diff --git a/2006/0xxx/CVE-2006-0331.json b/2006/0xxx/CVE-2006-0331.json index e6e72aa8c5b..be68a53aa82 100644 --- a/2006/0xxx/CVE-2006-0331.json +++ b/2006/0xxx/CVE-2006-0331.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0331", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0331", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060119 Change passwd 3.1 (SquirrelMail plugin )", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/422414/100/0/threaded" - }, - { - "name" : "http://www.squirrelmail.org/plugin_view.php?id=117", - "refsource" : "MISC", - "url" : "http://www.squirrelmail.org/plugin_view.php?id=117" - }, - { - "name" : "363", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/363" - }, - { - "name" : "changepassword-changepasswd-bo(24258)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24258" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "363", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/363" + }, + { + "name": "changepassword-changepasswd-bo(24258)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24258" + }, + { + "name": "20060119 Change passwd 3.1 (SquirrelMail plugin )", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/422414/100/0/threaded" + }, + { + "name": "http://www.squirrelmail.org/plugin_view.php?id=117", + "refsource": "MISC", + "url": "http://www.squirrelmail.org/plugin_view.php?id=117" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0336.json b/2006/0xxx/CVE-2006-0336.json index 0956e65c52b..1296d0e114a 100644 --- a/2006/0xxx/CVE-2006-0336.json +++ b/2006/0xxx/CVE-2006-0336.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0336", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving \"browsing the web\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kerio.com/kwf_history.html", - "refsource" : "CONFIRM", - "url" : "http://www.kerio.com/kwf_history.html" - }, - { - "name" : "16385", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16385" - }, - { - "name" : "ADV-2006-0324", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0324" - }, - { - "name" : "22631", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22631" - }, - { - "name" : "18589", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18589" - }, - { - "name" : "kerio-winroute-browsing-dos(24317)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24317" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving \"browsing the web\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22631", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22631" + }, + { + "name": "18589", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18589" + }, + { + "name": "16385", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16385" + }, + { + "name": "ADV-2006-0324", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0324" + }, + { + "name": "http://www.kerio.com/kwf_history.html", + "refsource": "CONFIRM", + "url": "http://www.kerio.com/kwf_history.html" + }, + { + "name": "kerio-winroute-browsing-dos(24317)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24317" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0532.json b/2006/0xxx/CVE-2006-0532.json index 4e18eb70bf6..364c80c1094 100644 --- a/2006/0xxx/CVE-2006-0532.json +++ b/2006/0xxx/CVE-2006-0532.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0532", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker Shop allows remote attackers to inject arbitrary web script or HTML via a strSok parameter containing a javascript: URI in an IMG SRC attribute." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0532", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060201 SoftMaker Shop is vulnerable to XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/423768" - }, - { - "name" : "16471", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16471" - }, - { - "name" : "ADV-2006-0434", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0434" - }, - { - "name" : "22911", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22911" - }, - { - "name" : "18683", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18683" - }, - { - "name" : "400", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/400" - }, - { - "name" : "softmakershop-image-xss(24451)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24451" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker Shop allows remote attackers to inject arbitrary web script or HTML via a strSok parameter containing a javascript: URI in an IMG SRC attribute." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-0434", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0434" + }, + { + "name": "20060201 SoftMaker Shop is vulnerable to XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/423768" + }, + { + "name": "softmakershop-image-xss(24451)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24451" + }, + { + "name": "22911", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22911" + }, + { + "name": "18683", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18683" + }, + { + "name": "400", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/400" + }, + { + "name": "16471", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16471" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0853.json b/2006/0xxx/CVE-2006-0853.json index 4f6fbe408de..e0d2784d0af 100644 --- a/2006/0xxx/CVE-2006-0853.json +++ b/2006/0xxx/CVE-2006-0853.