From 698479876894b8bf9a18998b8a10bb6a28dea701 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:46:10 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2004/0xxx/CVE-2004-0069.json | 150 ++++++++++---------- 2004/0xxx/CVE-2004-0677.json | 130 ++++++++--------- 2004/0xxx/CVE-2004-0894.json | 190 ++++++++++++------------- 2004/0xxx/CVE-2004-0961.json | 160 ++++++++++----------- 2004/1xxx/CVE-2004-1337.json | 150 ++++++++++---------- 2004/1xxx/CVE-2004-1517.json | 160 ++++++++++----------- 2004/2xxx/CVE-2004-2125.json | 170 +++++++++++----------- 2004/2xxx/CVE-2004-2363.json | 150 ++++++++++---------- 2004/2xxx/CVE-2004-2726.json | 140 +++++++++--------- 2008/2xxx/CVE-2008-2040.json | 250 ++++++++++++++++----------------- 2008/2xxx/CVE-2008-2041.json | 160 ++++++++++----------- 2008/2xxx/CVE-2008-2269.json | 150 ++++++++++---------- 2008/2xxx/CVE-2008-2508.json | 140 +++++++++--------- 2008/2xxx/CVE-2008-2700.json | 140 +++++++++--------- 2008/3xxx/CVE-2008-3611.json | 180 ++++++++++++------------ 2008/6xxx/CVE-2008-6414.json | 140 +++++++++--------- 2008/6xxx/CVE-2008-6515.json | 140 +++++++++--------- 2008/6xxx/CVE-2008-6672.json | 170 +++++++++++----------- 2008/7xxx/CVE-2008-7189.json | 140 +++++++++--------- 2008/7xxx/CVE-2008-7266.json | 160 ++++++++++----------- 2012/5xxx/CVE-2012-5159.json | 150 ++++++++++---------- 2012/5xxx/CVE-2012-5245.json | 34 ++--- 2017/11xxx/CVE-2017-11260.json | 160 ++++++++++----------- 2017/11xxx/CVE-2017-11460.json | 140 +++++++++--------- 2017/11xxx/CVE-2017-11632.json | 120 ++++++++-------- 2017/11xxx/CVE-2017-11896.json | 34 ++--- 2017/11xxx/CVE-2017-11980.json | 34 ++--- 2017/14xxx/CVE-2017-14065.json | 34 ++--- 2017/14xxx/CVE-2017-14642.json | 140 +++++++++--------- 2017/14xxx/CVE-2017-14720.json | 160 ++++++++++----------- 2017/15xxx/CVE-2017-15022.json | 140 +++++++++--------- 2017/15xxx/CVE-2017-15226.json | 120 ++++++++-------- 2017/15xxx/CVE-2017-15647.json | 120 ++++++++-------- 2017/3xxx/CVE-2017-3951.json | 34 ++--- 2017/8xxx/CVE-2017-8097.json | 34 ++--- 2017/8xxx/CVE-2017-8414.json | 34 ++--- 2018/12xxx/CVE-2018-12422.json | 130 ++++++++--------- 2018/12xxx/CVE-2018-12583.json | 130 ++++++++--------- 2018/12xxx/CVE-2018-12908.json | 130 ++++++++--------- 2018/13xxx/CVE-2018-13069.json | 120 ++++++++-------- 2018/13xxx/CVE-2018-13651.json | 130 ++++++++--------- 2018/13xxx/CVE-2018-13725.json | 130 ++++++++--------- 2018/13xxx/CVE-2018-13849.json | 130 ++++++++--------- 2018/13xxx/CVE-2018-13944.json | 34 ++--- 2018/16xxx/CVE-2018-16077.json | 34 ++--- 2018/16xxx/CVE-2018-16116.json | 34 ++--- 2018/16xxx/CVE-2018-16795.json | 34 ++--- 2018/17xxx/CVE-2018-17386.json | 34 ++--- 2018/17xxx/CVE-2018-17456.json | 240 +++++++++++++++---------------- 2018/17xxx/CVE-2018-17528.json | 34 ++--- 2018/4xxx/CVE-2018-4122.json | 200 +++++++++++++------------- 2018/4xxx/CVE-2018-4489.json | 34 ++--- 2018/4xxx/CVE-2018-4524.json | 34 ++--- 2018/4xxx/CVE-2018-4961.json | 140 +++++++++--------- 54 files changed, 3205 insertions(+), 3205 deletions(-) diff --git a/2004/0xxx/CVE-2004-0069.json b/2004/0xxx/CVE-2004-0069.json index afc4237f41d..f0a8248b9b6 100644 --- a/2004/0xxx/CVE-2004-0069.json +++ b/2004/0xxx/CVE-2004-0069.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0069", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040108 Windows FTP Server Format String Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107367110805273&w=2" - }, - { - "name" : "20040113 exploit for HD Soft Windows FTP Server 1.6", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107401398014761&w=2" - }, - { - "name" : "9385", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9385" - }, - { - "name" : "1008658", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1008658" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040108 Windows FTP Server Format String Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107367110805273&w=2" + }, + { + "name": "9385", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9385" + }, + { + "name": "20040113 exploit for HD Soft Windows FTP Server 1.6", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107401398014761&w=2" + }, + { + "name": "1008658", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1008658" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0677.json b/2004/0xxx/CVE-2004-0677.json index c9d7111bdb0..336d317dc91 100644 --- a/2004/0xxx/CVE-2004-0677.json +++ b/2004/0xxx/CVE-2004-0677.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0677", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive (\"A\")." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0677", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040704 Fastream NETFile FTP/Web Server Input validation Errors", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108904874104880&w=2" - }, - { - "name" : "fastream-cd-dos(16615)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16615" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive (\"A\")." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040704 Fastream NETFile FTP/Web Server Input validation Errors", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108904874104880&w=2" + }, + { + "name": "fastream-cd-dos(16615)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16615" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0894.json b/2004/0xxx/CVE-2004-0894.json index 10311cfa272..dc68fb2c244 100644 --- a/2004/0xxx/CVE-2004-0894.json +++ b/2004/0xxx/CVE-2004-0894.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0894", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0894", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS04-044", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044" - }, - { - "name" : "oval:org.mitre.oval:def:1888", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1888" - }, - { - "name" : "oval:org.mitre.oval:def:2062", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2062" - }, - { - "name" : "oval:org.mitre.oval:def:3312", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3312" - }, - { - "name" : "oval:org.mitre.oval:def:3325", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3325" - }, - { - "name" : "oval:org.mitre.oval:def:4368", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4368" - }, - { - "name" : "oval:org.mitre.oval:def:778", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A778" - }, - { - "name" : "win-lsass-gain-privileges(18340)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18340" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:4368", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4368" + }, + { + "name": "oval:org.mitre.oval:def:2062", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2062" + }, + { + "name": "oval:org.mitre.oval:def:3312", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3312" + }, + { + "name": "win-lsass-gain-privileges(18340)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18340" + }, + { + "name": "oval:org.mitre.oval:def:778", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A778" + }, + { + "name": "MS04-044", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044" + }, + { + "name": "oval:org.mitre.oval:def:3325", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3325" + }, + { + "name": "oval:org.mitre.oval:def:1888", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1888" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0961.json b/2004/0xxx/CVE-2004-0961.json index 83c0c8f87b7..bb8526d7bb8 100644 --- a/2004/0xxx/CVE-2004-0961.json +++ b/2004/0xxx/CVE-2004-0961.