admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:35:05 +00:00
parent c90c9e567f
commit 700ca368eb
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 3940 additions and 3940 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

200
2006/0xxx/CVE-2006-0206.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0206",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060113 [eVuln] Light Weight Calendar PHP Code Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421920"
},
{
"name" : "20060318 Source VERIFY - Light Weight Calendar issue is eval injection",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2006-March/000612.html"
},
{
"name" : "16229",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16229"
},
{
"name" : "ADV-2006-0171",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0171"
},
{
"name" : "http://evuln.com/vulns/29/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/29/summary.html"
},
{
"name" : "http://evuln.com/vulns/29/exploit.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/29/exploit.html"
},
{
"name" : "22376",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22376"
},
{
"name" : "18450",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18450"
},
{
"name" : "lwc-cal-execute-code(24110)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24110"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://evuln.com/vulns/29/exploit.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/29/exploit.html"
},
{
"name": "18450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18450"
},
{
"name": "16229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16229"
},
{
"name": "20060318 Source VERIFY - Light Weight Calendar issue is eval injection",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2006-March/000612.html"
},
{
"name": "lwc-cal-execute-code(24110)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24110"
},
{
"name": "22376",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22376"
},
{
"name": "http://evuln.com/vulns/29/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/29/summary.html"
},
{
"name": "ADV-2006-0171",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0171"
},
{
"name": "20060113 [eVuln] Light Weight Calendar PHP Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421920"
}
]
}
}

200
2006/0xxx/CVE-2006-0290.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0290",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 has unspecified impact and attack vectors, as identified by Oracle Vuln# WF01 in the Oracle Workflow Cartridge component."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
},
{
"name" : "VU#545804",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/545804"
},
{
"name" : "16287",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16287"
},
{
"name" : "ADV-2006-0243",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0243"
},
{
"name" : "ADV-2006-0323",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0323"
},
{
"name" : "1015499",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015499"
},
{
"name" : "18493",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18493"
},
{
"name" : "18608",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18608"
},
{
"name" : "oracle-january2006-update(24321)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 has unspecified impact and attack vectors, as identified by Oracle Vuln# WF01 in the Oracle Workflow Cartridge component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-january2006-update(24321)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
},
{
"name": "18493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18493"
},
{
"name": "ADV-2006-0323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0323"
},
{
"name": "16287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16287"
},
{
"name": "VU#545804",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/545804"
},
{
"name": "1015499",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015499"
},
{
"name": "ADV-2006-0243",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0243"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
},
{
"name": "18608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18608"
}
]
}
}

34
2006/0xxx/CVE-2006-0556.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0556",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-0556",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}
}

170
2006/0xxx/CVE-2006-0598.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0598",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-0598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/0002-r1335-Applied-patch-from-Emiliano-to-fix-possible-buffer-overflow.txt?bug=349528;msg=15;att=2",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/0002-r1335-Applied-patch-from-Emiliano-to-fix-possible-buffer-overflow.txt?bug=349528;msg=15;att=2"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528"
},
{
"name" : "DSA-967",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-967"
},
{
"name" : "16579",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16579"
},
{
"name" : "18783",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18783"
},
{
"name" : "elog-elogd-log-bo(24705)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24705"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16579",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16579"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528"
},
{
"name": "18783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18783"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi/0002-r1335-Applied-patch-from-Emiliano-to-fix-possible-buffer-overflow.txt?bug=349528;msg=15;att=2",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/0002-r1335-Applied-patch-from-Emiliano-to-fix-possible-buffer-overflow.txt?bug=349528;msg=15;att=2"
},
{
"name": "elog-elogd-log-bo(24705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24705"
},
{
"name": "DSA-967",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-967"
}
]
}
}

220
2006/0xxx/CVE-2006-0989.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0989",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
},
{
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html",
"refsource" : "CONFIRM",
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
},
{
"name" : "http://seer.support.veritas.com/docs/281521.htm",
"refsource" : "CONFIRM",
"url" : "http://seer.support.veritas.com/docs/281521.htm"
},
{
"name" : "VU#880801",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/880801"
},
{
"name" : "17264",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17264"
},
{
"name" : "ADV-2006-1124",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1124"
},
{
"name" : "24172",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24172"
},
{
"name" : "1015832",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015832"
},
{
"name" : "639",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/639"
},
{
"name" : "netbackup-vmd-sscanf-bo(25471)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015832",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015832"
},
{
"name": "17264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17264"
},
{
"name": "http://seer.support.veritas.com/docs/281521.htm",
"refsource": "CONFIRM",
"url": "http://seer.support.veritas.com/docs/281521.htm"
},
{
"name": "ADV-2006-1124",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1124"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
},
{
"name": "VU#880801",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/880801"
},
{
"name": "24172",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24172"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
},
{
"name": "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
},
{
"name": "639",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/639"
},
{
"name": "netbackup-vmd-sscanf-bo(25471)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
}
]
}
}