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0853", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long SEARCH argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0853", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060220 [AJECT] TrueNorth IA eMailserver 5.3.4 buffer overflow vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/425586/100/0/threaded" - }, - { - "name" : "16744", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16744" - }, - { - "name" : "ADV-2006-0686", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0686" - }, - { - "name" : "23377", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23377" - }, - { - "name" : "1015664", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015664" - }, - { - "name" : "18986", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18986" - }, - { - "name" : "ia-emailserver-imap-bo(24812)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24812" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long SEARCH argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23377", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23377" + }, + { + "name": "ia-emailserver-imap-bo(24812)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24812" + }, + { + "name": "ADV-2006-0686", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0686" + }, + { + "name": "20060220 [AJECT] TrueNorth IA eMailserver 5.3.4 buffer overflow vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/425586/100/0/threaded" + }, + { + "name": "16744", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16744" + }, + { + "name": "18986", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18986" + }, + { + "name": "1015664", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015664" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1363.json b/2006/1xxx/CVE-2006-1363.json index 13888f8a2ce..94626096c5d 100644 --- a/2006/1xxx/CVE-2006-1363.json +++ b/2006/1xxx/CVE-2006-1363.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1600", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/1600" - }, - { - "name" : "ADV-2006-1038", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1038" - }, - { - "name" : "19343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19343" - }, - { - "name" : "freewps-images-file-include(25377)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1600", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/1600" + }, + { + "name": "19343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19343" + }, + { + "name": "freewps-images-file-include(25377)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25377" + }, + { + "name": "ADV-2006-1038", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1038" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1638.json b/2006/1xxx/CVE-2006-1638.json index f8cf7a164d0..b14eb3a2583 100644 --- a/2006/1xxx/CVE-2006-1638.json +++ b/2006/1xxx/CVE-2006-1638.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1638", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or (i) reply_log.php; (2) p parameter to (j) dpost.php; (3) c parameter to (k) list.php or (l) ndis.php; or (12) q parameter to (m) search.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1638", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060415 [eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/431064/100/0/threaded" - }, - { - "name" : "http://evuln.com/vulns/117/summary.html", - "refsource" : "MISC", - "url" : "http://evuln.com/vulns/117/summary.html" - }, - { - "name" : "17352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17352" - }, - { - "name" : "ADV-2006-1197", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1197" - }, - { - "name" : "24340", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24340" - }, - { - "name" : "24341", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24341" - }, - { - "name" : "24342", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24342" - }, - { - "name" : "24343", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24343" - }, - { - "name" : "24344", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24344" - }, - { - "name" : "24345", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24345" - }, - { - "name" : "24346", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24346" - }, - { - "name" : "24347", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24347" - }, - { - "name" : "24348", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24348" - }, - { - "name" : "24349", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24349" - }, - { - "name" : "24350", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24350" - }, - { - "name" : "24351", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24351" - }, - { - "name" : "24352", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24352" - }, - { - "name" : "19486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19486" - }, - { - "name" : "awebbb-multiple-sql-injection(25587)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25587" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or (i) reply_log.php; (2) p parameter to (j) dpost.php; (3) c parameter to (k) list.php or (l) ndis.php; or (12) q parameter to (m) search.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24348", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24348" + }, + { + "name": "24351", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24351" + }, + { + "name": "24345", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24345" + }, + { + "name": "24346", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24346" + }, + { + "name": "19486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19486" + }, + { + "name": "24343", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24343" + }, + { + "name": "20060415 [eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/431064/100/0/threaded" + }, + { + "name": "24342", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24342" + }, + { + "name": "24349", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24349" + }, + { + "name": "awebbb-multiple-sql-injection(25587)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25587" + }, + { + "name": "24352", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24352" + }, + { + "name": "http://evuln.com/vulns/117/summary.html", + "refsource": "MISC", + "url": "http://evuln.com/vulns/117/summary.html" + }, + { + "name": "ADV-2006-1197", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1197" + }, + { + "name": "24347", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24347" + }, + { + "name": "24350", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24350" + }, + { + "name": "24341", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24341" + }, + { + "name": "17352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17352" + }, + { + "name": "24340", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24340" + }, + { + "name": "24344", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24344" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3685.json b/2006/3xxx/CVE-2006-3685.json index 8a722fbb502..667a89f408d 100644 --- a/2006/3xxx/CVE-2006-3685.json +++ b/2006/3xxx/CVE-2006-3685.