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "GLSA-200409-29", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200409-29.xml" - }, - { - "name" : "VU#541574", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/541574" - }, - { - "name" : "11222", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11222" - }, - { - "name" : "oval:org.mitre.oval:def:10024", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024" - }, - { - "name" : "freeradius-dos(17440)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200409-29", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200409-29.xml" + }, + { + "name": "oval:org.mitre.oval:def:10024", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024" + }, + { + "name": "11222", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11222" + }, + { + "name": "freeradius-dos(17440)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440" + }, + { + "name": "VU#541574", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/541574" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1337.json b/2004/1xxx/CVE-2004-1337.json index 6005da4ce85..984d882c60f 100644 --- a/2004/1xxx/CVE-2004-1337.json +++ b/2004/1xxx/CVE-2004-1337.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1337", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1337", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041223 Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110384535113035&w=2" - }, - { - "name" : "CLA-2005:930", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930" - }, - { - "name" : "12093", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12093" - }, - { - "name" : "linux-security-module-gain-privileges(18673)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "linux-security-module-gain-privileges(18673)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18673" + }, + { + "name": "20041223 Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110384535113035&w=2" + }, + { + "name": "CLA-2005:930", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930" + }, + { + "name": "12093", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12093" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1517.json b/2004/1xxx/CVE-2004-1517.json index 71e49966e66..d67db885e59 100644 --- a/2004/1xxx/CVE-2004-1517.json +++ b/2004/1xxx/CVE-2004-1517.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041111 Zone Labs IMsecure Active Link Filter Bypass", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110020607924001&w=2" - }, - { - "name" : "http://download.zonelabs.com/bin/free/securityAlert/16.html", - "refsource" : "CONFIRM", - "url" : "http://download.zonelabs.com/bin/free/securityAlert/16.html" - }, - { - "name" : "11662", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11662" - }, - { - "name" : "13169", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13169" - }, - { - "name" : "imsecure-active-link-bypass(18042)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18042" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20041111 Zone Labs IMsecure Active Link Filter Bypass", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110020607924001&w=2" + }, + { + "name": "imsecure-active-link-bypass(18042)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18042" + }, + { + "name": "11662", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11662" + }, + { + "name": "http://download.zonelabs.com/bin/free/securityAlert/16.html", + "refsource": "CONFIRM", + "url": "http://download.zonelabs.com/bin/free/securityAlert/16.html" + }, + { + "name": "13169", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13169" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2125.json b/2004/2xxx/CVE-2004-2125.json index dc096e24d74..fd52bcd1c66 100644 --- a/2004/2xxx/CVE-2004-2125.json +++ b/2004/2xxx/CVE-2004-2125.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107530966524193&w=2" - }, - { - "name" : "[ISSForum] 20040128 Third party BlackICE advisory", - "refsource" : "MLIST", - "url" : "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html" - }, - { - "name" : "9514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9514" - }, - { - "name" : "3740", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3740" - }, - { - "name" : "10739", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/10739" - }, - { - "name" : "blackice-blackdexe-bo(14965)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "blackice-blackdexe-bo(14965)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965" + }, + { + "name": "9514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9514" + }, + { + "name": "3740", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3740" + }, + { + "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107530966524193&w=2" + }, + { + "name": "[ISSForum] 20040128 Third party BlackICE advisory", + "refsource": "MLIST", + "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html" + }, + { + "name": "10739", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/10739" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2363.json b/2004/2xxx/CVE-2004-2363.json index c98168b6920..546880ab5bd 100644 --- a/2004/2xxx/CVE-2004-2363.json +++ b/2004/2xxx/CVE-2004-2363.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting (XSS) attacks via hex-encoded tags, which bypass the check for literal \"<\", \">\", \"(\", and \")\" characters, as demonstrated using the limit parameter to forums.php and a variety of other vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040504 Vulnerabilities In PHPX 3.26 And Earlier", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/362230" - }, - { - "name" : "http://www.phpx.org/project.php?action=view&project_id=1", - "refsource" : "MISC", - "url" : "http://www.phpx.org/project.php?action=view&project_id=1" - }, - { - "name" : "10283", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10283" - }, - { - "name" : "phpx-xss(16065)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16065" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting (XSS) attacks via hex-encoded tags, which bypass the check for literal \"<\", \">\", \"(\", and \")\" characters, as demonstrated using the limit parameter to forums.php and a variety of other vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpx.org/project.php?action=view&project_id=1", + "refsource": "MISC", + "url": "http://www.phpx.org/project.php?action=view&project_id=1" + }, + { + "name": "10283", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10283" + }, + { + "name": "phpx-xss(16065)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16065" + }, + { + "name": "20040504 Vulnerabilities In PHPX 3.26 And Earlier", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/362230" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2726.json b/2004/2xxx/CVE-2004-2726.json index f5e6cfb5668..2bd60286727 100644 --- a/2004/2xxx/CVE-2004-2726.json +++ b/2004/2xxx/CVE-2004-2726.