160
2006/1xxx/CVE-2006-1264.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1264",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060315 [eVuln] discussion - xhawk.net BBCode 'img' XSS & SQL Injection Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/427729/100/0/threaded"
},
{
"name" : "http://evuln.com/vulns/92/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/92/summary.html"
},
{
"name" : "17119",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17119"
},
{
"name" : "23970",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23970"
},
{
"name" : "discussion-bbcode-xss(25236)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25236"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17119"
},
{
"name": "20060315 [eVuln] discussion - xhawk.net BBCode 'img' XSS & SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427729/100/0/threaded"
},
{
"name": "http://evuln.com/vulns/92/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/92/summary.html"
},
{
"name": "23970",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23970"
},
{
"name": "discussion-bbcode-xss(25236)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25236"
}
]
}
}

150
2006/1xxx/CVE-2006-1292.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1292",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "1585",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1585"
},
{
"name" : "17125",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17125"
},
{
"name" : "ADV-2006-1019",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1019"
},
{
"name" : "19285",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19285"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17125"
},
{
"name": "19285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19285"
},
{
"name": "ADV-2006-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1019"
},
{
"name": "1585",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1585"
}
]
}
}

170
2006/1xxx/CVE-2006-1392.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1392",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University of Washington Pubcookie 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified inputs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://pubcookie.org/news/20060306-login-secadv.html",
"refsource" : "CONFIRM",
"url" : "http://pubcookie.org/news/20060306-login-secadv.html"
},
{
"name" : "VU#337585",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/337585"
},
{
"name" : "17221",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17221"
},
{
"name" : "24521",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24521"
},
{
"name" : "19348",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19348"
},
{
"name" : "pubcookie-login-server-xss(25427)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25427"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University of Washington Pubcookie 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified inputs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "pubcookie-login-server-xss(25427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25427"
},
{
"name": "24521",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24521"
},
{
"name": "http://pubcookie.org/news/20060306-login-secadv.html",
"refsource": "CONFIRM",
"url": "http://pubcookie.org/news/20060306-login-secadv.html"
},
{
"name": "VU#337585",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/337585"
},
{
"name": "17221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17221"
},
{
"name": "19348",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19348"
}
]
}
}

140
2006/1xxx/CVE-2006-1584.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1584",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the \"page\" parameter is not used in this product, and \"id\" might be the affected parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1584",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060331 Warcraft III Replay Parser Script Remote Command Exucetion Vulnerability And Cross-Site Scripting Attacking",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/429535/100/0/threaded"
},
{
"name" : "17334",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17334"
},
{
"name" : "warcraft3-replay-parser-index-file-include(25686)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25686"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the \"page\" parameter is not used in this product, and \"id\" might be the affected parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060331 Warcraft III Replay Parser Script Remote Command Exucetion Vulnerability And Cross-Site Scripting Attacking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429535/100/0/threaded"
},
{
"name": "warcraft3-replay-parser-index-file-include(25686)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25686"
},
{
"name": "17334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17334"
}
]
}
}

190
2006/4xxx/CVE-2006-4799.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4799",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and \"bad indexes\", a different vulnerability than CVE-2005-4048 and CVE-2006-2802."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://xinehq.de/index.php/news",
"refsource" : "CONFIRM",
"url" : "http://xinehq.de/index.php/news"
},
{
"name" : "DSA-1215",
"refsource" : "DEBIAN",
"url" : "http://www.us.debian.org/security/2006/dsa-1215"
},
{
"name" : "GLSA-200609-09",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200609-09.xml"
},
{
"name" : "SUSE-SA:2006:073",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_73_mono.html"
},
{
"name" : "USN-358-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-358-1"
},
{
"name" : "22230",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22230"
},
{
"name" : "23010",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23010"
},
{
"name" : "23213",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23213"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and \"bad indexes\", a different vulnerability than CVE-2005-4048 and CVE-2006-2802."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200609-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200609-09.xml"
},
{
"name": "SUSE-SA:2006:073",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_73_mono.html"
},
{
"name": "22230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22230"
},
{
"name": "23010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23010"
},
{
"name": "USN-358-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-358-1"
},
{
"name": "23213",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23213"
},
{
"name": "http://xinehq.de/index.php/news",
"refsource": "CONFIRM",
"url": "http://xinehq.de/index.php/news"
},
{
"name": "DSA-1215",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2006/dsa-1215"
}
]
}
}

140
2006/5xxx/CVE-2006-5046.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5046",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of \"hardened language files.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://forum.joomla.org/index.php/topic,73453.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.joomla.org/index.php/topic,73453.0.html"
},
{
"name" : "http://forum.joomla.org/index.php/topic,79477.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.joomla.org/index.php/topic,79477.0.html"
},
{
"name" : "http://rsgallery2.net/component/option,com_rsgallery2/Itemid,7/page,viewChangelog/",
"refsource" : "CONFIRM",
"url" : "http://rsgallery2.net/component/option,com_rsgallery2/Itemid,7/page,viewChangelog/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of \"hardened language files.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rsgallery2.net/component/option,com_rsgallery2/Itemid,7/page,viewChangelog/",
"refsource": "CONFIRM",
"url": "http://rsgallery2.net/component/option,com_rsgallery2/Itemid,7/page,viewChangelog/"
},
{
"name": "http://forum.joomla.org/index.php/topic,79477.0.html",
"refsource": "CONFIRM",
"url": "http://forum.joomla.org/index.php/topic,79477.0.html"
},
{
"name": "http://forum.joomla.org/index.php/topic,73453.0.html",
"refsource": "CONFIRM",
"url": "http://forum.joomla.org/index.php/topic,73453.0.html"
}
]
}
}

