},
{
"name": "SSA:2007-331-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374833"
},
{
"name": "28016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28016"
},
{
"name": "FEDORA-2007-4098",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00168.html"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "MDKSA-2007:246",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:246"
},
{
"name": "USN-546-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/546-1/"
},
{
"name": "ADV-2007-4018",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4018"
},
{
"name": "20080229 rPSA-2008-0093-1 thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488971/100/0/threaded"
},
{
"name": "27838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27838"
},
{
"name": "FEDORA-2007-4106",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00135.html"
},
{
"name": "1018995",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018995"
},
{
"name": "20080212 FLEA-2008-0001-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488002/100/0/threaded"
},
{
"name": "ADV-2007-4002",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4002"
},
{
"name": "1018977",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1"
},
{
"name": "27793",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27793"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=198965",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=198965"
"name": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
"url": "http://secunia.com/advisories/28398",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28398"
},
{
"name": "27955",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27955"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0093",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0093"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1"
},
{
"name": "USN-546-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-546-2"
"url": "http://www.vupen.com/english/advisories/2008/0643",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/0643"
},
{
"name": "FEDORA-2007-756",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00115.html"
"url": "http://browser.netscape.com/releasenotes/",
"refsource": "MISC",
"name": "http://browser.netscape.com/releasenotes/"
},
{
"name": "231441",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=198965",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=198965"
},
{
"name": "27957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27957"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200909",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200909"
},
{
"name": "28398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28398"
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html"
},
{
"name": "29164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29164"
"url": "http://secunia.com/advisories/27725",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27725"
},
{
"name": "mozilla-http-referer-spoofing(38644)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38644"
"url": "http://secunia.com/advisories/27793",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27793"
},
{
"name": "28001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28001"
"url": "http://secunia.com/advisories/27796",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27796"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"url": "http://secunia.com/advisories/27797",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27797"
},
{
"name": "27796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27796"
"url": "http://secunia.com/advisories/27800",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27800"
},
{
"name": "SSA:2007-333-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.365006"
"url": "http://secunia.com/advisories/27816",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27816"
},
{
"name": "https://issues.rpath.com/browse/RPL-1984",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1984"
"url": "http://secunia.com/advisories/27838",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27838"
},
{
"name": "27797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27797"
"url": "http://secunia.com/advisories/27845",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27845"
},
{
"name": "27979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27979"
"url": "http://secunia.com/advisories/27855",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27855"
},
{
"name": "28171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28171"
"url": "http://secunia.com/advisories/27944",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27944"
},
{
"name": "27800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27800"
"url": "http://secunia.com/advisories/27955",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27955"
},
{
"name": "RHSA-2007:1084",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1084.html"
"url": "http://secunia.com/advisories/27957",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27957"
},
{
"name": "DSA-1425",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1425"
"url": "http://secunia.com/advisories/27979",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27979"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-39.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-39.html"
"url": "http://secunia.com/advisories/28001",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28001"
},
{
"name": "27944",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27944"
"url": "http://secunia.com/advisories/28016",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28016"
},
{
"name": "27725",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27725"
"url": "http://secunia.com/advisories/28171",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28171"
},
{
"url": "http://secunia.com/advisories/28277",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28277"
},
{
"url": "http://secunia.com/advisories/29164",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29164"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200712-21.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200712-21.xml"
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.365006",
"refsource": "MISC",
"name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.365006"
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374833",
"refsource": "MISC",
"name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374833"
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0093",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0093"
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260"
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093"
},
{
"url": "http://www.debian.org/security/2007/dsa-1424",
"refsource": "MISC",
"name": "http://www.debian.org/security/2007/dsa-1424"
},
{
"url": "http://www.debian.org/security/2007/dsa-1425",
"refsource": "MISC",
"name": "http://www.debian.org/security/2007/dsa-1425"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:246",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:246"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-1082.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2007-1082.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-1083.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2007-1083.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-1084.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2007-1084.html"
},
{
"url": "http://www.securityfocus.com/archive/1/488002/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/488002/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/archive/1/488971/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/488971/100/0/threaded"
},
{
"url": "http://www.ubuntu.com/usn/usn-546-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-546-2"
},
{
"url": "http://www.vupen.com/english/advisories/2007/4002",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2007/4002"
},
{
"url": "http://www.vupen.com/english/advisories/2007/4018",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2007/4018"
},
{
"url": "https://access.redhat.com/errata/RHSA-2007:1082",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2007:1082"
},
{
"url": "https://access.redhat.com/errata/RHSA-2007:1083",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2007:1083"
},
{
"url": "https://access.redhat.com/errata/RHSA-2007:1084",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2007:1084"
},
{
"url": "https://issues.rpath.com/browse/RPL-1984",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-1984"
},
{
"url": "https://issues.rpath.com/browse/RPL-1995",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-1995"
},
{
"url": "https://usn.ubuntu.com/546-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/546-1/"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00115.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00115.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00135.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00135.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00168.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00168.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg01011.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg01011.html"
},
{
"url": "http://securitytracker.com/id?1018995",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1018995"
},
{
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-39.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-39.html"
},
{
"url": "http://www.securityfocus.com/bid/26589",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/26589"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2007-5960",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2007-5960"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=394261",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=394261"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38644",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38644"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9794",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9794"
}
]
}

178
2007/5xxx/CVE-2007-5962.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5962",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option."