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040516 RE: Remote Buffer Overflow in MailEnable HTTPMail", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2004-05/0159.html" - }, - { - "name" : "http://www.oliverkarow.de/research/MailWebHTTPAuthCrash.txt", - "refsource" : "MISC", - "url" : "http://www.oliverkarow.de/research/MailWebHTTPAuthCrash.txt" - }, - { - "name" : "11588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040516 RE: Remote Buffer Overflow in MailEnable HTTPMail", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2004-05/0159.html" + }, + { + "name": "11588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11588" + }, + { + "name": "http://www.oliverkarow.de/research/MailWebHTTPAuthCrash.txt", + "refsource": "MISC", + "url": "http://www.oliverkarow.de/research/MailWebHTTPAuthCrash.txt" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2040.json b/2008/2xxx/CVE-2008-2040.json index e15aadc8c15..383d4e9b3f9 100644 --- a/2008/2xxx/CVE-2008-2040.json +++ b/2008/2xxx/CVE-2008-2040.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680" - }, - { - "name" : "DSA-1582", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1582" - }, - { - "name" : "DSA-1583", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1583" - }, - { - "name" : "GLSA-200807-11", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200807-11.xml" - }, - { - "name" : "28986", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28986" - }, - { - "name" : "ADV-2008-1409", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1409/references" - }, - { - "name" : "ADV-2008-1410", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1410/references" - }, - { - "name" : "29962", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29962" - }, - { - "name" : "30020", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30020" - }, - { - "name" : "30320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30320" - }, - { - "name" : "30325", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30325" - }, - { - "name" : "31182", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31182" - }, - { - "name" : "peercast-httpgetauthuserpass-bo(42092)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200807-11", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200807-11.xml" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680" + }, + { + "name": "30020", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30020" + }, + { + "name": "DSA-1583", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1583" + }, + { + "name": "30325", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30325" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573" + }, + { + "name": "29962", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29962" + }, + { + "name": "peercast-httpgetauthuserpass-bo(42092)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092" + }, + { + "name": "DSA-1582", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1582" + }, + { + "name": "ADV-2008-1410", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1410/references" + }, + { + "name": "30320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30320" + }, + { + "name": "31182", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31182" + }, + { + "name": "ADV-2008-1409", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1409/references" + }, + { + "name": "28986", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28986" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2041.json b/2008/2xxx/CVE-2008-2041.json index 73484ac415f..518d411bbae 100644 --- a/2008/2xxx/CVE-2008-2041.json +++ b/2008/2xxx/CVE-2008-2041.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and \"grave\" impact when the web server has write access to a directory under the web document root." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.egroupware.org/news", - "refsource" : "CONFIRM", - "url" : "http://www.egroupware.org/news" - }, - { - "name" : "GLSA-200805-04", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-04.xml" - }, - { - "name" : "28817", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28817" - }, - { - "name" : "30073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30073" - }, - { - "name" : "egroupware-webserver-unspecified(42141)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42141" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and \"grave\" impact when the web server has write access to a directory under the web document root." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28817", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28817" + }, + { + "name": "egroupware-webserver-unspecified(42141)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42141" + }, + { + "name": "30073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30073" + }, + { + "name": "GLSA-200805-04", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-04.xml" + }, + { + "name": "http://www.egroupware.org/news", + "refsource": "CONFIRM", + "url": "http://www.egroupware.org/news" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2269.json b/2008/2xxx/CVE-2008-2269.json index e08b6ff8738..9143a9ad73d 100644 --- a/2008/2xxx/CVE-2008-2269.json +++ b/2008/2xxx/CVE-2008-2269.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2269", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers to bypass authentication and gain privileges by setting the gastracker_admin cookie to TRUE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2269", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5615", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5615" - }, - { - "name" : "29224", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29224" - }, - { - "name" : "30266", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30266" - }, - { - "name" : "asgastracker-admin-security-bypass(42435)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42435" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers to bypass authentication and gain privileges by setting the gastracker_admin cookie to TRUE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30266", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30266" + }, + { + "name": "29224", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29224" + }, + { + "name": "asgastracker-admin-security-bypass(42435)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42435" + }, + { + "name": "5615", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5615" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2508.json b/2008/2xxx/CVE-2008-2508.json index fac75a0cc88..e47c70ef61e 100644 --- a/2008/2xxx/CVE-2008-2508.json +++ b/2008/2xxx/CVE-2008-2508.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2508", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the \"nb\" parameter in voir mode." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2508", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.z0rlu.ownspace.org/index.php?/archives/91-TR-News-v2.1-xss.html", - "refsource" : "MISC", - "url" : "http://www.z0rlu.ownspace.org/index.php?/archives/91-TR-News-v2.1-xss.html" - }, - { - "name" : "29388", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29388" - }, - { - "name" : "trscriptnews-news-xss(42648)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42648" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the \"nb\" parameter in voir mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29388", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29388" + }, + { + "name": "http://www.z0rlu.ownspace.org/index.php?/archives/91-TR-News-v2.1-xss.html", + "refsource": "MISC", + "url": "http://www.z0rlu.ownspace.org/index.php?/archives/91-TR-News-v2.1-xss.html" + }, + { + "name": "trscriptnews-news-xss(42648)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42648" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2700.json b/2008/2xxx/CVE-2008-2700.json index 907a927fc71..6293d321a76 100644 --- a/2008/2xxx/CVE-2008-2700.json +++ b/2008/2xxx/CVE-2008-2700.