diff --git a/2006/0xxx/CVE-2006-0396.json b/2006/0xxx/CVE-2006-0396.json index b6f0b199a46..e386d584aea 100644 --- a/2006/0xxx/CVE-2006-0396.json +++ b/2006/0xxx/CVE-2006-0396.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060314 DMA[2006-0313a] - 'Apple OSX Mail.app RFC1740 Real Name Buffer Overflow'", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/427601/100/0/threaded" - }, - { - "name" : "http://www.digitalmunition.com/DMA%5B2006-0313a%5D.txt", - "refsource" : "MISC", - "url" : "http://www.digitalmunition.com/DMA%5B2006-0313a%5D.txt" - }, - { - "name" : "APPLE-SA-2006-03-13", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=303453", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=303453" - }, - { - "name" : "VU#980084", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/980084" - }, - { - "name" : "17081", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17081" - }, - { - "name" : "ADV-2006-0949", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0949" - }, - { - "name" : "23872", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23872" - }, - { - "name" : "1015762", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015762" - }, - { - "name" : "19129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19129" - }, - { - "name" : "macosx-mail-attachment-bo(25209)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17081", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17081" + }, + { + "name": "23872", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23872" + }, + { + "name": "ADV-2006-0949", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0949" + }, + { + "name": "1015762", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015762" + }, + { + "name": "VU#980084", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/980084" + }, + { + "name": "macosx-mail-attachment-bo(25209)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25209" + }, + { + "name": "19129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19129" + }, + { + "name": "http://www.digitalmunition.com/DMA%5B2006-0313a%5D.txt", + "refsource": "MISC", + "url": "http://www.digitalmunition.com/DMA%5B2006-0313a%5D.txt" + }, + { + "name": "APPLE-SA-2006-03-13", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=303453", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=303453" + }, + { + "name": "20060314 DMA[2006-0313a] - 'Apple OSX Mail.app RFC1740 Real Name Buffer Overflow'", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/427601/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0533.json b/2006/0xxx/CVE-2006-0533.json index 19303d7fc61..0f1bf41d070 100644 --- a/2006/0xxx/CVE-2006-0533.json +++ b/2006/0xxx/CVE-2006-0533.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0533", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0533", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060203 Re: cPanel Multiple Cross Site Scripting", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=113894933522271&w=2" - }, - { - "name" : "ADV-2006-0433", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0433" - }, - { - "name" : "22906", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22906" - }, - { - "name" : "18691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18691" - }, - { - "name" : "cpanel-scripts-xss(24468)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24468" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-0433", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0433" + }, + { + "name": "cpanel-scripts-xss(24468)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24468" + }, + { + "name": "20060203 Re: cPanel Multiple Cross Site Scripting", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=113894933522271&w=2" + }, + { + "name": "22906", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22906" + }, + { + "name": "18691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18691" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0634.json b/2006/0xxx/CVE-2006-0634.json index ed76cc61d6f..9fed709e991 100644 --- a/2006/0xxx/CVE-2006-0634.json +++ b/2006/0xxx/CVE-2006-0634.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the \"i>sizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060206 [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/424085/100/0/threaded" - }, - { - "name" : "http://www.xfocus.net/releases/200602/a849.html", - "refsource" : "MISC", - "url" : "http://www.xfocus.net/releases/200602/a849.html" - }, - { - "name" : "22953", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22953" - }, - { - "name" : "1015588", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015588" - }, - { - "name" : "bcb-compiler-integer-overflow(24514)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the \"i>sizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22953", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22953" + }, + { + "name": "20060206 [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/424085/100/0/threaded" + }, + { + "name": "bcb-compiler-integer-overflow(24514)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24514" + }, + { + "name": "1015588", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015588" + }, + { + "name": "http://www.xfocus.net/releases/200602/a849.html", + "refsource": "MISC", + "url": "http://www.xfocus.net/releases/200602/a849.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1193.json b/2006/1xxx/CVE-2006-1193.json index c0b079fd8f1..ee082bca7d5 100644 --- a/2006/1xxx/CVE-2006-1193.json +++ b/2006/1xxx/CVE-2006-1193.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1193", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to \"HTML parsing.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2006-1193", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060614 SEC Consult SA-20060613-0 :: Outlook Web Access Cross Site Scripting Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046892.html" - }, - { - "name" : "http://www.sec-consult.com/fileadmin/Advisories/20060613-0_owa_xss_noexploit.txt", - "refsource" : "MISC", - "url" : "http://www.sec-consult.com/fileadmin/Advisories/20060613-0_owa_xss_noexploit.txt" - }, - { - "name" : "MS06-029", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-029" - }, - { - "name" : "TA06-164A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" - }, - { - "name" : "VU#138188", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/138188" - }, - { - "name" : "18381", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18381" - }, - { - "name" : "ADV-2006-2326", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2326" - }, - { - "name" : "26441", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26441" - }, - { - "name" : "oval:org.mitre.oval:def:1070", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1070" - }, - { - "name" : "oval:org.mitre.oval:def:1161", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1161" - }, - { - "name" : "oval:org.mitre.oval:def:1315", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1315" - }, - { - "name" : "1016280", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016280" - }, - { - "name" : "20634", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20634" - }, - { - "name" : "exchange-owa-xss(25550)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25550" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to \"HTML parsing.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1016280", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016280" + }, + { + "name": "20060614 SEC Consult SA-20060613-0 :: Outlook Web Access Cross Site Scripting Vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046892.html" + }, + { + "name": "26441", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26441" + }, + { + "name": "exchange-owa-xss(25550)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25550" + }, + { + "name": "TA06-164A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" + }, + { + "name": "18381", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18381" + }, + { + "name": "ADV-2006-2326", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2326" + }, + { + "name": "oval:org.mitre.oval:def:1161", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1161" + }, + { + "name": "oval:org.mitre.oval:def:1070", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1070" + }, + { + "name": "http://www.sec-consult.com/fileadmin/Advisories/20060613-0_owa_xss_noexploit.txt", + "refsource": "MISC", + "url": "http://www.sec-consult.com/fileadmin/Advisories/20060613-0_owa_xss_noexploit.txt" + }, + { + "name": "MS06-029", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-029" + }, + { + "name": "oval:org.mitre.oval:def:1315", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1315" + }, + { + "name": "VU#138188", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/138188" + }, + { + "name": "20634", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20634" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1219.json b/2006/1xxx/CVE-2006-1219.json index 9686050e7ef..f09464d4e57 100644 --- a/2006/1xxx/CVE-2006-1219.json +++ b/2006/1xxx/CVE-2006-1219.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1219", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via \"..\" (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1219", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1566", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/1566" - }, - { - "name" : "http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update", - "refsource" : "CONFIRM", - "url" : "http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update" - }, - { - "name" : "17051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17051" - }, - { - "name" : "ADV-2006-0895", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0895" - }, - { - "name" : "19175", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19175" - }, - { - "name" : "gallery-multiple-index-file-include(25129)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25129" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via \"..\" (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-0895", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0895" + }, + { + "name": "http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update", + "refsource": "CONFIRM", + "url": "http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update" + }, + { + "name": "gallery-multiple-index-file-include(25129)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25129" + }, + { + "name": "1566", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/1566" + }, + { + "name": "17051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17051" + }, + { + "name": "19175", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19175" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1498.json b/2006/1xxx/CVE-2006-1498.json index b0bfe1c979f..3b97efbfb6e 100644 --- a/2006/1xxx/CVE-2006-1498.json +++ b/2006/1xxx/CVE-2006-1498.