180
2006/5xxx/CVE-2006-5076.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5076",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5076",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060925 Back-end => 0.4.5 Remote File Include Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/447005/100/0/threaded"
},
{
"name" : "20061015 Back-end ( File Include Vulnerability Exploit )",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448776/100/0/threaded"
},
{
"name" : "20061028 Back-end => 0.4.5 Remote File Include Vulnerability Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/450031/100/200/threaded"
},
{
"name" : "20207",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20207"
},
{
"name" : "1650",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1650"
},
{
"name" : "back-end-includes-file-include(29172)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29172"
},
{
"name" : "backend-index-file-include(29605)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29605"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20207"
},
{
"name": "20061015 Back-end ( File Include Vulnerability Exploit )",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448776/100/0/threaded"
},
{
"name": "backend-index-file-include(29605)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29605"
},
{
"name": "back-end-includes-file-include(29172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29172"
},
{
"name": "20061028 Back-end => 0.4.5 Remote File Include Vulnerability Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450031/100/200/threaded"
},
{
"name": "20060925 Back-end => 0.4.5 Remote File Include Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447005/100/0/threaded"
},
{
"name": "1650",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1650"
}
]
}
}

180
2010/2xxx/CVE-2010-2428.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2428",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100602 Wing FTP Server - Cross Site Scripting Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-06/0031.html"
},
{
"name" : "20100602 Wing FTP Server - Cross Site Scripting Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2010/Jun/49"
},
{
"name" : "20100607 Re: Wing FTP Server - Cross Site Scripting Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2010/Jun/128"
},
{
"name" : "http://labs-werew01f.sectester.net/2010/06/wing-ftp-server-cross-site-scripting.html",
"refsource" : "MISC",
"url" : "http://labs-werew01f.sectester.net/2010/06/wing-ftp-server-cross-site-scripting.html"
},
{
"name" : "40510",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40510"
},
{
"name" : "65444",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/65444"
},
{
"name" : "wingftpserver-adminloginok-xss(59094)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59094"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://labs-werew01f.sectester.net/2010/06/wing-ftp-server-cross-site-scripting.html",
"refsource": "MISC",
"url": "http://labs-werew01f.sectester.net/2010/06/wing-ftp-server-cross-site-scripting.html"
},
{
"name": "65444",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/65444"
},
{
"name": "40510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40510"
},
{
"name": "20100602 Wing FTP Server - Cross Site Scripting Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Jun/49"
},
{
"name": "20100607 Re: Wing FTP Server - Cross Site Scripting Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Jun/128"
},
{
"name": "20100602 Wing FTP Server - Cross Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-06/0031.html"
},
{
"name": "wingftpserver-adminloginok-xss(59094)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59094"
}
]
}
}

140
2010/2xxx/CVE-2010-2513.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2513",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "13997",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/13997"
},
{
"name" : "http://packetstormsecurity.org/1006-exploits/joomlajeajax-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1006-exploits/joomlajeajax-sql.txt"
},
{
"name" : "41058",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41058"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41058",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41058"
},
{
"name": "http://packetstormsecurity.org/1006-exploits/joomlajeajax-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1006-exploits/joomlajeajax-sql.txt"
},
{
"name": "13997",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13997"
}
]
}
}

130
2010/2xxx/CVE-2010-2635.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2635",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to \"Commerce Organization Admin Console JavaServer pages.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "IZ73130",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ73130"
},
{
"name" : "wsc-oacjsp-info-disclosure(62951)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62951"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to \"Commerce Organization Admin Console JavaServer pages.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "wsc-oacjsp-info-disclosure(62951)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62951"
},
{
"name": "IZ73130",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ73130"
}
]
}
}

200
2010/2xxx/CVE-2010-2665.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2665",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the \"opening site.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1054/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1054/"
},
{
"name" : "http://www.opera.com/docs/changelogs/unix/1011/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unix/1011/"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1054/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1054/"
},
{
"name" : "http://www.opera.com/support/kb/view/955/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/955/"
},
{
"name" : "40973",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40973"
},
{
"name" : "oval:org.mitre.oval:def:11362",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11362"
},
{
"name" : "40250",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40250"
},
{
"name" : "ADV-2010-1529",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1529"
},
{
"name" : "opera-datauri-xss(60646)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60646"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the \"opening site.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "opera-datauri-xss(60646)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60646"
},
{
"name": "40973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40973"
},
{
"name": "http://www.opera.com/docs/changelogs/unix/1011/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1011/"
},
{
"name": "http://www.opera.com/support/kb/view/955/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/955/"
},
{
"name": "ADV-2010-1529",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1529"
},
{
"name": "http://www.opera.com/docs/changelogs/mac/1054/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1054/"
},
{
"name": "oval:org.mitre.oval:def:11362",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11362"
},
{
"name": "40250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40250"
},
{
"name": "http://www.opera.com/docs/changelogs/windows/1054/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1054/"
}
]
}
}