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5760", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5760" - }, - { - "name" : "46443", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46443" - }, - { - "name" : "galatolo-view-sql-injection(42934)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42934" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46443", + "refsource": "OSVDB", + "url": "http://osvdb.org/46443" + }, + { + "name": "galatolo-view-sql-injection(42934)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42934" + }, + { + "name": "5760", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5760" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3611.json b/2008/3xxx/CVE-2008-3611.json index c59ac6029fc..9456263a30b 100644 --- a/2008/3xxx/CVE-2008-3611.json +++ b/2008/3xxx/CVE-2008-3611.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3611", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user makes a password-change attempt that is denied by policy, which allows opportunistic, physically proximate attackers to bypass authentication and change this user's password by later entering an acceptable new password on the same login screen." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3611", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2008-09-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" - }, - { - "name" : "TA08-260A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" - }, - { - "name" : "31189", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31189" - }, - { - "name" : "ADV-2008-2584", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2584" - }, - { - "name" : "1020878", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1020878" - }, - { - "name" : "31882", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31882" - }, - { - "name" : "macos-loginscreen-security-bypass(45171)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user makes a password-change attempt that is denied by policy, which allows opportunistic, physically proximate attackers to bypass authentication and change this user's password by later entering an acceptable new password on the same login screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31189", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31189" + }, + { + "name": "APPLE-SA-2008-09-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" + }, + { + "name": "TA08-260A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" + }, + { + "name": "1020878", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1020878" + }, + { + "name": "ADV-2008-2584", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2584" + }, + { + "name": "31882", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31882" + }, + { + "name": "macos-loginscreen-security-bypass(45171)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45171" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6414.json b/2008/6xxx/CVE-2008-6414.json index ff667a50bdd..76f82e652f8 100644 --- a/2008/6xxx/CVE-2008-6414.json +++ b/2008/6xxx/CVE-2008-6414.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6550", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6550" - }, - { - "name" : "31362", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31362" - }, - { - "name" : "ajauctionpro-detail-sql-injection(45399)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45399" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31362", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31362" + }, + { + "name": "6550", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6550" + }, + { + "name": "ajauctionpro-detail-sql-injection(45399)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45399" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6515.json b/2008/6xxx/CVE-2008-6515.json index aa91b39146e..a51a06063dc 100644 --- a/2008/6xxx/CVE-2008-6515.json +++ b/2008/6xxx/CVE-2008-6515.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6515", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6515", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt" - }, - { - "name" : "32623", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32623" - }, - { - "name" : "yappang-querystring-xss(49494)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49494" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "yappang-querystring-xss(49494)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49494" + }, + { + "name": "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt" + }, + { + "name": "32623", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32623" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6672.json b/2008/6xxx/CVE-2008-6672.json index a2c158d90fe..31e60188900 100644 --- a/2008/6xxx/CVE-2008-6672.json +++ b/2008/6xxx/CVE-2008-6672.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (\"runtime error\") via a crafted join packet to UDP port 27960, probably related to an invalid nickname command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aluigi.altervista.org/adv/sunagex-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/sunagex-adv.txt" - }, - { - "name" : "http://aluigi.org/poc/sunagex.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/sunagex.zip" - }, - { - "name" : "29889", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29889" - }, - { - "name" : "30823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30823" - }, - { - "name" : "ADV-2008-1903", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1903/references" - }, - { - "name" : "sunage-unspecified-dos(43249)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43249" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (\"runtime error\") via a crafted join packet to UDP port 27960, probably related to an invalid nickname command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2008-1903", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1903/references" + }, + { + "name": "sunage-unspecified-dos(43249)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43249" + }, + { + "name": "30823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30823" + }, + { + "name": "29889", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29889" + }, + { + "name": "http://aluigi.org/poc/sunagex.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/sunagex.zip" + }, + { + "name": "http://aluigi.altervista.org/adv/sunagex-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/sunagex-adv.txt" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7189.json b/2008/7xxx/CVE-2008-7189.json index 3e35a64e13f..f0f0eafc99d 100644 --- a/2008/7xxx/CVE-2008-7189.json +++ b/2008/7xxx/CVE-2008-7189.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to \"Security holes.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[fm-news] 20080113 Newsletter for Saturday, January 12th 2008", - "refsource" : "MLIST", - "url" : "http://archives.neohapsis.com/archives/apps/freshmeat/2008-01/0019.html" - }, - { - "name" : "http://freshmeat.net/projects/localmediabrowser/releases/269578", - "refsource" : "CONFIRM", - "url" : "http://freshmeat.net/projects/localmediabrowser/releases/269578" - }, - { - "name" : "40529", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40529" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to \"Security holes.