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20060327 MediaWiki 1.5.8, 1.4.15 released [SECURITY]", - "refsource" : "MLIST", - "url" : "http://mail.wikipedia.org/pipermail/mediawiki-announce/2006-March/000040.html" - }, - { - "name" : "http://www.mediawiki.org/wiki/MediaWiki", - "refsource" : "CONFIRM", - "url" : "http://www.mediawiki.org/wiki/MediaWiki" - }, - { - "name" : "GLSA-200604-01", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-01.xml" - }, - { - "name" : "SUSE-SR:2006:007", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_07_sr.html" - }, - { - "name" : "17269", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17269" - }, - { - "name" : "ADV-2006-1194", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1194" - }, - { - "name" : "19504", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19504" - }, - { - "name" : "19508", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19508" - }, - { - "name" : "19517", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19517" - }, - { - "name" : "mediawiki-unspecified-xss(25588)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-1194", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1194" + }, + { + "name": "GLSA-200604-01", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-01.xml" + }, + { + "name": "[MediaWiki-announce] 20060327 MediaWiki 1.5.8, 1.4.15 released [SECURITY]", + "refsource": "MLIST", + "url": "http://mail.wikipedia.org/pipermail/mediawiki-announce/2006-March/000040.html" + }, + { + "name": "http://www.mediawiki.org/wiki/MediaWiki", + "refsource": "CONFIRM", + "url": "http://www.mediawiki.org/wiki/MediaWiki" + }, + { + "name": "19517", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19517" + }, + { + "name": "SUSE-SR:2006:007", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_07_sr.html" + }, + { + "name": "17269", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17269" + }, + { + "name": "mediawiki-unspecified-xss(25588)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25588" + }, + { + "name": "19508", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19508" + }, + { + "name": "19504", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19504" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1593.json b/2006/1xxx/CVE-2006-1593.json index bf9f534e838..e4694ec32f4 100644 --- a/2006/1xxx/CVE-2006-1593.json +++ b/2006/1xxx/CVE-2006-1593.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1593", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array index." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1593", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060331 Buffer-overflow and in-game crash in Zdaemon 1.08.01", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/429521/100/0/threaded" - }, - { - "name" : "20060331 Buffer-overflow and in-game crash in Zdaemon 1.08.01", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044775.html" - }, - { - "name" : "http://aluigi.altervista.org/adv/zdaebof-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/zdaebof-adv.txt" - }, - { - "name" : "17340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17340" - }, - { - "name" : "ADV-2006-1199", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1199" - }, - { - "name" : "ADV-2006-1198", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1198" - }, - { - "name" : "19509", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19509" - }, - { - "name" : "19496", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19496" - }, - { - "name" : "662", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/662" - }, - { - "name" : "zdaemon-memory-access-dos(25593)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array index." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060331 Buffer-overflow and in-game crash in Zdaemon 1.08.01", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/429521/100/0/threaded" + }, + { + "name": "ADV-2006-1198", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1198" + }, + { + "name": "ADV-2006-1199", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1199" + }, + { + "name": "17340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17340" + }, + { + "name": "662", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/662" + }, + { + "name": "http://aluigi.altervista.org/adv/zdaebof-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/zdaebof-adv.txt" + }, + { + "name": "20060331 Buffer-overflow and in-game crash in Zdaemon 1.08.01", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044775.html" + }, + { + "name": "19509", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19509" + }, + { + "name": "19496", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19496" + }, + { + "name": "zdaemon-memory-access-dos(25593)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25593" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1840.json b/2006/1xxx/CVE-2006-1840.json index dda02a5a842..00c46d22767 100644 --- a/2006/1xxx/CVE-2006-1840.json +++ b/2006/1xxx/CVE-2006-1840.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1840", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1840", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=410001&group_id=24031", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=410001&group_id=24031" - }, - { - "name" : "17585", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17585" - }, - { - "name" : "ADV-2006-1380", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1380" - }, - { - "name" : "24700", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24700" - }, - { - "name" : "19674", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19674" - }, - { - "name" : "empireserver-unspecified(25863)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25863" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=410001&group_id=24031", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=410001&group_id=24031" + }, + { + "name": "empireserver-unspecified(25863)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25863" + }, + { + "name": "ADV-2006-1380", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1380" + }, + { + "name": "17585", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17585" + }, + { + "name": "24700", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24700" + }, + { + "name": "19674", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19674" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5118.json b/2006/5xxx/CVE-2006-5118.json index 64a1d2759aa..3d461822acf 100644 --- a/2006/5xxx/CVE-2006-5118.json +++ b/2006/5xxx/CVE-2006-5118.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php3 in the PDD package for PHPSelect Web Development Division allows remote attackers to execute arbitrary PHP code via a URL in the Application_Root parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060927 PHPSelect Web Development Division <= Remote File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447177/100/0/threaded" - }, - { - "name" : "20231", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20231" - }, - { - "name" : "1666", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1666" - }, - { - "name" : "phpselect-index-file-include(29223)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php3 in the PDD package for PHPSelect Web Development Division allows remote attackers to execute arbitrary PHP code via a URL in the Application_Root parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1666", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1666" + }, + { + "name": "20231", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20231" + }, + { + "name": "20060927 PHPSelect Web Development Division <= Remote File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447177/100/0/threaded" + }, + { + "name": "phpselect-index-file-include(29223)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29223" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5584.json b/2006/5xxx/CVE-2006-5584.json index c8df00f1884..9cdf5cefd6c 100644 --- a/2006/5xxx/CVE-2006-5584.json +++ b/2006/5xxx/CVE-2006-5584.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5584", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2006-5584", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBST02180", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/454969/100/200/threaded" - }, - { - "name" : "SSRT061288", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/454969/100/200/threaded" - }, - { - "name" : "MS06-077", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-077" - }, - { - "name" : "TA06-346A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-346A.html" - }, - { - "name" : "VU#238064", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/238064" - }, - { - "name" : "21495", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21495" - }, - { - "name" : "ADV-2006-4970", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4970" - }, - { - "name" : "oval:org.mitre.oval:def:375", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A375" - }, - { - "name" : "1017368", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017368" - }, - { - "name" : "23312", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23312" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4970", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4970" + }, + { + "name": "VU#238064", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/238064" + }, + { + "name": "1017368", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017368" + }, + { + "name": "TA06-346A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-346A.html" + }, + { + "name": "MS06-077", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-077" + }, + { + "name": "SSRT061288", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded" + }, + { + "name": "HPSBST02180", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded" + }, + { + "name": "23312", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23312" + }, + { + "name": "21495", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21495" + }, + { + "name": "oval:org.mitre.oval:def:375", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A375" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5826.json b/2006/5xxx/CVE-2006-5826.json index 2edb360723e..6b9f7a4ea3c 100644 --- a/2006/5xxx/CVE-2006-5826.json +++ b/2006/5xxx/CVE-2006-5826.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain \"/\" (slash) or \"\\\" (backslash) characters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061107 WFTPD Pro Server 3.23 Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/450851/100/0/threaded" - }, - { - "name" : "20061107 WFTPD Pro Server 3.23 Buffer Overflow", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=116289234522958&w=2" - }, - { - "name" : "20061108 WFTPD Pro Server 3.23 Buffer Overflow", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=116295408114746&w=2" - }, - { - "name" : "2734", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2734" - }, - { - "name" : "20942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20942" - }, - { - "name" : "1017173", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017173" - }, - { - "name" : "1837", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1837" - }, - { - "name" : "wftpd-appe-bo(30079)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30079" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain \"/\" (slash) or \"\\\" (backslash) characters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20942" + }, + { + "name": "1837", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1837" + }, + { + "name": "1017173", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017173" + }, + { + "name": "2734", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2734" + }, + { + "name": "20061108 WFTPD Pro Server 3.23 Buffer Overflow", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=116295408114746&w=2" + }, + { + "name": "20061107 WFTPD Pro Server 3.23 Buffer Overflow", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=116289234522958&w=2" + }, + { + "name": "wftpd-appe-bo(30079)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30079" + }, + { + "name": "20061107 WFTPD Pro Server 3.23 Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/450851/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5920.json b/2006/5xxx/CVE-2006-5920.json index fd354624c4d..6beaf251788 100644 --- a/2006/5xxx/CVE-2006-5920.json +++ b/2006/5xxx/CVE-2006-5920.