140
2010/2xxx/CVE-2010-2815.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2815",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"name" : "42198",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42198"
},
{
"name" : "40842",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40842"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42198"
},
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}

34
2010/2xxx/CVE-2010-2893.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2893",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2893",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2010/3xxx/CVE-2010-3010.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3010",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "HPSBGN02577",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02507909"
},
{
"name" : "SSRT100224",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02507909"
},
{
"name" : "1024449",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024449"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100224",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02507909"
},
{
"name": "HPSBGN02577",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02507909"
},
{
"name": "1024449",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024449"
}
]
}
}

160
2010/3xxx/CVE-2010-3128.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3128",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100825 TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"name" : "14734",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14734"
},
{
"name" : "oval:org.mitre.oval:def:6773",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
},
{
"name" : "41112",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41112"
},
{
"name" : "ADV-2010-2174",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2174"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41112"
},
{
"name": "oval:org.mitre.oval:def:6773",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
},
{
"name": "14734",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14734"
},
{
"name": "20100825 TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"name": "ADV-2010-2174",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2174"
}
]
}
}

140
2010/3xxx/CVE-2010-3160.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3160",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ponsoftware.com/en/",
"refsource" : "MISC",
"url" : "http://www.ponsoftware.com/en/"
},
{
"name" : "JVN#68536660",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN68536660/index.html"
},
{
"name" : "JVNDB-2010-000044",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000044.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2010-000044",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000044.html"
},
{
"name": "JVN#68536660",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN68536660/index.html"
},
{
"name": "http://www.ponsoftware.com/en/",
"refsource": "MISC",
"url": "http://www.ponsoftware.com/en/"
}
]
}
}

310
2010/3xxx/CVE-2010-3182.json
View File

@ -1,157 +1,157 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3182",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-71.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-71.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=590753",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=590753"
},
{
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource" : "CONFIRM",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100114250",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100114250"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100120156",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100120156"
},
{
"name" : "FEDORA-2010-16885",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
},
{
"name" : "FEDORA-2010-16897",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
},
{
"name" : "MDVSA-2010:210",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210"
},
{
"name" : "MDVSA-2010:211",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:211"
},
{
"name" : "RHSA-2010:0781",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0781.html"
},
{
"name" : "RHSA-2010:0782",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0782.html"
},
{
"name" : "RHSA-2010:0780",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0780.html"
},
{
"name" : "RHSA-2010:0861",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
},
{
"name" : "RHSA-2010:0896",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0896.html"
},
{
"name" : "USN-997-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-997-1"
},
{
"name" : "USN-998-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-998-1"
},
{
"name" : "44251",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44251"
},
{
"name" : "oval:org.mitre.oval:def:13844",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13844"
},
{
"name" : "42867",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42867"
},
{
"name" : "ADV-2011-0061",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0061"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2010:0782",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0782.html"
},
{
"name": "RHSA-2010:0896",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0896.html"
},
{
"name": "MDVSA-2010:210",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210"
},
{
"name": "44251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44251"
},
{
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name": "RHSA-2010:0781",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0781.html"
},
{
"name": "42867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42867"
},
{
"name": "MDVSA-2010:211",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:211"
},
{
"name": "ADV-2011-0061",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"name": "USN-998-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-998-1"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114250",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114250"
},
{
"name": "http://support.avaya.com/css/P8/documents/100120156",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100120156"
},
{
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-71.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-71.html"
},
{
"name": "USN-997-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-997-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=590753",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=590753"
},
{
"name": "FEDORA-2010-16897",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
},
{
"name": "RHSA-2010:0861",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
},
{
"name": "RHSA-2010:0780",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0780.html"
},
{
"name": "FEDORA-2010-16885",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
},
{
"name": "oval:org.mitre.oval:def:13844",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13844"
}
]
}
}