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40529", + "refsource": "OSVDB", + "url": "http://osvdb.org/40529" + }, + { + "name": "[fm-news] 20080113 Newsletter for Saturday, January 12th 2008", + "refsource": "MLIST", + "url": "http://archives.neohapsis.com/archives/apps/freshmeat/2008-01/0019.html" + }, + { + "name": "http://freshmeat.net/projects/localmediabrowser/releases/269578", + "refsource": "CONFIRM", + "url": "http://freshmeat.net/projects/localmediabrowser/releases/269578" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7266.json b/2008/7xxx/CVE-2008-7266.json index b391525db38..fffac89c820 100644 --- a/2008/7xxx/CVE-2008-7266.json +++ b/2008/7xxx/CVE-2008-7266.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7266", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in RSA Adaptive Authentication 2.x and 5.7.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7266", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20101123 ESA-2010-019: RSA, The Security Division of EMC, is reissuing this advisory regarding a potential cross-site scripting vulnerability that has been identified in RSAR Adaptive Authentication (On Premise) versions 2.x and 5.7.x. Patch 105162", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/514869/100/0/threaded" - }, - { - "name" : "https://knowledge.rsasecurity.com/scolcms/set.aspx?id=8192", - "refsource" : "CONFIRM", - "url" : "https://knowledge.rsasecurity.com/scolcms/set.aspx?id=8192" - }, - { - "name" : "1024775", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024775" - }, - { - "name" : "42332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42332" - }, - { - "name" : "ADV-2010-3055", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3055" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in RSA Adaptive Authentication 2.x and 5.7.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://knowledge.rsasecurity.com/scolcms/set.aspx?id=8192", + "refsource": "CONFIRM", + "url": "https://knowledge.rsasecurity.com/scolcms/set.aspx?id=8192" + }, + { + "name": "42332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42332" + }, + { + "name": "20101123 ESA-2010-019: RSA, The Security Division of EMC, is reissuing this advisory regarding a potential cross-site scripting vulnerability that has been identified in RSAR Adaptive Authentication (On Premise) versions 2.x and 5.7.x. Patch 105162", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/514869/100/0/threaded" + }, + { + "name": "1024775", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024775" + }, + { + "name": "ADV-2010-3055", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3055" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5159.json b/2012/5xxx/CVE-2012-5159.json index 09aa1889ece..590ac0f470e 100644 --- a/2012/5xxx/CVE-2012-5159.json +++ b/2012/5xxx/CVE-2012-5159.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5159", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5159", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20120925 Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2012/q3/562" - }, - { - "name" : "http://sourceforge.net/blog/phpmyadmin-back-door/", - "refsource" : "MISC", - "url" : "http://sourceforge.net/blog/phpmyadmin-back-door/" - }, - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php" - }, - { - "name" : "55672", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/55672" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55672", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/55672" + }, + { + "name": "[oss-security] 20120925 Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2012/q3/562" + }, + { + "name": "http://sourceforge.net/blog/phpmyadmin-back-door/", + "refsource": "MISC", + "url": "http://sourceforge.net/blog/phpmyadmin-back-door/" + }, + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5245.json b/2012/5xxx/CVE-2012-5245.json index 6cc9daa270e..1c96891d1c5 100644 --- a/2012/5xxx/CVE-2012-5245.json +++ b/2012/5xxx/CVE-2012-5245.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5245", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5245", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11260.json b/2017/11xxx/CVE-2017-11260.json index a0512eb804d..fde1dba75c0 100644 --- a/2017/11xxx/CVE-2017-11260.json +++ b/2017/11xxx/CVE-2017-11260.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-11260", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Acrobat Reader", - "version" : { - "version_data" : [ - { - "version_value" : "2017.009.20058 and earlier" - }, - { - "version_value" : "2017.008.30051 and earlier" - }, - { - "version_value" : "2015.006.30306 and earlier" - }, - { - "version_value" : "11.0.20 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Adobe Systems Incorporated" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-11260", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "2017.009.20058 and earlier" + }, + { + "version_value": "2017.008.30051 and earlier" + }, + { + "version_value": "2015.006.30306 and earlier" + }, + { + "version_value": "11.0.20 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Adobe Systems Incorporated" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" - }, - { - "name" : "100179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100179" - }, - { - "name" : "1039098", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" + }, + { + "name": "1039098", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039098" + }, + { + "name": "100179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100179" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11460.json b/2017/11xxx/CVE-2017-11460.json index 31570958160..fd3e7de6afd 100644 --- a/2017/11xxx/CVE-2017-11460.json +++ b/2017/11xxx/CVE-2017-11460.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11460", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11460", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://erpscan.io/advisories/erpscan-17-016-sap-netweaver-java-7-4-dataarchivingservice-servlet-xss/", - "refsource" : "MISC", - "url" : "https://erpscan.io/advisories/erpscan-17-016-sap-netweaver-java-7-4-dataarchivingservice-servlet-xss/" - }, - { - "name" : "97565", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97565" - }, - { - "name" : "101826", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101826" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://erpscan.io/advisories/erpscan-17-016-sap-netweaver-java-7-4-dataarchivingservice-servlet-xss/", + "refsource": "MISC", + "url": "https://erpscan.io/advisories/erpscan-17-016-sap-netweaver-java-7-4-dataarchivingservice-servlet-xss/" + }, + { + "name": "97565", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97565" + }, + { + "name": "101826", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101826" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11632.json b/2017/11xxx/CVE-2017-11632.json index f48596d7476..5ad2d031193 100644 --- a/2017/11xxx/CVE-2017-11632.json +++ b/2017/11xxx/CVE-2017-11632.