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5920", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in common.php in Yuuki Yoshizawa Exporia 0.3.0 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: SecurityFocus disputes this issue, saying \"further analysis reveals that the application is not vulnerable.\" NOTE: this issue may overlap CVE-2006-5113." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5920", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061028 Exporia => 0.3.0 Remote File Include Vulnerability Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/450024/100/200/threaded" - }, - { - "name" : "20205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20205" - }, - { - "name" : "1858", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1858" - }, - { - "name" : "exporia-common-file-include(29895)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in common.php in Yuuki Yoshizawa Exporia 0.3.0 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: SecurityFocus disputes this issue, saying \"further analysis reveals that the application is not vulnerable.\" NOTE: this issue may overlap CVE-2006-5113." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20205" + }, + { + "name": "20061028 Exporia => 0.3.0 Remote File Include Vulnerability Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/450024/100/200/threaded" + }, + { + "name": "exporia-common-file-include(29895)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29895" + }, + { + "name": "1858", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1858" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0375.json b/2010/0xxx/CVE-2010-0375.json index e6014040021..00cb6621ac4 100644 --- a/2010/0xxx/CVE-2010-0375.json +++ b/2010/0xxx/CVE-2010-0375.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "11082", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/11082" - }, - { - "name" : "40757", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40757" - }, - { - "name" : "61617", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/61617" - }, - { - "name" : "38036", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38036" - }, - { - "name" : "phpcalendars-productlist-sql-injection(55518)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55518" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "61617", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/61617" + }, + { + "name": "phpcalendars-productlist-sql-injection(55518)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55518" + }, + { + "name": "11082", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/11082" + }, + { + "name": "38036", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38036" + }, + { + "name": "40757", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40757" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0382.json b/2010/0xxx/CVE-2010-0382.json index 97115c1d1a9..381c389c746 100644 --- a/2010/0xxx/CVE-2010-0382.json +++ b/2010/0xxx/CVE-2010-0382.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0382", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0382", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.isc.org/advisories/CVE-2009-4022v6", - "refsource" : "CONFIRM", - "url" : "https://www.isc.org/advisories/CVE-2009-4022v6" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" - }, - { - "name" : "DSA-2054", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2054" - }, - { - "name" : "oval:org.mitre.oval:def:11753", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11753" - }, - { - "name" : "oval:org.mitre.oval:def:7086", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7086" - }, - { - "name" : "oval:org.mitre.oval:def:6665", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6665" - }, - { - "name" : "40086", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40086" - }, - { - "name" : "ADV-2010-0622", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0622" - }, - { - "name" : "ADV-2010-1352", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.isc.org/advisories/CVE-2009-4022v6", + "refsource": "CONFIRM", + "url": "https://www.isc.org/advisories/CVE-2009-4022v6" + }, + { + "name": "oval:org.mitre.oval:def:7086", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7086" + }, + { + "name": "ADV-2010-1352", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1352" + }, + { + "name": "40086", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40086" + }, + { + "name": "ADV-2010-0622", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0622" + }, + { + "name": "oval:org.mitre.oval:def:6665", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6665" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" + }, + { + "name": "DSA-2054", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2054" + }, + { + "name": "oval:org.mitre.oval:def:11753", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11753" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0427.json b/2010/0xxx/CVE-2010-0427.json index 61fe62d05c3..7ac8e034579 100644 --- a/2010/0xxx/CVE-2010-0427.json +++ b/2010/0xxx/CVE-2010-0427.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20101027 rPSA-2010-0075-1 sudo", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/514489/100/0/threaded" - }, - { - "name" : "[oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/23/4" - }, - { - "name" : "[oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/24/5" - }, - { - "name" : "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz" - }, - { - "name" : "http://sudo.ws/repos/sudo/rev/aa0b6c01c462", - "refsource" : "CONFIRM", - "url" : "http://sudo.ws/repos/sudo/rev/aa0b6c01c462" - }, - { - "name" : "http://www.gratisoft.us/bugzilla/attachment.cgi?id=255", - "refsource" : "CONFIRM", - "url" : "http://www.gratisoft.us/bugzilla/attachment.cgi?id=255" - }, - { - "name" : "http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349", - "refsource" : "CONFIRM", - "url" : "http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349" - }, - { - "name" : "http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8", - "refsource" : "CONFIRM", - "url" : "http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=567622", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=567622" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2010-0075", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2010-0075" - }, - { - "name" : "DSA-2006", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2006" - }, - { - "name" : "GLSA-201003-01", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml" - }, - { - "name" : "SUSE-SR:2010:006", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html" - }, - { - "name" : "USN-905-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-905-1" - }, - { - "name" : "oval:org.mitre.oval:def:10946", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946" - }, - { - "name" : "oval:org.mitre.oval:def:7216", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216" - }, - { - "name" : "1023658", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023658" - }, - { - "name" : "38915", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38915" - }, - { - "name" : "38795", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38795" - }, - { - "name" : "38803", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38803" - }, - { - "name" : "38762", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38762" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38803", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38803" + }, + { + "name": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz", + "refsource": "CONFIRM", + "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz" + }, + { + "name": "GLSA-201003-01", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml" + }, + { + "name": "http://sudo.ws/repos/sudo/rev/aa0b6c01c462", + "refsource": "CONFIRM", + "url": "http://sudo.ws/repos/sudo/rev/aa0b6c01c462" + }, + { + "name": "38762", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38762" + }, + { + "name": "DSA-2006", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2006" + }, + { + "name": "oval:org.mitre.oval:def:10946", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=567622", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567622" + }, + { + "name": "oval:org.mitre.oval:def:7216", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216" + }, + { + "name": "20101027 rPSA-2010-0075-1 sudo", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded" + }, + { + "name": "USN-905-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-905-1" + }, + { + "name": "http://www.gratisoft.us/bugzilla/attachment.cgi?id=255", + "refsource": "CONFIRM", + "url": "http://www.gratisoft.us/bugzilla/attachment.cgi?id=255" + }, + { + "name": "SUSE-SR:2010:006", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2010-0075", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075" + }, + { + "name": "[oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/23/4" + }, + { + "name": "[oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/24/5" + }, + { + "name": "38795", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38795" + }, + { + "name": "http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8", + "refsource": "CONFIRM", + "url": "http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8" + }, + { + "name": "38915", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38915" + }, + { + "name": "http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349", + "refsource": "CONFIRM", + "url": "http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349" + }, + { + "name": "1023658", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023658" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0429.json b/2010/0xxx/CVE-2010-0429.json index a81c439e5d1..c23293e47fa 100644 --- a/2010/0xxx/CVE-2010-0429.json +++ b/2010/0xxx/CVE-2010-0429.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=568701", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=568701" - }, - { - "name" : "RHSA-2010:0622", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2010-0622.html" - }, - { - "name" : "RHSA-2010:0633", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2010-0633.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=568701", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=568701" + }, + { + "name": "RHSA-2010:0622", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2010-0622.html" + }, + { + "name": "RHSA-2010:0633", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2010-0633.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0483.json b/2010/0xxx/CVE-2010-0483.json index 051b18116f9..839267eee85 100644 --- a/2010/0xxx/CVE-2010-0483.json +++ b/2010/0xxx/CVE-2010-0483.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0483", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka \"VBScript Help Keypress Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-0483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt", - "refsource" : "MISC", - "url" : "http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt" - }, - { - "name" : "http://isec.pl/vulnerabilities10.html", - "refsource" : "MISC", - "url" : "http://isec.pl/vulnerabilities10.html" - }, - { - "name" : "http://www.computerworld.com/s/article/9163298/New_zero_day_involves_IE_puts_Windows_XP_users_at_risk", - "refsource" : "MISC", - "url" : "http://www.computerworld.com/s/article/9163298/New_zero_day_involves_IE_puts_Windows_XP_users_at_risk" - }, - { - "name" : "http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/", - "refsource" : "MISC", - "url" : "http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/" - }, - { - "name" : "https://www.metasploit.com/svn/framework3/trunk/modules/exploits/windows/browser/ie_winhlp32.rb", - "refsource" : "MISC", - "url" : "https://www.metasploit.com/svn/framework3/trunk/modules/exploits/windows/browser/ie_winhlp32.rb" - }, - { - "name" : "http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx" - }, - { - "name" : "http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx" - }, - { - "name" : "http://blogs.technet.com/srd/archive/2010/03/01/help-keypress-vulnerability-in-vbscript-enabling-remote-code-execution.