"value": "CVE-2007-5962 vsftpd: memory leak when deny_file option is set"
}
]
},
@ -44,103 +21,138 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-12.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0185",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0185"
"url": "http://secunia.com/advisories/30341",
"refsource": "MISC",
"name": "http://secunia.com/advisories/30341"
},
{
"name": "FEDORA-2008-4347",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html"
"url": "http://secunia.com/advisories/30354",
"refsource": "MISC",
"name": "http://secunia.com/advisories/30354"
},
{
"name": "30341",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30341"
"url": "http://securitytracker.com/id?1020079",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1020079"
},
{
"name": "5814",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5814"
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0185",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0185"
},
{
"name": "30354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30354"
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/05/21/10"
},
{
"name": "RHSA-2008:0295",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0295.html"
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/05/21/12"
},
{
"name": "FEDORA-2008-4362",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.html"
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/05/21/8"
},
{
"name": "[oss-security] 20080521 Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/10"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0295.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0295.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=397011",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=397011"
"url": "http://www.securityfocus.com/archive/1/493167/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/493167/100/0/threaded"
},
{
"name": "vsftpd-denyfile-dos(42593)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42593"
"url": "http://www.securityfocus.com/bid/29322",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/29322"
},
{
"name": "FEDORA-2008-4373",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.html"
"url": "http://www.vupen.com/english/advisories/2008/1600",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/1600"
},
{
"name": "ADV-2008-1600",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1600"
"url": "https://access.redhat.com/errata/RHSA-2008:0295",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0295"
},
{
"name": "[oss-security] 20080521 Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/12"
"url": "https://access.redhat.com/security/cve/CVE-2007-5962",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2007-5962"
},
{
"name": "29322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29322"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=397011",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=397011"
},
{
"name": "oval:org.mitre.oval:def:8850",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8850"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42593",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42593"
},
{
"name": "[oss-security] 20080521 vsftpd CVE-2007-5962 (Red Hat / Fedora specific)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/8"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8850",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8850"
},
{
"name": "20080606 rPSA-2008-0185-1 vsftpd",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493167/100/0/threaded"
"url": "https://www.exploit-db.com/exploits/5814",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/5814"
},
{
"name": "1020079",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020079"
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.html"
}
]
}

231
2009/0xxx/CVE-2009-0354.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0354",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function."
"value": "CVE-2009-0354 Firefox XSS using a chrome XBL method and window.eval"
}
]
},
@ -44,103 +21,191 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:3.0.6-1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.12.2.0-3.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:3.0.6-1.el5",
"version_affected": "!"
},
{
"version_value": "0:3.12.2.0-4.el5",
"version_affected": "!"
},
{
"version_value": "0:1.9.0.6-1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0313",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0313"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html"
},
{
"name": "SUSE-SA:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html"
"url": "http://rhn.redhat.com/errata/RHSA-2009-0256.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2009-0256.html"
},
{
"name": "33809",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33809"
"url": "http://secunia.com/advisories/33799",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33799"
},
{
"name": "MDVSA-2009:044",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044"
"url": "http://secunia.com/advisories/33809",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33809"
},
{
"name": "RHSA-2009:0256",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0256.html"
"url": "http://secunia.com/advisories/33831",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33831"
},
{
"name": "http://www.mozilla.org/security/announce/2009/mfsa2009-02.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-02.html"
"url": "http://secunia.com/advisories/33841",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33841"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm"
"url": "http://secunia.com/advisories/33846",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33846"
},
{
"name": "33831",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33831"
"url": "http://secunia.com/advisories/33869",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33869"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=468581",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468581"
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm"
},
{
"name": "33841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33841"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044"
},
{
"name": "oval:org.mitre.oval:def:9796",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9796"
"url": "http://www.securityfocus.com/bid/33598",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/33598"
},
{
"name": "33846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33846"
"url": "http://www.ubuntu.com/usn/usn-717-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-717-1"
},
{
"name": "33799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33799"
"url": "http://www.vupen.com/english/advisories/2009/0313",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0313"
},
{
"name": "33598",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33598"
"url": "https://access.redhat.com/errata/RHSA-2009:0256",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0256"
},
{
"name": "FEDORA-2009-1399",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html"
},
{
"name": "33869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33869"
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-02.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2009/mfsa2009-02.html"
},
{
"name": "1021664",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021664"
"url": "http://www.securitytracker.com/id?1021664",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021664"
},
{
"name": "USN-717-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-717-1"
"url": "https://access.redhat.com/security/cve/CVE-2009-0354",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0354"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468581",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=468581"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=483142",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=483142"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9796",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9796"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

428
2009/0xxx/CVE-2009-0581.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0581",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file."