490
2010/3xxx/CVE-2010-3613.json
View File

@ -1,247 +1,247 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3613",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2010-3613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
},
{
"name" : "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
"refsource" : "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
},
{
"name" : "http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories",
"refsource" : "CONFIRM",
"url" : "http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories"
},
{
"name" : "http://www.isc.org/software/bind/advisories/cve-2010-3613",
"refsource" : "CONFIRM",
"url" : "http://www.isc.org/software/bind/advisories/cve-2010-3613"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100124923",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100124923"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0004.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
},
{
"name" : "http://support.apple.com/kb/HT5002",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5002"
},
{
"name" : "APPLE-SA-2011-10-12-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name" : "DSA-2130",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2130"
},
{
"name" : "FEDORA-2010-18521",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html"
},
{
"name" : "FEDORA-2010-18469",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html"
},
{
"name" : "HPSBUX02655",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130270720601677&w=2"
},
{
"name" : "SSRT100353",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130270720601677&w=2"
},
{
"name" : "MDVSA-2010:253",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:253"
},
{
"name" : "NetBSD-SA2011-001",
"refsource" : "NETBSD",
"url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc"
},
{
"name" : "RHSA-2010:0976",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0976.html"
},
{
"name" : "RHSA-2010:0975",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0975.html"
},
{
"name" : "RHSA-2010:1000",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-1000.html"
},
{
"name" : "SSA:2010-350-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190"
},
{
"name" : "USN-1025-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1025-1"
},
{
"name" : "VU#706148",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/706148"
},
{
"name" : "45133",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45133"
},
{
"name" : "69558",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/69558"
},
{
"name" : "oval:org.mitre.oval:def:12601",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601"
},
{
"name" : "1024817",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024817"
},
{
"name" : "42374",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42374"
},
{
"name" : "42459",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42459"
},
{
"name" : "42522",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42522"
},
{
"name" : "42671",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42671"
},
{
"name" : "42707",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42707"
},
{
"name" : "43141",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43141"
},
{
"name" : "ADV-2010-3102",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3102"
},
{
"name" : "ADV-2010-3103",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3103"
},
{
"name" : "ADV-2010-3138",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3138"
},
{
"name" : "ADV-2010-3139",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3139"
},
{
"name" : "ADV-2010-3140",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3140"
},
{
"name" : "ADV-2011-0267",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0267"
},
{
"name" : "ADV-2011-0606",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0606"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-3139",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3139"
},
{
"name": "http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories",
"refsource": "CONFIRM",
"url": "http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories"
},
{
"name": "69558",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/69558"
},
{
"name": "MDVSA-2010:253",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:253"
},
{
"name": "1024817",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024817"
},
{
"name": "42459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42459"
},
{
"name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html"
},
{
"name": "oval:org.mitre.oval:def:12601",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601"
},
{
"name": "HPSBUX02655",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130270720601677&w=2"
},
{
"name": "ADV-2011-0606",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0606"
},
{
"name": "SSRT100353",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130270720601677&w=2"
},
{
"name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded"
},
{
"name": "42707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42707"
},
{
"name": "http://www.isc.org/software/bind/advisories/cve-2010-3613",
"refsource": "CONFIRM",
"url": "http://www.isc.org/software/bind/advisories/cve-2010-3613"
},
{
"name": "RHSA-2010:0975",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0975.html"
},
{
"name": "43141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43141"
},
{
"name": "42522",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42522"
},
{
"name": "ADV-2010-3103",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3103"
},
{
"name": "RHSA-2010:0976",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0976.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "NetBSD-SA2011-001",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc"
},
{
"name": "ADV-2010-3102",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3102"
},
{
"name": "42374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42374"
},
{
"name": "USN-1025-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1025-1"
},
{
"name": "ADV-2010-3140",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3140"
},
{
"name": "45133",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45133"
},
{
"name": "VU#706148",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/706148"
},
{
"name": "ADV-2010-3138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3138"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "42671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42671"
},
{
"name": "RHSA-2010:1000",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-1000.html"
},
{
"name": "DSA-2130",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2130"
},
{
"name": "http://support.avaya.com/css/P8/documents/100124923",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100124923"
},
{
"name": "FEDORA-2010-18469",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html"
},
{
"name": "SSA:2010-350-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190"
},
{
"name": "FEDORA-2010-18521",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html"
},
{
"name": "ADV-2011-0267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0267"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html"
}
]
}
}

210
2010/3xxx/CVE-2010-3809.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3809",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.apple.com/kb/HT4455",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4455"
},
{
"name" : "http://support.apple.com/kb/HT4456",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4456"
},
{
"name" : "APPLE-SA-2010-11-18-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"
},
{
"name" : "APPLE-SA-2010-11-22-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "oval:org.mitre.oval:def:12079",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12079"
},
{
"name" : "42314",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42314"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
},
{
"name" : "ADV-2010-3046",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name": "http://support.apple.com/kb/HT4455",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4455"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "oval:org.mitre.oval:def:12079",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12079"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
}

180
2010/4xxx/CVE-2010-4033.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4033",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct \"profile spamming\" attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=48225",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=48225"
},
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=51727",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=51727"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html"
},
{
"name" : "44241",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44241"
},
{
"name" : "oval:org.mitre.oval:def:7159",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7159"
},
{
"name" : "41888",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41888"
},
{
"name" : "ADV-2010-2731",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2731"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct \"profile spamming\" attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/chromium/issues/detail?id=48225",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=48225"
},
{
"name": "oval:org.mitre.oval:def:7159",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7159"
},
{
"name": "ADV-2010-2731",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2731"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=51727",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=51727"
},
{
"name": "41888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41888"
},
{
"name": "44241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44241"
},
{
"name": "http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html"
}
]
}
}