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14 allows remote attackers to execute arbitrary PHP code via a URL in the tpath parameter to cn_config.php. NOTE: the news.php vector is already covered by CVE-2005-0859." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2009", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2009" - }, - { - "name" : "ADV-2006-2806", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2806" - }, - { - "name" : "21038", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21038" - }, - { - "name" : "czarnews-news-config-file-include(27733)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27733" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14 allows remote attackers to execute arbitrary PHP code via a URL in the tpath parameter to cn_config.php. NOTE: the news.php vector is already covered by CVE-2005-0859." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-2806", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2806" + }, + { + "name": "czarnews-news-config-file-include(27733)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27733" + }, + { + "name": "2009", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2009" + }, + { + "name": "21038", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21038" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4148.json b/2006/4xxx/CVE-2006-4148.json index fee91ac94d3..4c9330a5866 100644 --- a/2006/4xxx/CVE-2006-4148.json +++ b/2006/4xxx/CVE-2006-4148.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4148", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4148", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4258.json b/2006/4xxx/CVE-2006-4258.json index 670b4e72ca5..a85df9999a3 100644 --- a/2006/4xxx/CVE-2006-4258.json +++ b/2006/4xxx/CVE-2006-4258.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in the get functionality in Anti-Spam SMTP Proxy (ASSP) allows remote authenticated users to read arbitrary files via (1) C:\\ (Windows drive letter), (2) UNC, and possibly other types of paths in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060816 ASSP “get?file” Traversal Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048853.html" - }, - { - "name" : "19545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19545" - }, - { - "name" : "ADV-2006-3289", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3289" - }, - { - "name" : "21523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21523" - }, - { - "name" : "assp-getfile-url-file-access(28392)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28392" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in the get functionality in Anti-Spam SMTP Proxy (ASSP) allows remote authenticated users to read arbitrary files via (1) C:\\ (Windows drive letter), (2) UNC, and possibly other types of paths in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19545" + }, + { + "name": "20060816 ASSP \u0093get?file\u0094 Traversal Vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048853.html" + }, + { + "name": "21523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21523" + }, + { + "name": "assp-getfile-url-file-access(28392)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28392" + }, + { + "name": "ADV-2006-3289", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3289" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4572.json b/2006/4xxx/CVE-2006-4572.json index d6515dfbcc0..1e1e4685856 100644 --- a/2006/4xxx/CVE-2006-4572.json +++ b/2006/4xxx/CVE-2006-4572.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka \"ip6_tables protocol bypass bug;\" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka \"ip6_tables extension header bypass bug.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-4572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070615 rPSA-2007-0124-1 kernel xen", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471457" - }, - { - "name" : "[linux-kernel] 20061105 Linux 2.6.16.31-rc1", - "refsource" : "MLIST", - "url" : "http://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html" - }, - { - "name" : "http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572" - }, - { - "name" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d" - }, - { - "name" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31" - }, - { - "name" : "MDKSA-2006:197", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:197" - }, - { - "name" : "SUSE-SA:2006:079", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_79_kernel.html" - }, - { - "name" : "USN-395-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-395-1" - }, - { - "name" : "USN-416-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-416-1" - }, - { - "name" : "20955", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20955" - }, - { - "name" : "ADV-2006-4386", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4386" - }, - { - "name" : "22731", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22731" - }, - { - "name" : "22762", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22762" - }, - { - "name" : "23384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23384" - }, - { - "name" : "24098", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24098" - }, - { - "name" : "25691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25691" - }, - { - "name" : "23474", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23474" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka \"ip6_tables protocol bypass bug;\" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka \"ip6_tables extension header bypass bug.