"value": "CVE-2009-0581 LittleCms memory leak"
}
]
},
@ -44,218 +21,287 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.18-0.1.beta1.el5_3.2",
"version_affected": "!"
},
{
"version_value": "1:1.6.0.0-0.30.b09.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2009-2970",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
},
{
"name": "MDVSA-2009:137",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
},
{
"name": "34632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34632"
},
{
"name": "34450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34450"
},
{
"name": "FEDORA-2009-2928",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
},
{
"name": "SUSE-SR:2009:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"name": "USN-744-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-744-1"
},
{
"name": "DSA-1745",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1745"
},
{
"name": "34675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34675"
},
{
"name": "littlecms-unspecified-dos(49328)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49328"
},
{
"name": "34454",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34454"
},
{
"name": "1021870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021870"
},
{
"name": "34442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34442"
},
{
"name": "FEDORA-2009-2982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
},
{
"name": "FEDORA-2009-3034",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
},
{
"name": "FEDORA-2009-2903",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
},
{
"name": "http://scary.beasts.org/security/CESA-2009-003.html",
"url": "http://secunia.com/advisories/34632",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2009-003.html"
"name": "http://secunia.com/advisories/34632"
},
{
"name": "34382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34382"
},
{
"name": "SSA:2009-083-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438"
},
{
"name": "34418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34418"
},
{
"name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
},
{
"name": "RHSA-2009:0377",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
},
{
"name": "http://www.ocert.org/advisories/ocert-2009-003.html",
"url": "http://secunia.com/advisories/34675",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2009-003.html"
"name": "http://secunia.com/advisories/34675"
},
{
"name": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html",
"url": "http://secunia.com/advisories/34782",
"refsource": "MISC",
"url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
"name": "http://secunia.com/advisories/34782"
},
{
"name": "34782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34782"
"url": "http://security.gentoo.org/glsa/glsa-200904-19.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
},
{
"name": "34367",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34367"
"url": "http://www.debian.org/security/2009/dsa-1769",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1769"
},
{
"name": "MDVSA-2009:162",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
},
{
"name": "RHSA-2009:0339",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
},
{
"name": "ADV-2009-0775",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0775"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
},
{
"name": "34463",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34463"
"url": "https://access.redhat.com/errata/RHSA-2009:0377",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0377"
},
{
"name": "34408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34408"
"url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
},
{
"name": "DSA-1769",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1769"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"name": "34400",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34400"
"url": "http://secunia.com/advisories/34418",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34418"
},
{
"name": "MDVSA-2009:121",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
"url": "http://scary.beasts.org/security/CESA-2009-003.html",
"refsource": "MISC",
"name": "http://scary.beasts.org/security/CESA-2009-003.html"
},
{
"name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
"url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html",
"refsource": "MISC",
"name": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487509",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487509"
"url": "http://secunia.com/advisories/34367",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34367"
},
{
"name": "FEDORA-2009-2910",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
"url": "http://secunia.com/advisories/34382",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34382"
},
{
"name": "oval:org.mitre.oval:def:10023",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10023"
"url": "http://secunia.com/advisories/34400",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34400"
},
{
"name": "34185",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34185"
"url": "http://secunia.com/advisories/34408",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34408"
},
{
"name": "GLSA-200904-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
"url": "http://secunia.com/advisories/34442",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34442"
},
{
"name": "FEDORA-2009-2983",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
"url": "http://secunia.com/advisories/34450",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34450"
},
{
"url": "http://secunia.com/advisories/34454",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34454"
},
{
"url": "http://secunia.com/advisories/34463",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34463"
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438",
"refsource": "MISC",
"name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438"
},
{
"url": "http://www.debian.org/security/2009/dsa-1745",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1745"
},
{
"url": "http://www.ocert.org/advisories/ocert-2009-003.html",
"refsource": "MISC",
"name": "http://www.ocert.org/advisories/ocert-2009-003.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
},
{
"url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/34185",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34185"
},
{
"url": "http://www.securitytracker.com/id?1021870",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021870"
},
{
"url": "http://www.ubuntu.com/usn/USN-744-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-744-1"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0775",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0775"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:0339",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0339"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-0581",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0581"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487509",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487509"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49328",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49328"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10023",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10023"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

357
2009/0xxx/CVE-2009-0583.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0583",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain \"native color space,\" related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images."