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered on Wireless IP Camera 360 devices. A root account with a known SHA-512 password hash exists, which makes it easier for remote attackers to obtain administrative access via a TELNET session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/eloygn/IT_Security_Research_WirelessIP_camera_family", - "refsource" : "MISC", - "url" : "https://github.com/eloygn/IT_Security_Research_WirelessIP_camera_family" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on Wireless IP Camera 360 devices. A root account with a known SHA-512 password hash exists, which makes it easier for remote attackers to obtain administrative access via a TELNET session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/eloygn/IT_Security_Research_WirelessIP_camera_family", + "refsource": "MISC", + "url": "https://github.com/eloygn/IT_Security_Research_WirelessIP_camera_family" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11896.json b/2017/11xxx/CVE-2017-11896.json index e702814f8ac..a1377a61f5c 100644 --- a/2017/11xxx/CVE-2017-11896.json +++ b/2017/11xxx/CVE-2017-11896.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11896", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11896", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11980.json b/2017/11xxx/CVE-2017-11980.json index 046a2188eea..76c02be41ef 100644 --- a/2017/11xxx/CVE-2017-11980.json +++ b/2017/11xxx/CVE-2017-11980.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11980", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11980", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14065.json b/2017/14xxx/CVE-2017-14065.json index bbd534a81d0..7c648279243 100644 --- a/2017/14xxx/CVE-2017-14065.json +++ b/2017/14xxx/CVE-2017-14065.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14065", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14065", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14642.json b/2017/14xxx/CVE-2017-14642.json index 1d339a03034..590b3f58fcb 100644 --- a/2017/14xxx/CVE-2017-14642.json +++ b/2017/14xxx/CVE-2017-14642.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_stdcfilebytestreamreadpartial-ap4stdcfilebytestream-cpp/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_stdcfilebytestreamreadpartial-ap4stdcfilebytestream-cpp/" - }, - { - "name" : "https://github.com/axiomatic-systems/Bento4/commit/22192de5367fa0cee985917f092be4060b7c00b0", - "refsource" : "MISC", - "url" : "https://github.com/axiomatic-systems/Bento4/commit/22192de5367fa0cee985917f092be4060b7c00b0" - }, - { - "name" : "https://github.com/axiomatic-systems/Bento4/issues/185", - "refsource" : "MISC", - "url" : "https://github.com/axiomatic-systems/Bento4/issues/185" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/axiomatic-systems/Bento4/issues/185", + "refsource": "MISC", + "url": "https://github.com/axiomatic-systems/Bento4/issues/185" + }, + { + "name": "https://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_stdcfilebytestreamreadpartial-ap4stdcfilebytestream-cpp/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_stdcfilebytestreamreadpartial-ap4stdcfilebytestream-cpp/" + }, + { + "name": "https://github.com/axiomatic-systems/Bento4/commit/22192de5367fa0cee985917f092be4060b7c00b0", + "refsource": "MISC", + "url": "https://github.com/axiomatic-systems/Bento4/commit/22192de5367fa0cee985917f092be4060b7c00b0" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14720.json b/2017/14xxx/CVE-2017-14720.json index e76b1de1405..300412758d2 100644 --- a/2017/14xxx/CVE-2017-14720.json +++ b/2017/14xxx/CVE-2017-14720.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://core.trac.wordpress.org/changeset/41412", - "refsource" : "MISC", - "url" : "https://core.trac.wordpress.org/changeset/41412" - }, - { - "name" : "https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/", - "refsource" : "MISC", - "url" : "https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/" - }, - { - "name" : "DSA-3997", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2017/dsa-3997" - }, - { - "name" : "100912", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100912" - }, - { - "name" : "1039553", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3997", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2017/dsa-3997" + }, + { + "name": "100912", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100912" + }, + { + "name": "1039553", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039553" + }, + { + "name": "https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/", + "refsource": "MISC", + "url": "https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/" + }, + { + "name": "https://core.trac.wordpress.org/changeset/41412", + "refsource": "MISC", + "url": "https://core.trac.wordpress.org/changeset/41412" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15022.json b/2017/15xxx/CVE-2017-15022.json index e19cb61ec49..ad954d248c3 100644 --- a/2017/15xxx/CVE-2017-15022.json +++ b/2017/15xxx/CVE-2017-15022.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22201", - "refsource" : "MISC", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22201" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8", - "refsource" : "MISC", - "url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8", + "refsource": "MISC", + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22201", + "refsource": "MISC", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22201" + }, + { + "name": "https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15226.json b/2017/15xxx/CVE-2017-15226.json index e3a81dbd96d..433bdb43e04 100644 --- a/2017/15xxx/CVE-2017-15226.json +++ b/2017/15xxx/CVE-2017-15226.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15226", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15226", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.secarma.co.uk/labs/sohopelessly-broken-0-day-strategy/", - "refsource" : "MISC", - "url" : "https://www.secarma.co.uk/labs/sohopelessly-broken-0-day-strategy/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.secarma.co.uk/labs/sohopelessly-broken-0-day-strategy/", + "refsource": "MISC", + "url": "https://www.secarma.co.uk/labs/sohopelessly-broken-0-day-strategy/" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15647.json b/2017/15xxx/CVE-2017-15647.json index c76bca4305a..a0a5c67cc85 100644 --- a/2017/15xxx/CVE-2017-15647.json +++ b/2017/15xxx/CVE-2017-15647.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.securiteam.com/index.php/archives/3472", - "refsource" : "MISC", - "url" : "https://blogs.securiteam.com/index.php/archives/3472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.securiteam.com/index.php/archives/3472", + "refsource": "MISC", + "url": "https://blogs.securiteam.com/index.php/archives/3472" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3951.json b/2017/3xxx/CVE-2017-3951.json index a188dbf4616..54e520b09b8 100644 --- a/2017/3xxx/CVE-2017-3951.json +++ b/2017/3xxx/CVE-2017-3951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3951", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-3951", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8097.json b/2017/8xxx/CVE-2017-8097.json index bdb62749fdb..99cd5fc1be9 100644 --- a/2017/8xxx/CVE-2017-8097.json +++ b/2017/8xxx/CVE-2017-8097.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8097", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8097", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8414.json b/2017/8xxx/CVE-2017-8414.json index 08c71860b0d..39a4b1be554 100644 --- a/2017/8xxx/CVE-2017-8414.json +++ b/2017/8xxx/CVE-2017-8414.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8414", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8414", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12422.json b/2018/12xxx/CVE-2018-12422.json index 4c65e2c138d..df3dd3402d3 100644 --- a/2018/12xxx/CVE-2018-12422.json +++ b/2018/12xxx/CVE-2018-12422.