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/srd/archive/2010/03/01/help-keypress-vulnerability-in-vbscript-enabling-remote-code-execution.aspx" - }, - { - "name" : "http://www.microsoft.com/technet/security/advisory/981169.mspx", - "refsource" : "CONFIRM", - "url" : "http://www.microsoft.com/technet/security/advisory/981169.mspx" - }, - { - "name" : "MS10-022", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-022" - }, - { - "name" : "TA10-103A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" - }, - { - "name" : "VU#612021", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/612021" - }, - { - "name" : "38463", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38463" - }, - { - "name" : "62632", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/62632" - }, - { - "name" : "oval:org.mitre.oval:def:7170", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7170" - }, - { - "name" : "oval:org.mitre.oval:def:8654", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8654" - }, - { - "name" : "1023668", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023668" - }, - { - "name" : "38727", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38727" - }, - { - "name" : "ADV-2010-0485", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0485" - }, - { - "name" : "ms-win-msgbox-code-execution(56558)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka \"VBScript Help Keypress Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:7170", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7170" + }, + { + "name": "ms-win-msgbox-code-execution(56558)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56558" + }, + { + "name": "MS10-022", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-022" + }, + { + "name": "VU#612021", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/612021" + }, + { + "name": "62632", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/62632" + }, + { + "name": "ADV-2010-0485", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0485" + }, + { + "name": "http://www.computerworld.com/s/article/9163298/New_zero_day_involves_IE_puts_Windows_XP_users_at_risk", + "refsource": "MISC", + "url": "http://www.computerworld.com/s/article/9163298/New_zero_day_involves_IE_puts_Windows_XP_users_at_risk" + }, + { + "name": "http://www.microsoft.com/technet/security/advisory/981169.mspx", + "refsource": "CONFIRM", + "url": "http://www.microsoft.com/technet/security/advisory/981169.mspx" + }, + { + "name": "http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/", + "refsource": "MISC", + "url": "http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/" + }, + { + "name": "http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt", + "refsource": "MISC", + "url": "http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt" + }, + { + "name": "38463", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38463" + }, + { + "name": "http://isec.pl/vulnerabilities10.html", + "refsource": "MISC", + "url": "http://isec.pl/vulnerabilities10.html" + }, + { + "name": "oval:org.mitre.oval:def:8654", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8654" + }, + { + "name": "http://blogs.technet.com/srd/archive/2010/03/01/help-keypress-vulnerability-in-vbscript-enabling-remote-code-execution.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/srd/archive/2010/03/01/help-keypress-vulnerability-in-vbscript-enabling-remote-code-execution.aspx" + }, + { + "name": "https://www.metasploit.com/svn/framework3/trunk/modules/exploits/windows/browser/ie_winhlp32.rb", + "refsource": "MISC", + "url": "https://www.metasploit.com/svn/framework3/trunk/modules/exploits/windows/browser/ie_winhlp32.rb" + }, + { + "name": "1023668", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023668" + }, + { + "name": "http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx" + }, + { + "name": "http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx" + }, + { + "name": "TA10-103A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" + }, + { + "name": "38727", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38727" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1417.json b/2010/1xxx/CVE-2010-1417.json index a3c52b51423..0ed9ba8f351 100644 --- a/2010/1xxx/CVE-2010-1417.json +++ b/2010/1xxx/CVE-2010-1417.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1417", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1417", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4196", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4196" - }, - { - "name" : "http://support.apple.com/kb/HT4220", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4220" - }, - { - "name" : "http://support.apple.com/kb/HT4225", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4225" - }, - { - "name" : "http://support.apple.com/kb/HT4456", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4456" - }, - { - "name" : "APPLE-SA-2010-06-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" - }, - { - "name" : "APPLE-SA-2010-06-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" - }, - { - "name" : "APPLE-SA-2010-06-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" - }, - { - "name" : "APPLE-SA-2010-11-22-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "SUSE-SR:2011:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" - }, - { - "name" : "USN-1006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1006-1" - }, - { - "name" : "40620", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40620" - }, - { - "name" : "40672", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40672" - }, - { - "name" : "oval:org.mitre.oval:def:6876", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6876" - }, - { - "name" : "1024067", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1024067" - }, - { - "name" : "40105", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40105" - }, - { - "name" : "40196", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40196" - }, - { - "name" : "41856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41856" - }, - { - "name" : "42314", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42314" - }, - { - "name" : "43068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43068" - }, - { - "name" : "ADV-2010-1373", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1373" - }, - { - "name" : "ADV-2010-1512", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1512" - }, - { - "name" : "ADV-2010-2722", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2722" - }, - { - "name" : "ADV-2011-0212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0212" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "http://support.apple.com/kb/HT4220", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4220" + }, + { + "name": "ADV-2010-2722", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2722" + }, + { + "name": "43068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43068" + }, + { + "name": "USN-1006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1006-1" + }, + { + "name": "41856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41856" + }, + { + "name": "ADV-2011-0212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0212" + }, + { + "name": "http://support.apple.com/kb/HT4225", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4225" + }, + { + "name": "APPLE-SA-2010-06-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" + }, + { + "name": "oval:org.mitre.oval:def:6876", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6876" + }, + { + "name": "40196", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40196" + }, + { + "name": "40105", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40105" + }, + { + "name": "ADV-2010-1373", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1373" + }, + { + "name": "APPLE-SA-2010-06-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" + }, + { + "name": "SUSE-SR:2011:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" + }, + { + "name": "40672", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40672" + }, + { + "name": "42314", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42314" + }, + { + "name": "ADV-2010-1512", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1512" + }, + { + "name": "40620", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40620" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + }, + { + "name": "http://support.apple.com/kb/HT4456", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4456" + }, + { + "name": "1024067", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1024067" + }, + { + "name": "http://support.apple.com/kb/HT4196", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4196" + }, + { + "name": "APPLE-SA-2010-06-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" + }, + { + "name": "APPLE-SA-2010-11-22-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2258.json b/2010/2xxx/CVE-2010-2258.json index 05960c8e28f..80f5d55eee0 100644 --- a/2010/2xxx/CVE-2010-2258.json +++ b/2010/2xxx/CVE-2010-2258.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows remote attackers to inject arbitrary web script or HTML via the bannerurl parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1001-exploits/phpbannerexchange-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1001-exploits/phpbannerexchange-xss.txt" - }, - { - "name" : "61446", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/61446" - }, - { - "name" : "38022", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38022" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows remote attackers to inject arbitrary web script or HTML via the bannerurl parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38022", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38022" + }, + { + "name": "61446", + "refsource": "OSVDB", + "url": "http://osvdb.org/61446" + }, + { + "name": "http://packetstormsecurity.org/1001-exploits/phpbannerexchange-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1001-exploits/phpbannerexchange-xss.txt" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3099.json b/2010/3xxx/CVE-2010-3099.json index 11e7fadfbf8..4b5858f24bd 100644 --- a/2010/3xxx/CVE-2010-3099.json +++ b/2010/3xxx/CVE-2010-3099.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in SmartSoft Ltd SmartFTP Client 4.0.1124.0, and possibly other versions before 4.0 Build 1133, allows remote FTP servers to overwrite arbitrary files via a \"..\\\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.htbridge.ch/advisory/directory_traversal_in_smartftp.html", - "refsource" : "MISC", - "url" : "http://www.htbridge.ch/advisory/directory_traversal_in_smartftp.html" - }, - { - "name" : "http://www.smartftp.com/forums/index.php?/topic/16425-smartftp-client-40-change-log/", - "refsource" : "MISC", - "url" : "http://www.smartftp.com/forums/index.php?/topic/16425-smartftp-client-40-change-log/" - }, - { - "name" : "40899", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in SmartSoft Ltd SmartFTP Client 4.0.1124.0, and possibly other versions before 4.0 Build 1133, allows remote FTP servers to overwrite arbitrary files via a \"..