160
2010/4xxx/CVE-2010-4054.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4054",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[gs-cvs] 20100106 [gs-commits] rev 10590 - trunk/gs/base",
"refsource" : "MLIST",
"url" : "http://ghostscript.com/pipermail/gs-cvs/2010-January/010333.html"
},
{
"name" : "GLSA-201412-17",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201412-17.xml"
},
{
"name" : "RHSA-2012:0095",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2012-0095.html"
},
{
"name" : "RHSA-2012:0096",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0096.html"
},
{
"name" : "VU#538191",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/538191"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2012-0095.html"
},
{
"name": "GLSA-201412-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-17.xml"
},
{
"name": "RHSA-2012:0096",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0096.html"
},
{
"name": "VU#538191",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/538191"
},
{
"name": "[gs-cvs] 20100106 [gs-commits] rev 10590 - trunk/gs/base",
"refsource": "MLIST",
"url": "http://ghostscript.com/pipermail/gs-cvs/2010-January/010333.html"
}
]
}
}

190
2010/4xxx/CVE-2010-4327.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4327",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110207 ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"name" : "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell",
"refsource" : "MISC",
"url" : "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-060",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
},
{
"name" : "http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2"
},
{
"name" : "46263",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46263"
},
{
"name" : "43186",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43186"
},
{
"name" : "8071",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8071"
},
{
"name" : "ADV-2011-0305",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0305"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2"
},
{
"name": "ADV-2011-0305",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0305"
},
{
"name": "43186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43186"
},
{
"name": "46263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46263"
},
{
"name": "8071",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8071"
},
{
"name": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"name": "20110207 ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-060",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
}
]
}
}

170
2010/4xxx/CVE-2010-4580.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4580",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1100/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1100/"
},
{
"name" : "http://www.opera.com/docs/changelogs/unix/1100/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unix/1100/"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1100/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1100/"
},
{
"name" : "http://www.opera.com/support/kb/view/979/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/979/"
},
{
"name" : "SUSE-SR:2010:024",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name" : "42653",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42653"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42653"
},
{
"name": "http://www.opera.com/docs/changelogs/unix/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1100/"
},
{
"name": "http://www.opera.com/docs/changelogs/windows/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1100/"
},
{
"name": "http://www.opera.com/docs/changelogs/mac/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1100/"
},
{
"name": "http://www.opera.com/support/kb/view/979/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/979/"
},
{
"name": "SUSE-SR:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
}
]
}
}

130
2011/1xxx/CVE-2011-1350.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1350",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://jon.oberheide.org/files/levitator.c",
"refsource" : "MISC",
"url" : "http://jon.oberheide.org/files/levitator.c"
},
{
"name" : "http://code.google.com/p/android/issues/detail?id=21522",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/android/issues/detail?id=21522"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://jon.oberheide.org/files/levitator.c",
"refsource": "MISC",
"url": "http://jon.oberheide.org/files/levitator.c"
},
{
"name": "http://code.google.com/p/android/issues/detail?id=21522",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/android/issues/detail?id=21522"
}
]
}
}

120
2011/5xxx/CVE-2011-5285.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-5285",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in BugFree 2.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the ActionType parameter to Bug.php, the ReportMode parameter to (2) Report.php or (3) ReportLeft.php, or the PATH_INFO to (4) AdminProjectList.php, (5) AdminGroupList.php, or (6) AdminUserLogList.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.htbridge.com/advisory/HTB23048",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23048"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BugFree 2.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the ActionType parameter to Bug.php, the ReportMode parameter to (2) Report.php or (3) ReportLeft.php, or the PATH_INFO to (4) AdminProjectList.php, (5) AdminGroupList.php, or (6) AdminUserLogList.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.htbridge.com/advisory/HTB23048",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23048"
}
]
}
}

150
2014/3xxx/CVE-2014-3203.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3203",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name" : "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name" : "USN-2184-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-2184-1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2184-1"
}
]
}
}

34
2014/3xxx/CVE-2014-3240.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3240",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3240",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/3xxx/CVE-2014-3265.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3265",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34274",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34274"
},
{
"name" : "20140519 Cisco Security Manager AUS Cross-Site Scripting Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3265"
},
{
"name" : "1030260",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030260"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030260",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030260"
},
{
"name": "20140519 Cisco Security Manager AUS Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3265"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34274",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34274"
}
]
}
}

140
2014/3xxx/CVE-2014-3546.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3546",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in (1) notes/index.php and (2) user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a modified URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20140721 Moodle security notifications public",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/07/21/1"
},
{
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760",
"refsource" : "CONFIRM",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760"
},
{
"name" : "https://moodle.org/mod/forum/discuss.php?d=264267",
"refsource" : "CONFIRM",
"url" : "https://moodle.org/mod/forum/discuss.php?d=264267"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in (1) notes/index.php and (2) user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a modified URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=264267",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=264267"
},
{
"name": "[oss-security] 20140721 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/07/21/1"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760"
}
]
}
}

34
2014/4xxx/CVE-2014-4142.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4142",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-4142",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