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24098", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24098" + }, + { + "name": "SUSE-SA:2006:079", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html" + }, + { + "name": "http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572" + }, + { + "name": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19" + }, + { + "name": "23384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23384" + }, + { + "name": "USN-416-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-416-1" + }, + { + "name": "[linux-kernel] 20061105 Linux 2.6.16.31-rc1", + "refsource": "MLIST", + "url": "http://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html" + }, + { + "name": "22762", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22762" + }, + { + "name": "ADV-2006-4386", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4386" + }, + { + "name": "23474", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23474" + }, + { + "name": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31" + }, + { + "name": "20070615 rPSA-2007-0124-1 kernel xen", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471457" + }, + { + "name": "USN-395-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-395-1" + }, + { + "name": "22731", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22731" + }, + { + "name": "MDKSA-2006:197", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:197" + }, + { + "name": "25691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25691" + }, + { + "name": "20955", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20955" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4878.json b/2006/4xxx/CVE-2006-4878.json index 09f0b8ad356..3aed6446d63 100644 --- a/2006/4xxx/CVE-2006-4878.json +++ b/2006/4xxx/CVE-2006-4878.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in footer.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to read and include arbitrary local files via a .. (dot dot) sequence in the template parameter. NOTE: this was later reported to affect 1.0.1, and demonstrated for code execution by uploading and accessing an avatar file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060916 PHP-Post Multiple Input Validation Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446318/100/0/threaded" - }, - { - "name" : "2593", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2593" - }, - { - "name" : "20061", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20061" - }, - { - "name" : "20616", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20616" - }, - { - "name" : "ADV-2006-3688", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3688" - }, - { - "name" : "28964", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28964" - }, - { - "name" : "22014", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22014" - }, - { - "name" : "1607", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1607" - }, - { - "name" : "phppost-template-code-execution(29673)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in footer.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to read and include arbitrary local files via a .. (dot dot) sequence in the template parameter. NOTE: this was later reported to affect 1.0.1, and demonstrated for code execution by uploading and accessing an avatar file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20061" + }, + { + "name": "28964", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28964" + }, + { + "name": "ADV-2006-3688", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3688" + }, + { + "name": "phppost-template-code-execution(29673)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29673" + }, + { + "name": "20616", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20616" + }, + { + "name": "2593", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2593" + }, + { + "name": "1607", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1607" + }, + { + "name": "22014", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22014" + }, + { + "name": "20060916 PHP-Post Multiple Input Validation Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446318/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4954.json b/2006/4xxx/CVE-2006-4954.json index 897b8e7c151..0e74ff5a37e 100644 --- a/2006/4xxx/CVE-2006-4954.json +++ b/2006/4xxx/CVE-2006-4954.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote attackers to modify information of arbitrary users, as demonstrated by modifying (1) passwords and (2) permissions, (3) viewing profile settings, and (4) creating and (5) deleting users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://vuln.sg/neonmail506-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/neonmail506-en.html" - }, - { - "name" : "20109", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20109" - }, - { - "name" : "84203", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84203" - }, - { - "name" : "22029", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22029" - }, - { - "name" : "neonwebmail-updateuser-security-bypass(29089)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29089" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote attackers to modify information of arbitrary users, as demonstrated by modifying (1) passwords and (2) permissions, (3) viewing profile settings, and (4) creating and (5) deleting users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20109", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20109" + }, + { + "name": "http://vuln.sg/neonmail506-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/neonmail506-en.html" + }, + { + "name": "22029", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22029" + }, + { + "name": "neonwebmail-updateuser-security-bypass(29089)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29089" + }, + { + "name": "84203", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84203" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2455.json b/2010/2xxx/CVE-2010-2455.json index dcc2b7e04fa..1126363b893 100644 --- a/2010/2xxx/CVE-2010-2455.json +++ b/2010/2xxx/CVE-2010-2455.