\\\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40899", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40899" + }, + { + "name": "http://www.htbridge.ch/advisory/directory_traversal_in_smartftp.html", + "refsource": "MISC", + "url": "http://www.htbridge.ch/advisory/directory_traversal_in_smartftp.html" + }, + { + "name": "http://www.smartftp.com/forums/index.php?/topic/16425-smartftp-client-40-change-log/", + "refsource": "MISC", + "url": "http://www.smartftp.com/forums/index.php?/topic/16425-smartftp-client-40-change-log/" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3283.json b/2010/3xxx/CVE-2010-3283.json index 180ba288dd1..3ae8e8778c9 100644 --- a/2010/3xxx/CVE-2010-3283.json +++ b/2010/3xxx/CVE-2010-3283.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3283", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2010-3283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA02584", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=128525419119241&w=2" - }, - { - "name" : "SSRT100230", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=128525419119241&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBMA02584", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=128525419119241&w=2" + }, + { + "name": "SSRT100230", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=128525419119241&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3319.json b/2010/3xxx/CVE-2010-3319.json index bbd10433b60..95583009ffc 100644 --- a/2010/3xxx/CVE-2010-3319.json +++ b/2010/3xxx/CVE-2010-3319.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PJ37426", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426" - }, - { - "name" : "43136", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43136", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43136" + }, + { + "name": "PJ37426", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3541.json b/2010/3xxx/CVE-2010-3541.json index 5337ee8cced..4e479bbd67f 100644 --- a/2010/3xxx/CVE-2010-3541.json +++ b/2010/3xxx/CVE-2010-3541.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-3541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100114315", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100114315" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100114327", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100114327" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=642202", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=642202" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100123193", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100123193" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "FEDORA-2010-16240", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" - }, - { - "name" : "FEDORA-2010-16294", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" - }, - { - "name" : "FEDORA-2010-16312", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "HPSBUX02608", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" - }, - { - "name" : "SSRT100333", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "RHSA-2010:0770", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0770.html" - }, - { - "name" : "RHSA-2010:0786", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0786.html" - }, - { - "name" : "RHSA-2010:0807", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0807.html" - }, - { - "name" : "RHSA-2010:0768", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0768.html" - }, - { - "name" : "RHSA-2010:0865", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0865.html" - }, - { - "name" : "RHSA-2010:0873", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0873.html" - }, - { - "name" : "RHSA-2010:0986", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0986.html" - }, - { - "name" : "RHSA-2010:0987", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0987.html" - }, - { - "name" : "RHSA-2011:0880", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0880.html" - }, - { - "name" : "SUSE-SA:2010:061", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" - }, - { - "name" : "SUSE-SR:2010:019", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" - }, - { - "name" : "USN-1010-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1010-1" - }, - { - "name" : "44032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44032" - }, - { - "name" : "oval:org.mitre.oval:def:12491", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12491" - }, - { - "name" : "oval:org.mitre.oval:def:14354", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14354" - }, - { - "name" : "41967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41967" - }, - { - "name" : "41972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41972" - }, - { - "name" : "42974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42974" - }, - { - "name" : "44954", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44954" - }, - { - "name" : "ADV-2010-2745", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2745" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.avaya.com/css/P8/documents/100114327", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100114327" + }, + { + "name": "RHSA-2010:0865", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100114315", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100114315" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "SUSE-SA:2010:061", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" + }, + { + "name": "44032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44032" + }, + { + "name": "RHSA-2010:0770", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" + }, + { + "name": "oval:org.mitre.oval:def:14354", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14354" + }, + { + "name": "SSRT100333", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" + }, + { + "name": "RHSA-2010:0768", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html" + }, + { + "name": "FEDORA-2010-16240", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" + }, + { + "name": "USN-1010-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1010-1" + }, + { + "name": "oval:org.mitre.oval:def:12491", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12491" + }, + { + "name": "RHSA-2010:0987", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" + }, + { + "name": "RHSA-2010:0986", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html" + }, + { + "name": "44954", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44954" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=642202", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202" + }, + { + "name": "RHSA-2011:0880", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" + }, + { + "name": "RHSA-2010:0873", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0873.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "42974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42974" + }, + { + "name": "41972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41972" + }, + { + "name": "HPSBUX02608", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100123193", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100123193" + }, + { + "name": "RHSA-2010:0786", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html" + }, + { + "name": "SUSE-SR:2010:019", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + }, + { + "name": "41967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41967" + }, + { + "name": "RHSA-2010:0807", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" + }, + { + "name": "FEDORA-2010-16312", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" + }, + { + "name": "ADV-2010-2745", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2745" + }, + { + "name": "FEDORA-2010-16294", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3857.json b/2010/3xxx/CVE-2010-3857.json index acd4441b769..dcb877fb1c6 100644 --- a/2010/3xxx/CVE-2010-3857.json +++ b/2010/3xxx/CVE-2010-3857.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3857", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3857", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4001.json b/2010/4xxx/CVE-2010-4001.json index 828bbe8e829..ccbe8810dd4 100644 --- a/2010/4xxx/CVE-2010-4001.json +++ b/2010/4xxx/CVE-2010-4001.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4001", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to the beginning of LD_LIBRARY_PATH at a later point in the script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4001", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=644596", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=644596" - }, - { - "name" : "FEDORA-2010-17248", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050763.html" - }, - { - "name" : "FEDORA-2010-17256", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050783.html" - }, - { - "name" : "ADV-2010-2971", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2971" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to the beginning of LD_LIBRARY_PATH at a later point in the script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-2971", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2971" + }, + { + "name": "FEDORA-2010-17256", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050783.html" + }, + { + "name": "FEDORA-2010-17248", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050763.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=644596", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=644596" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4203.json b/2010/4xxx/CVE-2010-4203.json index d79c9389008..aa905d4e35d 100644 --- a/2010/4xxx/CVE-2010-4203.json +++ b/2010/4xxx/CVE-2010-4203.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4203", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4203", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=60055", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=60055" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html" - }, - { - "name" : "http://review.webmproject.org/gitweb?p=libvpx.git;a=blob;f=CHANGELOG", - "refsource" : "CONFIRM", - "url" : "http://review.webmproject.org/gitweb?p=libvpx.git;a=blob;f=CHANGELOG" - }, - { - "name" : "http://review.webmproject.org/gitweb?p=libvpx.git;a=commit;h=09bcc1f710ea65dc158639479288fb1908ff0c53", - "refsource" : "CONFIRM", - "url" : "http://review.webmproject.org/gitweb?p=libvpx.git;a=commit;h=09bcc1f710ea65dc158639479288fb1908ff0c53" - }, - { - "name" : "GLSA-201101-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201101-03.xml" - }, - { - "name" : "RHSA-2010:0999", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2010-0999.html" - }, - { - "name" : "oval:org.mitre.oval:def:12198", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198" - }, - { - "name" : "42109", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42109" - }, - { - "name" : "42118", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42118" - }, - { - "name" : "42690", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42690" - }, - { - "name" : "42908", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42908" - }, - { - "name" : "ADV-2011-0115", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42690", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42690" + }, + { + "name": "oval:org.mitre.oval:def:12198", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html" + }, + { + "name": "GLSA-201101-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201101-03.xml" + }, + { + "name": "RHSA-2010:0999", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2010-0999.html" + }, + { + "name": "42109", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42109" + }, + { + "name": "http://review.webmproject.org/gitweb?p=libvpx.git;a=blob;f=CHANGELOG", + "refsource": "CONFIRM", + "url": "http://review.webmproject.org/gitweb?p=libvpx.git;a=blob;f=CHANGELOG" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=60055", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=60055" + }, + { + "name": "42118", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42118" + }, + { + "name": "ADV-2011-0115", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0115" + }, + { + "name": "http://review.webmproject.org/gitweb?p=libvpx.git;a=commit;h=09bcc1f710ea65dc158639479288fb1908ff0c53", + "refsource": "CONFIRM", + "url": "http://review.webmproject.org/gitweb?p=libvpx.git;a=commit;h=09bcc1f710ea65dc158639479288fb1908ff0c53" + }, + { + "name": "42908", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42908" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4970.json b/2010/4xxx/CVE-2010-4970.json index 01fceba4e47..fa23a3ac914 100644 --- a/2010/4xxx/CVE-2010-4970.json +++ b/2010/4xxx/CVE-2010-4970.