150
2014/4xxx/CVE-2014-4159.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4159",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html",
"refsource" : "MISC",
"url" : "http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html"
},
{
"name" : "http://scn.sap.com/docs/DOC-8218",
"refsource" : "CONFIRM",
"url" : "http://scn.sap.com/docs/DOC-8218"
},
{
"name" : "https://service.sap.com/sap/support/notes/1946420",
"refsource" : "CONFIRM",
"url" : "https://service.sap.com/sap/support/notes/1946420"
},
{
"name" : "67997",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67997"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1946420",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1946420"
},
{
"name": "http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html",
"refsource": "MISC",
"url": "http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "67997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67997"
}
]
}
}

160
2014/8xxx/CVE-2014-8112.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8112",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores \"unhashed\" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html",
"refsource" : "CONFIRM",
"url" : "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html"
},
{
"name" : "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html",
"refsource" : "CONFIRM",
"url" : "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1172729",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1172729"
},
{
"name" : "FEDORA-2015-3368",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html"
},
{
"name" : "RHSA-2015:0416",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0416.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores \"unhashed\" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html",
"refsource": "CONFIRM",
"url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1172729",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172729"
},
{
"name": "RHSA-2015:0416",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0416.html"
},
{
"name": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html",
"refsource": "CONFIRM",
"url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html"
},
{
"name": "FEDORA-2015-3368",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html"
}
]
}
}

34
2014/8xxx/CVE-2014-8191.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8191",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8191",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

170
2014/8xxx/CVE-2014-8315.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8315",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depending on if a connection can be made, which allows remote attackers to conduct port scanning attacks via a host name and port in the cms parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20141010 SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/533672/100/0/threaded"
},
{
"name" : "20141010 SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Oct/48"
},
{
"name" : "http://www.csnc.ch/misc/files/advisories/CSNC-2013-016_SAP_BusinessObjects_Explorer_Port-Scanning.txt",
"refsource" : "MISC",
"url" : "http://www.csnc.ch/misc/files/advisories/CSNC-2013-016_SAP_BusinessObjects_Explorer_Port-Scanning.txt"
},
{
"name" : "https://service.sap.com/sap/support/notes/1908562",
"refsource" : "CONFIRM",
"url" : "https://service.sap.com/sap/support/notes/1908562"
},
{
"name" : "70382",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70382"
},
{
"name" : "sap-businessobjects-port-scan-info-disc(96935)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96935"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depending on if a connection can be made, which allows remote attackers to conduct port scanning attacks via a host name and port in the cms parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1908562",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1908562"
},
{
"name": "20141010 SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/48"
},
{
"name": "http://www.csnc.ch/misc/files/advisories/CSNC-2013-016_SAP_BusinessObjects_Explorer_Port-Scanning.txt",
"refsource": "MISC",
"url": "http://www.csnc.ch/misc/files/advisories/CSNC-2013-016_SAP_BusinessObjects_Explorer_Port-Scanning.txt"
},
{
"name": "70382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70382"
},
{
"name": "sap-businessobjects-port-scan-info-disc(96935)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96935"
},
{
"name": "20141010 SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533672/100/0/threaded"
}
]
}
}

34
2014/8xxx/CVE-2014-8741.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8741",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8741",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2014/9xxx/CVE-2014-9056.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9056",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9056",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

220
2014/9xxx/CVE-2014-9087.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9087",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-9087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[gnupg-announce] 20141125 [Announce] [security fix] Libksba 1.3.2 for GnuPG released",
"refsource" : "MLIST",
"url" : "http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html"
},
{
"name" : "https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html",
"refsource" : "MISC",
"url" : "https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html"
},
{
"name" : "http://advisories.mageia.org/MGASA-2014-0498.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2014-0498.html"
},
{
"name" : "DSA-3078",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3078"
},
{
"name" : "MDVSA-2014:234",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:234"
},
{
"name" : "MDVSA-2015:151",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:151"
},
{
"name" : "USN-2427-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2427-1"
},
{
"name" : "71285",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71285"
},
{
"name" : "60073",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60073"
},
{
"name" : "60189",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60189"
},
{
"name" : "60233",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60233"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html",
"refsource": "MISC",
"url": "https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html"
},
{
"name": "MDVSA-2015:151",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:151"
},
{
"name": "60233",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60233"
},
{
"name": "DSA-3078",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3078"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0498.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0498.html"
},
{
"name": "MDVSA-2014:234",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:234"
},
{
"name": "71285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71285"
},
{
"name": "60073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60073"
},
{
"name": "60189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60189"
},
{
"name": "[gnupg-announce] 20141125 [Announce] [security fix] Libksba 1.3.2 for GnuPG released",
"refsource": "MLIST",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html"
},
{
"name": "USN-2427-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2427-1"
}
]
}
}