"value": "CVE-2009-0583 ghostscript, argyllcms: Multiple integer overflows in the International Color Consortium Format Library"
}
]
},
@ -44,213 +21,295 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:7.05-32.1.17",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:7.07-33.2.el4_7.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:8.15.2-9.4.el5_3.4",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "34381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34381"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"name": "SUSE-SR:2009:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
"url": "http://secunia.com/advisories/34418",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34418"
},
{
"name": "34437",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34437"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=261087",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=261087"
},
{
"name": "34393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34393"
"url": "http://secunia.com/advisories/34266",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34266"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm"
"url": "http://secunia.com/advisories/34373",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34373"
},
{
"name": "GLSA-200903-37",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml"
"url": "http://secunia.com/advisories/34381",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34381"
},
{
"name": "1021868",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021868"
"url": "http://secunia.com/advisories/34393",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34393"
},
{
"name": "34266",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34266"
"url": "http://secunia.com/advisories/34398",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34398"
},
{
"name": "34443",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34443"
"url": "http://secunia.com/advisories/34437",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34437"
},
{
"name": "FEDORA-2009-3031",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html"
"url": "http://secunia.com/advisories/34443",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34443"
},
{
"name": "DSA-1746",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1746"
"url": "http://secunia.com/advisories/34469",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34469"
},
{
"name": "ESB-2009.0259",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=10666"
"url": "http://secunia.com/advisories/34729",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34729"
},
{
"name": "ADV-2009-0776",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0776"
"url": "http://secunia.com/advisories/35559",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35559"
},
{
"name": "FEDORA-2009-2885",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html"
"url": "http://secunia.com/advisories/35569",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35569"
},
{
"name": "262288",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1"
"url": "http://securitytracker.com/id?1021868",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1021868"
},
{
"name": "FEDORA-2009-3011",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1"
},
{
"name": "34418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34418"
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm"
},
{
"name": "34729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34729"
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050"
"url": "http://www.auscert.org.au/render.html?it=10666",
"refsource": "MISC",
"name": "http://www.auscert.org.au/render.html?it=10666"
},
{
"name": "https://issues.rpath.com/browse/RPL-2991",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2991"
"url": "http://www.debian.org/security/2009/dsa-1746",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1746"
},
{
"name": "oval:org.mitre.oval:def:10795",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795"
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml",
"refsource": "MISC",
"name": "http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml"
},
{
"name": "MDVSA-2009:095",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:095"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:095",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:095"
},
{
"name": "ADV-2009-0816",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0816"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:096",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:096"
},
{
"name": "34469",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34469"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0345.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0345.html"
},
{
"name": "35569",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35569"
"url": "http://www.securityfocus.com/archive/1/501994/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/501994/100/0/threaded"
},
{
"name": "ADV-2009-1708",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1708"
"url": "http://www.securityfocus.com/bid/34184",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34184"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487742",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487742"
"url": "http://www.ubuntu.com/usn/USN-743-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-743-1"
},
{
"name": "34184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34184"
"url": "http://www.vupen.com/english/advisories/2009/0776",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0776"
},
{
"name": "MDVSA-2009:096",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:096"
"url": "http://www.vupen.com/english/advisories/2009/0777",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0777"
},
{
"name": "35559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35559"
"url": "http://www.vupen.com/english/advisories/2009/0816",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0816"
},
{
"name": "34373",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34373"
"url": "http://www.vupen.com/english/advisories/2009/1708",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1708"
},
{
"name": "34398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34398"
"url": "https://access.redhat.com/errata/RHSA-2009:0345",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0345"
},
{
"name": "USN-757-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/757-1/"
"url": "https://issues.rpath.com/browse/RPL-2991",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-2991"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=261087",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=261087"
"url": "https://usn.ubuntu.com/757-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/757-1/"
},
{
"name": "RHSA-2009:0345",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0345.html"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html"
},
{
"name": "FEDORA-2009-2883",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html"
},
{
"name": "ADV-2009-0777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0777"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html"
},
{
"name": "ghostscript-icclib-native-color-bo(49329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49329"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html"
},
{
"name": "20090319 rPSA-2009-0050-1 ghostscript",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501994/100/0/threaded"
"url": "https://access.redhat.com/security/cve/CVE-2009-0583",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0583"
},
{
"name": "USN-743-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-743-1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487742",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487742"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49329",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49329"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}