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4970", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4970", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "14217", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/14217" - }, - { - "name" : "http://packetstormsecurity.org/1007-exploits/wikiwebhelp-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1007-exploits/wikiwebhelp-sql.txt" - }, - { - "name" : "41344", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/41344" - }, - { - "name" : "8491", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8491" - }, - { - "name" : "ADV-2010-1704", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1704" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-1704", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1704" + }, + { + "name": "41344", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/41344" + }, + { + "name": "8491", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8491" + }, + { + "name": "14217", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/14217" + }, + { + "name": "http://packetstormsecurity.org/1007-exploits/wikiwebhelp-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1007-exploits/wikiwebhelp-sql.txt" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0255.json b/2014/0xxx/CVE-2014-0255.json index 7f4de76c863..b7e79499df6 100644 --- a/2014/0xxx/CVE-2014-0255.json +++ b/2014/0xxx/CVE-2014-0255.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka \"iSCSI Target Remote Denial of Service Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-028", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-028" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka \"iSCSI Target Remote Denial of Service Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-028", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-028" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3499.json b/2014/3xxx/CVE-2014-3499.json index 9f0ae8b1c48..33e33fbf234 100644 --- a/2014/3xxx/CVE-2014-3499.json +++ b/2014/3xxx/CVE-2014-3499.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3499", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3499", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1111687", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1111687" - }, - { - "name" : "RHSA-2014:0820", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0820.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1111687", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111687" + }, + { + "name": "RHSA-2014:0820", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0820.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4026.json b/2014/4xxx/CVE-2014-4026.json index bfe0dd8e5eb..0b5c5c57436 100644 --- a/2014/4xxx/CVE-2014-4026.json +++ b/2014/4xxx/CVE-2014-4026.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4026", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4026", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4333.json b/2014/4xxx/CVE-2014-4333.json index 9b07a588585..aae320aa726 100644 --- a/2014/4xxx/CVE-2014-4333.json +++ b/2014/4xxx/CVE-2014-4333.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140618 SQL Injection in Dolphin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532468/100/0/threaded" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23216", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23216" - }, - { - "name" : "http://www.boonex.com/forums/topic/Medium-Risk-Security-Vulnerability-in-Dolphin-7-1.htm", - "refsource" : "CONFIRM", - "url" : "http://www.boonex.com/forums/topic/Medium-Risk-Security-Vulnerability-in-Dolphin-7-1.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140618 SQL Injection in Dolphin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532468/100/0/threaded" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23216", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23216" + }, + { + "name": "http://www.boonex.com/forums/topic/Medium-Risk-Security-Vulnerability-in-Dolphin-7-1.htm", + "refsource": "CONFIRM", + "url": "http://www.boonex.com/forums/topic/Medium-Risk-Security-Vulnerability-in-Dolphin-7-1.htm" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4442.json b/2014/4xxx/CVE-2014-4442.json index d892c679c2b..8f33a68fcab 100644 --- a/2014/4xxx/CVE-2014-4442.json +++ b/2014/4xxx/CVE-2014-4442.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-4442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT6535", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6535" - }, - { - "name" : "APPLE-SA-2014-10-16-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" - }, - { - "name" : "70624", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70624" - }, - { - "name" : "1031063", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031063" - }, - { - "name" : "macosx-cve20144442-dos(97632)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97632" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2014-10-16-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" + }, + { + "name": "1031063", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031063" + }, + { + "name": "https://support.apple.com/kb/HT6535", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6535" + }, + { + "name": "70624", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70624" + }, + { + "name": "macosx-cve20144442-dos(97632)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97632" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4611.json b/2014/4xxx/CVE-2014-4611.json index f7bdb1af5e5..b18811f3d69 100644 --- a/2014/4xxx/CVE-2014-4611.json +++ b/2014/4xxx/CVE-2014-4611.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4611", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4611", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140626 LMS-2014-06-16-5: Linux Kernel LZ4", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/06/26/24" - }, - { - "name" : "http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html", - "refsource" : "MISC", - "url" : "http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html" - }, - { - "name" : "http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html", - "refsource" : "MISC", - "url" : "http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html" - }, - { - "name" : "https://www.securitymouse.com/lms-2014-06-16-5", - "refsource" : "MISC", - "url" : "https://www.securitymouse.com/lms-2014-06-16-5" - }, - { - "name" : "https://www.securitymouse.com/lms-2014-06-16-6", - "refsource" : "MISC", - "url" : "https://www.securitymouse.com/lms-2014-06-16-6" - }, - { - "name" : "http://twitter.com/djrbliss/statuses/484931749013495809", - "refsource" : "MISC", - "url" : "http://twitter.com/djrbliss/statuses/484931749013495809" - }, - { - "name" : "http://twitter.com/djrbliss/statuses/485042901399789568", - "refsource" : "MISC", - "url" : "http://twitter.com/djrbliss/statuses/485042901399789568" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=206204a1162b995e2185275167b22468c00d6b36", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=206204a1162b995e2185275167b22468c00d6b36" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1112436", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1112436" - }, - { - "name" : "https://code.google.com/p/lz4/issues/detail?id=52", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/lz4/issues/detail?id=52" - }, - { - "name" : "https://code.google.com/p/lz4/source/detail?r=118", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/lz4/source/detail?r=118" - }, - { - "name" : "https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36" - }, - { - "name" : "openSUSE-SU-2014:0924", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00025.html" - }, - { - "name" : "1030491", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030491" - }, - { - "name" : "59770", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59770" - }, - { - "name" : "60238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60238" - }, - { - "name" : "59567", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59567" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140626 LMS-2014-06-16-5: Linux Kernel LZ4", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/06/26/24" + }, + { + "name": "https://www.securitymouse.com/lms-2014-06-16-6", + "refsource": "MISC", + "url": "https://www.securitymouse.com/lms-2014-06-16-6" + }, + { + "name": "https://code.google.com/p/lz4/source/detail?r=118", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/lz4/source/detail?r=118" + }, + { + "name": "openSUSE-SU-2014:0924", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00025.html" + }, + { + "name": "http://twitter.com/djrbliss/statuses/485042901399789568", + "refsource": "MISC", + "url": "http://twitter.com/djrbliss/statuses/485042901399789568" + }, + { + "name": "60238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60238" + }, + { + "name": "http://twitter.com/djrbliss/statuses/484931749013495809", + "refsource": "MISC", + "url": "http://twitter.com/djrbliss/statuses/484931749013495809" + }, + { + "name": "1030491", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030491" + }, + { + "name": "59770", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59770" + }, + { + "name": "http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html", + "refsource": "MISC", + "url": "http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html" + }, + { + "name": "59567", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59567" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=206204a1162b995e2185275167b22468c00d6b36", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=206204a1162b995e2185275167b22468c00d6b36" + }, + { + "name": "https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/206204a1162b995e2185275167b22468c00d6b36" + }, + { + "name": "http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html", + "refsource": "MISC", + "url": "http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1112436", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1112436" + }, + { + "name": "https://www.securitymouse.com/lms-2014-06-16-5", + "refsource": "MISC", + "url": "https://www.securitymouse.com/lms-2014-06-16-5" + }, + { + "name": "https://code.google.com/p/lz4/issues/detail?id=52", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/lz4/issues/detail?id=52" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8388.json b/2014/8xxx/CVE-2014-8388.json index 4b06b030c52..c57efab6984 100644 --- a/2014/8xxx/CVE-2014-8388.json +++ b/2014/8xxx/CVE-2014-8388.