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12422", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because \"the code had computed the required string length first, and then allocated a large-enough buffer on the heap.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=796174", - "refsource" : "MISC", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=796174" - }, - { - "name" : "https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173", - "refsource" : "MISC", - "url" : "https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because \"the code had computed the required string length first, and then allocated a large-enough buffer on the heap.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=796174", + "refsource": "MISC", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=796174" + }, + { + "name": "https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173", + "refsource": "MISC", + "url": "https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12583.json b/2018/12xxx/CVE-2018-12583.json index 451326426da..1b912808d2b 100644 --- a/2018/12xxx/CVE-2018-12583.json +++ b/2018/12xxx/CVE-2018-12583.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in AKCMS 6.1. CSRF can delete an article via an admincp deleteitem action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/chenrui1896/issue/blob/master/del_article", - "refsource" : "MISC", - "url" : "https://github.com/chenrui1896/issue/blob/master/del_article" - }, - { - "name" : "https://github.com/p8w/akcms/issues/2", - "refsource" : "MISC", - "url" : "https://github.com/p8w/akcms/issues/2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in AKCMS 6.1. CSRF can delete an article via an admincp deleteitem action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/p8w/akcms/issues/2", + "refsource": "MISC", + "url": "https://github.com/p8w/akcms/issues/2" + }, + { + "name": "https://github.com/chenrui1896/issue/blob/master/del_article", + "refsource": "MISC", + "url": "https://github.com/chenrui1896/issue/blob/master/del_article" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12908.json b/2018/12xxx/CVE-2018-12908.json index 9cc91b099e3..990b499066c 100644 --- a/2018/12xxx/CVE-2018-12908.json +++ b/2018/12xxx/CVE-2018-12908.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12908", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Brynamics \"Online Trade - Online trading and cryptocurrency investment system\" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44977", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44977/" - }, - { - "name" : "https://cxsecurity.com/issue/WLB-2018060325", - "refsource" : "MISC", - "url" : "https://cxsecurity.com/issue/WLB-2018060325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Brynamics \"Online Trade - Online trading and cryptocurrency investment system\" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44977", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44977/" + }, + { + "name": "https://cxsecurity.com/issue/WLB-2018060325", + "refsource": "MISC", + "url": "https://cxsecurity.com/issue/WLB-2018060325" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13069.json b/2018/13xxx/CVE-2018-13069.json index 018550bdb17..488cebb4e90 100644 --- a/2018/13xxx/CVE-2018-13069.json +++ b/2018/13xxx/CVE-2018-13069.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13069", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/VenusADLab/EtherTokens/blob/master/DYC/DYC.md", - "refsource" : "MISC", - "url" : "https://github.com/VenusADLab/EtherTokens/blob/master/DYC/DYC.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/VenusADLab/EtherTokens/blob/master/DYC/DYC.md", + "refsource": "MISC", + "url": "https://github.com/VenusADLab/EtherTokens/blob/master/DYC/DYC.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13651.json b/2018/13xxx/CVE-2018-13651.json index a4e2cb92b91..1f0c7210ed6 100644 --- a/2018/13xxx/CVE-2018-13651.json +++ b/2018/13xxx/CVE-2018-13651.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" - }, - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MicoinNetworkToken", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MicoinNetworkToken" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" + }, + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MicoinNetworkToken", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MicoinNetworkToken" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13725.json b/2018/13xxx/CVE-2018-13725.json index 8a7afa5a8d8..8a45e2dc985 100644 --- a/2018/13xxx/CVE-2018-13725.json +++ b/2018/13xxx/CVE-2018-13725.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" - }, - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/GlobalSuperGameToken", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/GlobalSuperGameToken" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" + }, + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/GlobalSuperGameToken", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/GlobalSuperGameToken" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13849.json b/2018/13xxx/CVE-2018-13849.json index 37e59a7f87a..27d0fb577b9 100644 --- a/2018/13xxx/CVE-2018-13849.json +++ b/2018/13xxx/CVE-2018-13849.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45003", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45003/" - }, - { - "name" : "https://cxsecurity.com/issue/WLB-2018070095", - "refsource" : "MISC", - "url" : "https://cxsecurity.com/issue/WLB-2018070095" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45003", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45003/" + }, + { + "name": "https://cxsecurity.com/issue/WLB-2018070095", + "refsource": "MISC", + "url": "https://cxsecurity.com/issue/WLB-2018070095" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13944.json b/2018/13xxx/CVE-2018-13944.json index 2f35e87611f..80557636d1e 100644 --- a/2018/13xxx/CVE-2018-13944.json +++ b/2018/13xxx/CVE-2018-13944.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13944", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13944", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16077.json b/2018/16xxx/CVE-2018-16077.json index 8a6b9e7adcd..7dac374838c 100644 --- a/2018/16xxx/CVE-2018-16077.json +++ b/2018/16xxx/CVE-2018-16077.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16077", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16077", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16116.json b/2018/16xxx/CVE-2018-16116.json index 1d4be6f82cb..1ac0aa2477f 100644 --- a/2018/16xxx/CVE-2018-16116.json +++ b/2018/16xxx/CVE-2018-16116.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16116", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16116", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16795.json b/2018/16xxx/CVE-2018-16795.json index 83e737514a2..78038f78fa6 100644 --- a/2018/16xxx/CVE-2018-16795.json +++ b/2018/16xxx/CVE-2018-16795.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16795", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16795", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17386.json b/2018/17xxx/CVE-2018-17386.json index abbf7cda9bb..90af55c4964 100644 --- a/2018/17xxx/CVE-2018-17386.json +++ b/2018/17xxx/CVE-2018-17386.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17386", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17386", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17456.json b/2018/17xxx/CVE-2018-17456.json index f23f2b8b347..52ab27b20d2 100644 --- a/2018/17xxx/CVE-2018-17456.json +++ b/2018/17xxx/CVE-2018-17456.