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Opera does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue to CVE-2010-1206." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=556957", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=556957" - }, - { - "name" : "opera-html-spoofing(59831)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59831" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Opera does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue to CVE-2010-1206." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=556957", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=556957" + }, + { + "name": "opera-html-spoofing(59831)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59831" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2894.json b/2010/2xxx/CVE-2010-2894.json index a5c481dcb34..d1a822cb2e4 100644 --- a/2010/2xxx/CVE-2010-2894.json +++ b/2010/2xxx/CVE-2010-2894.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2894", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2894", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3139.json b/2010/3xxx/CVE-2010-3139.json index 398d418a745..ece6759226d 100644 --- a/2010/3xxx/CVE-2010-3139.json +++ b/2010/3xxx/CVE-2010-3139.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "14758", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/14758" - }, - { - "name" : "67535", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/67535" - }, - { - "name" : "oval:org.mitre.oval:def:12209", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12209" - }, - { - "name" : "41136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41136" - }, - { - "name" : "ADV-2010-2200", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2200" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14758", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/14758" + }, + { + "name": "41136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41136" + }, + { + "name": "ADV-2010-2200", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2200" + }, + { + "name": "oval:org.mitre.oval:def:12209", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12209" + }, + { + "name": "67535", + "refsource": "OSVDB", + "url": "http://osvdb.org/67535" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3566.json b/2010/3xxx/CVE-2010-3566.json index 4676480202c..3314e6c915e 100644 --- a/2010/3xxx/CVE-2010-3566.json +++ b/2010/3xxx/CVE-2010-3566.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-3566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-204/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-204/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100114315", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100114315" - }, - { - "name" : "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100123193", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100123193" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "HPSBUX02608", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" - }, - { - "name" : "SSRT100333", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "RHSA-2010:0770", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0770.html" - }, - { - "name" : "RHSA-2010:0807", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0807.html" - }, - { - "name" : "RHSA-2010:0873", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0873.html" - }, - { - "name" : "RHSA-2010:0987", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0987.html" - }, - { - "name" : "RHSA-2011:0880", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0880.html" - }, - { - "name" : "SUSE-SR:2010:019", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" - }, - { - "name" : "USN-1010-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1010-1" - }, - { - "name" : "43988", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43988" - }, - { - "name" : "oval:org.mitre.oval:def:11560", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11560" - }, - { - "name" : "oval:org.mitre.oval:def:12225", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12225" - }, - { - "name" : "41967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41967" - }, - { - "name" : "41972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41972" - }, - { - "name" : "42377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42377" - }, - { - "name" : "42974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42974" - }, - { - "name" : "44954", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44954" - }, - { - "name" : "ADV-2010-3086", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3086" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.avaya.com/css/P8/documents/100114315", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100114315" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "RHSA-2010:0770", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" + }, + { + "name": "SSRT100333", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" + }, + { + "name": "USN-1010-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1010-1" + }, + { + "name": "oval:org.mitre.oval:def:12225", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