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-324-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-324-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-324-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-324-01" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8603.json b/2014/8xxx/CVE-2014-8603.json index 7d730463516..8196488279c 100644 --- a/2014/8xxx/CVE-2014-8603.json +++ b/2014/8xxx/CVE-2014-8603.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to execute arbitrary code via shell metacharacters in the (1) file name when creating a backup or vectors related to the (2) $_CONFIG[tarpath], (3) $exclude, (4) $_CONFIG['tarcompress'], (5) $_CONFIG['filename'], (6) $_CONFIG['exfile_tar'], (7) $_CONFIG[sqldump], (8) $_CONFIG['mysql_host'], (9) $_CONFIG['mysql_pass'], (10) $_CONFIG['mysql_user'], (11) $database_name, or (12) $sqlfile variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/" - }, - { - "name" : "http://www.vapid.dhs.org/advisory.php?v=110", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisory.php?v=110" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to execute arbitrary code via shell metacharacters in the (1) file name when creating a backup or vectors related to the (2) $_CONFIG[tarpath], (3) $exclude, (4) $_CONFIG['tarcompress'], (5) $_CONFIG['filename'], (6) $_CONFIG['exfile_tar'], (7) $_CONFIG[sqldump], (8) $_CONFIG['mysql_host'], (9) $_CONFIG['mysql_pass'], (10) $_CONFIG['mysql_user'], (11) $database_name, or (12) $sqlfile variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcloner-v3.1.1/" + }, + { + "name": "http://www.vapid.dhs.org/advisory.php?v=110", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisory.php?v=110" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8726.json b/2014/8xxx/CVE-2014-8726.json index b8c5ddb7036..a3cb32b9788 100644 --- a/2014/8xxx/CVE-2014-8726.json +++ b/2014/8xxx/CVE-2014-8726.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8726", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8726", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8867.json b/2014/8xxx/CVE-2014-8867.json index 9e4482cf281..9b00479bbe8 100644 --- a/2014/8xxx/CVE-2014-8867.json +++ b/2014/8xxx/CVE-2014-8867.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8867", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The acceleration support for the \"REP MOVS\" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xenproject.org/xsa/advisory-112.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xenproject.org/xsa/advisory-112.html" - }, - { - "name" : "http://support.citrix.com/article/CTX201794", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX201794" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" - }, - { - "name" : "http://support.citrix.com/article/CTX200288", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX200288" - }, - { - "name" : "DSA-3140", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3140" - }, - { - "name" : "GLSA-201504-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-04" - }, - { - "name" : "RHSA-2015:0783", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0783.html" - }, - { - "name" : "openSUSE-SU-2015:0226", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html" - }, - { - "name" : "openSUSE-SU-2015:0256", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html" - }, - { - "name" : "71331", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71331" - }, - { - "name" : "59949", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59949" - }, - { - "name" : "62672", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62672" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The acceleration support for the \"REP MOVS\" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:0783", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0783.html" + }, + { + "name": "GLSA-201504-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-04" + }, + { + "name": "62672", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62672" + }, + { + "name": "http://support.citrix.com/article/CTX201794", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX201794" + }, + { + "name": "http://support.citrix.com/article/CTX200288", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX200288" + }, + { + "name": "DSA-3140", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3140" + }, + { + "name": "openSUSE-SU-2015:0226", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" + }, + { + "name": "openSUSE-SU-2015:0256", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html" + }, + { + "name": "http://xenbits.xenproject.org/xsa/advisory-112.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xenproject.org/xsa/advisory-112.html" + }, + { + "name": "59949", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59949" + }, + { + "name": "71331", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71331" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9011.json b/2014/9xxx/CVE-2014-9011.json index c978d9a0f2e..55ebbd7cf48 100644 --- a/2014/9xxx/CVE-2014-9011.json +++ b/2014/9xxx/CVE-2014-9011.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9011", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9011", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9306.json b/2014/9xxx/CVE-2014-9306.json index 2005c27da36..38f16246388 100644 --- a/2014/9xxx/CVE-2014-9306.json +++ b/2014/9xxx/CVE-2014-9306.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9306", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9306", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9321.json b/2014/9xxx/CVE-2014-9321.json index 4e337f4b340..7ec61a66b72 100644 --- a/2014/9xxx/CVE-2014-9321.json +++ b/2014/9xxx/CVE-2014-9321.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9321", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9321", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9484.json b/2014/9xxx/CVE-2014-9484.json index 6d018f98aec..d54d63a9e69 100644 --- a/2014/9xxx/CVE-2014-9484.json +++ b/2014/9xxx/CVE-2014-9484.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9484", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9484", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9923.json b/2014/9xxx/CVE-2014-9923.json index 19a17f372e0..265b9e8d740 100644 --- a/2014/9xxx/CVE-2014-9923.json +++ b/2014/9xxx/CVE-2014-9923.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2014-9923", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input Vulnerability in NAS" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2014-9923", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-05-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-05-01" - }, - { - "name" : "98225", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98225" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input Vulnerability in NAS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98225", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98225" + }, + { + "name": "https://source.android.com/security/bulletin/2017-05-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-05-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2043.json b/2016/2xxx/CVE-2016-2043.json index 45c4202a9a5..83bb1c5a57b 100644 --- a/2016/2xxx/CVE-2016-2043.json +++ b/2016/2xxx/CVE-2016-2043.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2043", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2043", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-7.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-7.php" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/019c4f25d500ec5db9ba3b84cc961a7e4e850738", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/019c4f25d500ec5db9ba3b84cc961a7e4e850738" - }, - { - "name" : "FEDORA-2016-e1fe01e96e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" - }, - { - "name" : "FEDORA-2016-e55278763e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" - }, - { - "name" : "openSUSE-SU-2016:0357", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" - }, - { - "name" : "openSUSE-SU-2016:0378", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-7.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-7.php" + }, + { + "name": "openSUSE-SU-2016:0378", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" + }, + { + "name": "openSUSE-SU-2016:0357", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" + }, + { + "name": "FEDORA-2016-e55278763e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" + }, + { + "name": "FEDORA-2016-e1fe01e96e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/019c4f25d500ec5db9ba3b84cc961a7e4e850738", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/019c4f25d500ec5db9ba3b84cc961a7e4e850738" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2263.json b/2016/2xxx/CVE-2016-2263.json index b6635ebe630..302a315e595 100644 --- a/2016/2xxx/CVE-2016-2263.json +++ b/2016/2xxx/CVE-2016-2263.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2263", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-2263", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3075.json b/2016/3xxx/CVE-2016-3075.json index 3e9145c9bbe..2207941f990 100644 --- a/2016/3xxx/CVE-2016-3075.json +++ b/2016/3xxx/CVE-2016-3075.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3075", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-3075", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=19879", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=19879" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=317b199b4aff8cfa27f2302ab404d2bb5032b9a4", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=317b199b4aff8cfa27f2302ab404d2bb5032b9a4" - }, - { - "name" : "FEDORA-2016-68abc0be35", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html" - }, - { - "name" : "GLSA-201702-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201702-11" - }, - { - "name" : "RHSA-2016:2573", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2573.html" - }, - { - "name" : "openSUSE-SU-2016:1527", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html" - }, - { - "name" : "openSUSE-SU-2016:1779", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html" - }, - { - "name" : "USN-2985-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2985-1" - }, - { - "name" : "85732", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85732" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-68abc0be35", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html" + }, + { + "name": "openSUSE-SU-2016:1779", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html" + }, + { + "name": "85732", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85732" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=317b199b4aff8cfa27f2302ab404d2bb5032b9a4", + "refsource": "CONFIRM", + "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=317b199b4aff8cfa27f2302ab404d2bb5032b9a4" + }, + { + "name": "GLSA-201702-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201702-11" + }, + { + "name": "RHSA-2016:2573", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2573.html" + }, + { + "name": "openSUSE-SU-2016:1527", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html" + }, + { + "name": "USN-2985-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2985-1" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3247.json b/2016/3xxx/CVE-2016-3247.json index 7642423df0f..9e706a8d6ad 100644 --- a/2016/3xxx/CVE-2016-3247.json +++ b/2016/3xxx/CVE-2016-3247.