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45548", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45548/" - }, - { - "name" : "45631", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45631/" - }, - { - "name" : "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404", - "refsource" : "MISC", - "url" : "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404" - }, - { - "name" : "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46", - "refsource" : "MISC", - "url" : "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46" - }, - { - "name" : "https://marc.info/?l=git&m=153875888916397&w=2", - "refsource" : "MISC", - "url" : "https://marc.info/?l=git&m=153875888916397&w=2" - }, - { - "name" : "https://www.openwall.com/lists/oss-security/2018/10/06/3", - "refsource" : "MISC", - "url" : "https://www.openwall.com/lists/oss-security/2018/10/06/3" - }, - { - "name" : "DSA-4311", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4311" - }, - { - "name" : "RHSA-2018:3408", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3408" - }, - { - "name" : "RHSA-2018:3505", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3505" - }, - { - "name" : "RHSA-2018:3541", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3541" - }, - { - "name" : "USN-3791-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3791-1/" - }, - { - "name" : "105523", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105523" - }, - { - "name" : "1041811", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041811" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45631", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45631/" + }, + { + "name": "105523", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105523" + }, + { + "name": "1041811", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041811" + }, + { + "name": "DSA-4311", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4311" + }, + { + "name": "RHSA-2018:3505", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3505" + }, + { + "name": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404", + "refsource": "MISC", + "url": "https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404" + }, + { + "name": "45548", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45548/" + }, + { + "name": "RHSA-2018:3541", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3541" + }, + { + "name": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46", + "refsource": "MISC", + "url": "https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46" + }, + { + "name": "RHSA-2018:3408", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3408" + }, + { + "name": "https://marc.info/?l=git&m=153875888916397&w=2", + "refsource": "MISC", + "url": "https://marc.info/?l=git&m=153875888916397&w=2" + }, + { + "name": "https://www.openwall.com/lists/oss-security/2018/10/06/3", + "refsource": "MISC", + "url": "https://www.openwall.com/lists/oss-security/2018/10/06/3" + }, + { + "name": "USN-3791-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3791-1/" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17528.json b/2018/17xxx/CVE-2018-17528.json index 54c61e6704b..9f0f037550e 100644 --- a/2018/17xxx/CVE-2018-17528.json +++ b/2018/17xxx/CVE-2018-17528.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17528", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17528", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4122.json b/2018/4xxx/CVE-2018-4122.json index 2ff826a764b..8e1fe00e9e4 100644 --- a/2018/4xxx/CVE-2018-4122.json +++ b/2018/4xxx/CVE-2018-4122.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2018-4122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2018-4122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT208693", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208693" - }, - { - "name" : "https://support.apple.com/HT208694", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208694" - }, - { - "name" : "https://support.apple.com/HT208695", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208695" - }, - { - "name" : "https://support.apple.com/HT208696", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208696" - }, - { - "name" : "https://support.apple.com/HT208697", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208697" - }, - { - "name" : "https://support.apple.com/HT208698", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208698" - }, - { - "name" : "GLSA-201808-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201808-04" - }, - { - "name" : "USN-3635-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3635-1/" - }, - { - "name" : "1040604", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040604", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040604" + }, + { + "name": "https://support.apple.com/HT208698", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208698" + }, + { + "name": "GLSA-201808-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201808-04" + }, + { + "name": "https://support.apple.com/HT208696", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208696" + }, + { + "name": "https://support.apple.com/HT208693", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208693" + }, + { + "name": "https://support.apple.com/HT208694", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208694" + }, + { + "name": "https://support.apple.com/HT208697", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208697" + }, + { + "name": "USN-3635-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3635-1/" + }, + { + "name": "https://support.apple.com/HT208695", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208695" + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4489.json b/2018/4xxx/CVE-2018-4489.json index 05a738711d2..a3859d0f54c 100644 --- a/2018/4xxx/CVE-2018-4489.json +++ b/2018/4xxx/CVE-2018-4489.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4489", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4489", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4524.json b/2018/4xxx/CVE-2018-4524.json index 01eec8fcd95..5a8dc5b8fe8 100644 --- a/2018/4xxx/CVE-2018-4524.json +++ b/2018/4xxx/CVE-2018-4524.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4524", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4524", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4961.json b/2018/4xxx/CVE-2018-4961.json index 01ae5093453..81a98e17fc1 100644 --- a/2018/4xxx/CVE-2018-4961.json +++ b/2018/4xxx/CVE-2018-4961.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2018-4961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use-after-free" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2018-4961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html", - "refsource" : "MISC", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html" - }, - { - "name" : "104169", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104169" - }, - { - "name" : "1040920", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040920" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-after-free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104169", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104169" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html", + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html" + }, + { + "name": "1040920", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040920" + } + ] + } +} \ No newline at end of file