12225" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-204/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-204/" + }, + { + "name": "RHSA-2010:0987", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" + }, + { + "name": "43988", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43988" + }, + { + "name": "44954", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44954" + }, + { + "name": "RHSA-2011:0880", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" + }, + { + "name": "RHSA-2010:0873", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0873.html" + }, + { + "name": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "42974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42974" + }, + { + "name": "41972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41972" + }, + { + "name": "ADV-2010-3086", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3086" + }, + { + "name": "HPSBUX02608", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100123193", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100123193" + }, + { + "name": "oval:org.mitre.oval:def:11560", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11560" + }, + { + "name": "42377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42377" + }, + { + "name": "SUSE-SR:2010:019", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + }, + { + "name": "41967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41967" + }, + { + "name": "RHSA-2010:0807", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3851.json b/2010/3xxx/CVE-2010-3851.json index 3f536aa6c6c..17424ca5f53 100644 --- a/2010/3xxx/CVE-2010-3851.json +++ b/2010/3xxx/CVE-2010-3851.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3851", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted (1) qcow2, (2) VMDK, or (3) VDI header, related to lack of support for a disk format specifier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-3851", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Libguestfs] 20101019 CVE-2010-3851libguestfs:missing disk format specifier when adding a disk", - "refsource" : "MLIST", - "url" : "https://www.redhat.com/archives/libguestfs/2010-October/msg00036.html" - }, - { - "name" : "[Libguestfs] 20101021 [PATCH 0/2] First part of fix for CVE-2010-3851", - "refsource" : "MLIST", - "url" : "https://www.redhat.com/archives/libguestfs/2010-October/msg00037.html" - }, - { - "name" : "[Libguestfs] 20101022 [PATCH 0/8 v2] Complete fix for CVE-2010-3851.", - "refsource" : "MLIST", - "url" : "https://www.redhat.com/archives/libguestfs/2010-October/msg00041.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=643958", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=643958" - }, - { - "name" : "http://rwmj.wordpress.com/2010/10/23/new-libguestfs-stable-versions/", - "refsource" : "CONFIRM", - "url" : "http://rwmj.wordpress.com/2010/10/23/new-libguestfs-stable-versions/" - }, - { - "name" : "FEDORA-2010-16835", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050237.html" - }, - { - "name" : "FEDORA-2010-17202", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050742.html" - }, - { - "name" : "RHSA-2011:0586", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0586.html" - }, - { - "name" : "44166", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44166" - }, - { - "name" : "41797", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41797" - }, - { - "name" : "42235", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42235" - }, - { - "name" : "ADV-2010-2874", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2874" - }, - { - "name" : "ADV-2010-2963", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2963" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted (1) qcow2, (2) VMDK, or (3) VDI header, related to lack of support for a disk format specifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[Libguestfs] 20101022 [PATCH 0/8 v2] Complete fix for CVE-2010-3851.", + "refsource": "MLIST", + "url": "https://www.redhat.com/archives/libguestfs/2010-October/msg00041.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=643958", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=643958" + }, + { + "name": "http://rwmj.wordpress.com/2010/10/23/new-libguestfs-stable-versions/", + "refsource": "CONFIRM", + "url": "http://rwmj.wordpress.com/2010/10/23/new-libguestfs-stable-versions/" + }, + { + "name": "[Libguestfs] 20101021 [PATCH 0/2] First part of fix for CVE-2010-3851", + "refsource": "MLIST", + "url": "https://www.redhat.com/archives/libguestfs/2010-October/msg00037.html" + }, + { + "name": "FEDORA-2010-16835", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050237.html" + }, + { + "name": "FEDORA-2010-17202", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050742.html" + }, + { + "name": "ADV-2010-2963", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2963" + }, + { + "name": "RHSA-2011:0586", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0586.html" + }, + { + "name": "44166", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44166" + }, + { + "name": "41797", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41797" + }, + { + "name": "[Libguestfs] 20101019 CVE-2010-3851libguestfs:missing disk format specifier when adding a disk", + "refsource": "MLIST", + "url": "https://www.redhat.com/archives/libguestfs/2010-October/msg00036.html" + }, + { + "name": "42235", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42235" + }, + { + "name": "ADV-2010-2874", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2874" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4068.json b/2010/4xxx/CVE-2010-4068.json index 3777813e9ed..be1548c004b 100644 --- a/2010/4xxx/CVE-2010-4068.json +++ b/2010/4xxx/CVE-2010-4068.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4068", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-2010-3714." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4068", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/" - }, - { - "name" : "DSA-2121", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2121" - }, - { - "name" : "43786", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43786" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-2010-3714." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43786", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43786" + }, + { + "name": "DSA-2121", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2121" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4147.json b/2010/4xxx/CVE-2010-4147.json index d1798dbe361..22e617fd281 100644 --- a/2010/4xxx/CVE-2010-4147.json +++ b/2010/4xxx/CVE-2010-4147.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4147", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4147", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://holisticinfosec.org/content/view/159/45/", - "refsource" : "MISC", - "url" : "http://holisticinfosec.org/content/view/159/45/" - }, - { - "name" : "http://www.avactis.com/forums/index.php?showtopic=5317", - "refsource" : "CONFIRM", - "url" : "http://www.avactis.com/forums/index.php?showtopic=5317" - }, - { - "name" : "44104", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44104" - }, - { - "name" : "68646", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/68646" - }, - { - "name" : "68647", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/68647" - }, - { - "name" : "41764", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41764" - }, - { - "name" : "avactis-useragent-sql-injection(62559)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62559" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "68647", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/68647" + }, + { + "name": "41764", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41764" + }, + { + "name": "44104", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44104" + }, + { + "name": "avactis-useragent-sql-injection(62559)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62559" + }, + { + "name": "http://www.avactis.com/forums/index.php?showtopic=5317", + "refsource": "CONFIRM", + "url": "http://www.avactis.com/forums/index.php?showtopic=5317" + }, + { + "name": "http://holisticinfosec.org/content/view/159/45/", + "refsource": "MISC", + "url": "http://holisticinfosec.org/content/view/159/45/" + }, + { + "name": "68646", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/68646" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4542.json b/2010/4xxx/CVE-2010-4542.json index d3cf3a88222..3369f8ea6cd 100644 --- a/2010/4xxx/CVE-2010-4542.json +++ b/2010/4xxx/CVE-2010-4542.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110103 CVE request for buffer overflows in gimp", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/01/03/2" - }, - { - "name" : "[oss-security] 20110104 Re: CVE request for buffer overflows in gimp", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/01/04/7" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=666793", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=666793" - }, - { - "name" : "DSA-2426", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2012/dsa-2426" - }, - { - "name" : "GLSA-201209-23", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201209-23.xml" - }, - { - "name" : "MDVSA-2011:103", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103" - }, - { - "name" : "RHSA-2011:0838", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0838.html" - }, - { - "name" : "RHSA-2011:0839", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0839.html" - }, - { - "name" : "SUSE-SR:2011:005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html" - }, - { - "name" : "70283", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70283" - }, - { - "name" : "42771", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42771" - }, - { - "name" : "44750", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44750" - }, - { - "name" : "50737", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50737" - }, - { - "name" : "48236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48236" - }, - { - "name" : "ADV-2011-0016", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2426", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2012/dsa-2426" + }, + { + "name": "GLSA-201209-23", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201209-23.xml" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=666793", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=666793" + }, + { + "name": "ADV-2011-0016", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0016" + }, + { + "name": "RHSA-2011:0839", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0839.html" + }, + { + "name": "SUSE-SR:2011:005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html" + }, + { + "name": "RHSA-2011:0838", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0838.html" + }, + { + "name": "[oss-security] 20110104 Re: CVE request for buffer overflows in gimp", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/01/04/7" + }, + { + "name": "44750", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44750" + }, + { + "name": "42771", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42771" + }, + { + "name": "50737", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50737" + }, + { + "name": "[oss-security] 20110103 CVE request for buffer overflows in gimp", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/01/03/2" + }, + { + "name": "48236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48236" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497" + }, + { + "name": "MDVSA-2011:103", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103" + }, + { + "name": "70283", + "refsource": "OSVDB", + "url": "http://osvdb.org/70283" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4865.json b/2010/4xxx/CVE-2010-4865.json index f61e31628cd..e101eba83f4 100644 --- a/2010/4xxx/CVE-2010-4865.json +++ b/2010/4xxx/CVE-2010-4865.