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3247", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3247", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539779/100/0/threaded" - }, - { - "name" : "40797", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40797/" - }, - { - "name" : "20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Nov/111" - }, - { - "name" : "http://blog.skylined.nl/20161118002.html", - "refsource" : "MISC", - "url" : "http://blog.skylined.nl/20161118002.html" - }, - { - "name" : "MS16-104", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104" - }, - { - "name" : "MS16-105", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105" - }, - { - "name" : "92828", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92828" - }, - { - "name" : "1036788", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036788" - }, - { - "name" : "1036789", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036789" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036789", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036789" + }, + { + "name": "92828", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92828" + }, + { + "name": "20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Nov/111" + }, + { + "name": "20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539779/100/0/threaded" + }, + { + "name": "http://blog.skylined.nl/20161118002.html", + "refsource": "MISC", + "url": "http://blog.skylined.nl/20161118002.html" + }, + { + "name": "MS16-104", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104" + }, + { + "name": "MS16-105", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105" + }, + { + "name": "1036788", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036788" + }, + { + "name": "40797", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40797/" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3486.json b/2016/3xxx/CVE-2016-3486.json index 660edb38d45..c9677226378 100644 --- a/2016/3xxx/CVE-2016-3486.json +++ b/2016/3xxx/CVE-2016-3486.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3486", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3486", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "RHSA-2016:1601", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html" - }, - { - "name" : "USN-3040-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3040-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91980", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91980" - }, - { - "name" : "1036362", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3040-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3040-1" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91980", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91980" + }, + { + "name": "RHSA-2016:1601", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html" + }, + { + "name": "1036362", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036362" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3971.json b/2016/3xxx/CVE-2016-3971.json index 69b342286f9..ac29c8e73ee 100644 --- a/2016/3xxx/CVE-2016-3971.json +++ b/2016/3xxx/CVE-2016-3971.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in lucene_search.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160408 [CVE-2016-3971]DotCMS xss vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Apr/37" - }, - { - "name" : "http://dotcms.com/security/SI-33", - "refsource" : "CONFIRM", - "url" : "http://dotcms.com/security/SI-33" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in lucene_search.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dotcms.com/security/SI-33", + "refsource": "CONFIRM", + "url": "http://dotcms.com/security/SI-33" + }, + { + "name": "20160408 [CVE-2016-3971]DotCMS xss vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Apr/37" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6111.json b/2016/6xxx/CVE-2016-6111.json index 2a91faeceaf..4411f4d4648 100644 --- a/2016/6xxx/CVE-2016-6111.json +++ b/2016/6xxx/CVE-2016-6111.json @@ -1,103 +1,103 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-6111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cram Social Program Management", - "version" : { - "version_data" : [ - { - "version_value" : "6.0.4" - }, - { - "version_value" : "6.0.5" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "5.2" - }, - { - "version_value" : "4.5" - }, - { - "version_value" : "6.0.3" - }, - { - "version_value" : "6.1" - }, - { - "version_value" : "5.2.6" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.1.0" - }, - { - "version_value" : "6.1.1" - }, - { - "version_value" : "6.2.0" - }, - { - "version_value" : "7.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-6111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cram Social Program Management", + "version": { + "version_data": [ + { + "version_value": "6.0.4" + }, + { + "version_value": "6.0.5" + }, + { + "version_value": "6.0" + }, + { + "version_value": "5.2" + }, + { + "version_value": "4.5" + }, + { + "version_value": "6.0.3" + }, + { + "version_value": "6.1" + }, + { + "version_value": "5.2.6" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.1.0" + }, + { + "version_value": "6.1.1" + }, + { + "version_value": "6.2.0" + }, + { + "version_value": "7.0.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22000833", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22000833" - }, - { - "name" : "97244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22000833", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22000833" + }, + { + "name": "97244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97244" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6608.json b/2016/6xxx/CVE-2016-6608.json index 3cfecf871b7..6eaf53a8fb4 100644 --- a/2016/6xxx/CVE-2016-6608.json +++ b/2016/6xxx/CVE-2016-6608.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the \"Remove partitioning\" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.phpmyadmin.net/security/PMASA-2016-31", - "refsource" : "CONFIRM", - "url" : "https://www.phpmyadmin.net/security/PMASA-2016-31" - }, - { - "name" : "GLSA-201701-32", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-32" - }, - { - "name" : "93258", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93258" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the \"Remove partitioning\" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.phpmyadmin.net/security/PMASA-2016-31", + "refsource": "CONFIRM", + "url": "https://www.phpmyadmin.net/security/PMASA-2016-31" + }, + { + "name": "93258", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93258" + }, + { + "name": "GLSA-201701-32", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-32" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6631.json b/2016/6xxx/CVE-2016-6631.json index bbad450ffb2..09542856a95 100644 --- a/2016/6xxx/CVE-2016-6631.json +++ b/2016/6xxx/CVE-2016-6631.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.phpmyadmin.net/security/PMASA-2016-54", - "refsource" : "CONFIRM", - "url" : "https://www.phpmyadmin.net/security/PMASA-2016-54" - }, - { - "name" : "GLSA-201701-32", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-32" - }, - { - "name" : "92496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92496" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92496" + }, + { + "name": "GLSA-201701-32", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-32" + }, + { + "name": "https://www.phpmyadmin.net/security/PMASA-2016-54", + "refsource": "CONFIRM", + "url": "https://www.phpmyadmin.net/security/PMASA-2016-54" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6969.json b/2016/6xxx/CVE-2016-6969.json index 68fe80dc482..627b2034a3c 100644 --- a/2016/6xxx/CVE-2016-6969.json +++ b/2016/6xxx/CVE-2016-6969.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-6969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" - }, - { - "name" : "93491", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93491" - }, - { - "name" : "1036986", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036986" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036986", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036986" + }, + { + "name": "93491", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93491" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7300.json b/2016/7xxx/CVE-2016-7300.json index ad6a0946b0d..b18f849efa8 100644 --- a/2016/7xxx/CVE-2016-7300.json +++ b/2016/7xxx/CVE-2016-7300.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7300", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka \"Microsoft (MAU) Office Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7300", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-148", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148" - }, - { - "name" : "94784", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94784" - }, - { - "name" : "1037441", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka \"Microsoft (MAU) Office Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94784", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94784" + }, + { + "name": "MS16-148", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148" + }, + { + "name": "1037441", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037441" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7612.json b/2016/7xxx/CVE-2016-7612.json index fd4b418789d..59c7db82189 100644 --- a/2016/7xxx/CVE-2016-7612.json +++ b/2016/7xxx/CVE-2016-7612.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-7612", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-7612", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40955", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40955/" - }, - { - "name" : "https://support.apple.com/HT207422", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207422" - }, - { - "name" : "https://support.apple.com/HT207423", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207423" - }, - { - "name" : "https://support.apple.com/HT207487", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207487" - }, - { - "name" : "94905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94905" - }, - { - "name" : "1037469", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037469" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207487", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207487" + }, + { + "name": "40955", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40955/" + }, + { + "name": "https://support.apple.com/HT207422", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207422" + }, + { + "name": "94905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94905" + }, + { + "name": "1037469", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037469" + }, + { + "name": "https://support.apple.com/HT207423", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207423" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7740.json b/2016/7xxx/CVE-2016-7740.json index 55b3cd370ec..b11f90a7bf6 100644 --- a/2016/7xxx/CVE-2016-7740.json +++ b/2016/7xxx/CVE-2016-7740.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7740", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7740", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7767.json b/2016/7xxx/CVE-2016-7767.json index 4ff5e1b9fe9..6d9d1ad4b38 100644 --- a/2016/7xxx/CVE-2016-7767.json +++ b/2016/7xxx/CVE-2016-7767.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7767", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7767", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7846.json b/2016/7xxx/CVE-2016-7846.json index fefad34652e..b17fadee150 100644 --- a/2016/7xxx/CVE-2016-7846.json +++ b/2016/7xxx/CVE-2016-7846.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7846", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7846", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file