34
2014/9xxx/CVE-2014-9540.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9540",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9540",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/9xxx/CVE-2014-9682.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9682",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20141111 CVE Request - dns-sync node module",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/11/11/6"
},
{
"name" : "https://github.com/skoranga/node-dns-sync/commit/d9abaae384b198db1095735ad9c1c73d7b890a0d",
"refsource" : "CONFIRM",
"url" : "https://github.com/skoranga/node-dns-sync/commit/d9abaae384b198db1095735ad9c1c73d7b890a0d"
},
{
"name" : "https://github.com/skoranga/node-dns-sync/issues/1",
"refsource" : "CONFIRM",
"url" : "https://github.com/skoranga/node-dns-sync/issues/1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/skoranga/node-dns-sync/issues/1",
"refsource": "CONFIRM",
"url": "https://github.com/skoranga/node-dns-sync/issues/1"
},
{
"name": "[oss-security] 20141111 CVE Request - dns-sync node module",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/11/6"
},
{
"name": "https://github.com/skoranga/node-dns-sync/commit/d9abaae384b198db1095735ad9c1c73d7b890a0d",
"refsource": "CONFIRM",
"url": "https://github.com/skoranga/node-dns-sync/commit/d9abaae384b198db1095735ad9c1c73d7b890a0d"
}
]
}
}

140
2014/9xxx/CVE-2014-9932.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2014-9932",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "All Qualcomm Products",
"version" : {
"version_data" : [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer Overflow Vulnerability in TrustZone"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2014-9932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm Products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name" : "97329",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97329"
},
{
"name" : "1038201",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability in TrustZone"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "97329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97329"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
}
]
}
}

34
2016/2xxx/CVE-2016-2135.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2135",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-2135",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

146
2016/2xxx/CVE-2016-2339.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2016-2339",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Ruby",
"version" : {
"version_data" : [
{
"version_value" : "2.3.0 dev"
},
{
"version_value" : "2.2.2"
}
]
}
}
]
},
"vendor_name" : "Ruby"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "heap overflow vulnerability"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-2339",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ruby",
"version": {
"version_data": [
{
"version_value": "2.3.0 dev"
},
{
"version_value": "2.2.2"
}
]
}
}
]
},
"vendor_name": "Ruby"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
},
{
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0034/",
"refsource" : "MISC",
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0034/"
},
{
"name" : "91234",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91234"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "heap overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
},
{
"name": "91234",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91234"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0034/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/"
}
]
}
}

130
2016/2xxx/CVE-2016-2451.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2451",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27597103."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-2451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-05-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-05-01.html"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/f9ed2fe6d61259e779a37d4c2d7edb33a1c1f8ba",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/f9ed2fe6d61259e779a37d4c2d7edb33a1c1f8ba"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27597103."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-05-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-05-01.html"
},
{
"name": "https://android.googlesource.com/platform/frameworks/av/+/f9ed2fe6d61259e779a37d4c2d7edb33a1c1f8ba",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/f9ed2fe6d61259e779a37d4c2d7edb33a1c1f8ba"
}
]
}
}

140
2016/6xxx/CVE-2016-6370.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6370",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160831 Cisco Hosted Collaboration Mediation Fulfillment Authenticated Directory Traversal Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-hcm"
},
{
"name" : "92704",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92704"
},
{
"name" : "1036718",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036718"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036718"
},
{
"name": "92704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92704"
},
{
"name": "20160831 Cisco Hosted Collaboration Mediation Fulfillment Authenticated Directory Traversal Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-hcm"
}
]
}
}

130
2016/6xxx/CVE-2016-6683.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6683",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6683",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name" : "93326",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93326"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93326"
}
]
}
}

160
2016/6xxx/CVE-2016-6715.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-6715",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Android-4.4.4"
},
{
"version_value" : "Android-5.0.2"
},
{
"version_value" : "Android-5.1.1"
},
{
"version_value" : "Android-6.0"
},
{
"version_value" : "Android-6.0.1"
},
{
"version_value" : "Android-7.0"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local malicious application to record audio without the user's permission. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-29833954."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6715",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-4.4.4"
},
{
"version_value": "Android-5.0.2"
},
{
"version_value": "Android-5.1.1"
},
{
"version_value": "Android-6.0"
},
{
"version_value": "Android-6.0.1"
},
{
"version_value": "Android-7.0"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name" : "94173",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94173"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local malicious application to record audio without the user's permission. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-29833954."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94173",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94173"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
}
]
}
}

34
2016/7xxx/CVE-2016-7021.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7021",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7021",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

140
2016/7xxx/CVE-2016-7263.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2016-7263",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-7263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-148",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148"
},
{
"name" : "94668",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94668"
},
{
"name" : "1037441",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037441"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS16-148",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148"
},
{
"name": "1037441",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037441"
},
{
"name": "94668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94668"
}
]
}
}

140
2016/7xxx/CVE-2016-7597.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7597",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"SpringBoard\" component, which allows physically proximate attackers to maintain the unlocked state via vectors related to Handoff with Siri."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7597",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
},
{
"name" : "94850",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94850"
},
{
"name" : "1037429",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037429"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"SpringBoard\" component, which allows physically proximate attackers to maintain the unlocked state via vectors related to Handoff with Siri."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name": "1037429",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037429"
},
{
"name": "94850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94850"
}
]
}
}

34
2016/7xxx/CVE-2016-7772.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7772",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7772",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}