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4865", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4865", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100930 JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/514064/100/0/threaded" - }, - { - "name" : "15157", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15157" - }, - { - "name" : "http://adv.salvatorefresta.net/JE_Guestbook_1.0_Joomla_Component_Multiple_Remote_Vulnerabilities-30092010.txt", - "refsource" : "MISC", - "url" : "http://adv.salvatorefresta.net/JE_Guestbook_1.0_Joomla_Component_Multiple_Remote_Vulnerabilities-30092010.txt" - }, - { - "name" : "43605", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43605" - }, - { - "name" : "68283", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/68283" - }, - { - "name" : "41651", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41651" - }, - { - "name" : "8422", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8422" - }, - { - "name" : "jeguestbook-index-sql-injection(62151)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62151" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://adv.salvatorefresta.net/JE_Guestbook_1.0_Joomla_Component_Multiple_Remote_Vulnerabilities-30092010.txt", + "refsource": "MISC", + "url": "http://adv.salvatorefresta.net/JE_Guestbook_1.0_Joomla_Component_Multiple_Remote_Vulnerabilities-30092010.txt" + }, + { + "name": "41651", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41651" + }, + { + "name": "68283", + "refsource": "OSVDB", + "url": "http://osvdb.org/68283" + }, + { + "name": "43605", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43605" + }, + { + "name": "jeguestbook-index-sql-injection(62151)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62151" + }, + { + "name": "20100930 JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/514064/100/0/threaded" + }, + { + "name": "8422", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8422" + }, + { + "name": "15157", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15157" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1050.json b/2011/1xxx/CVE-2011-1050.json index 6acde611994..c33376cca3f 100644 --- a/2011/1xxx/CVE-2011-1050.json +++ b/2011/1xxx/CVE-2011-1050.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1050", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to \"converson of string encodings\" and \"inconsistencies in the handling of UTF8 sequences by the user interface.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1050", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.hex-rays.com/vulnfix.shtml", - "refsource" : "CONFIRM", - "url" : "https://www.hex-rays.com/vulnfix.shtml" - }, - { - "name" : "46525", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46525" - }, - { - "name" : "ADV-2011-0357", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0357" - }, - { - "name" : "idapro-utf8-unspecified(65562)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65562" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to \"converson of string encodings\" and \"inconsistencies in the handling of UTF8 sequences by the user interface.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.hex-rays.com/vulnfix.shtml", + "refsource": "CONFIRM", + "url": "https://www.hex-rays.com/vulnfix.shtml" + }, + { + "name": "idapro-utf8-unspecified(65562)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65562" + }, + { + "name": "46525", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46525" + }, + { + "name": "ADV-2011-0357", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0357" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1086.json b/2011/1xxx/CVE-2011-1086.json index 3ea99e45940..238e522b384 100644 --- a/2011/1xxx/CVE-2011-1086.json +++ b/2011/1xxx/CVE-2011-1086.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1086", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1086", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1560.json b/2011/1xxx/CVE-2011-1560.json index 022ed591c33..c816d147d4e 100644 --- a/2011/1xxx/CVE-2011-1560.json +++ b/2011/1xxx/CVE-2011-1560.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1560", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1560", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-115/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-115/" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21474552", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21474552" - }, - { - "name" : "71494", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/71494" - }, - { - "name" : "44030", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44030" - }, - { - "name" : "ADV-2011-0854", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0854" - }, - { - "name" : "soliddb-auth-bypass(66455)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66455" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21474552", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21474552" + }, + { + "name": "71494", + "refsource": "OSVDB", + "url": "http://osvdb.org/71494" + }, + { + "name": "44030", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44030" + }, + { + "name": "soliddb-auth-bypass(66455)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66455" + }, + { + "name": "ADV-2011-0854", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0854" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-115/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-115/" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1647.json b/2011/1xxx/CVE-2011-1647.json index 609f3a2650a..7ef15f78c38 100644 --- a/2011/1xxx/CVE-2011-1647.json +++ b/2011/1xxx/CVE-2011-1647.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified vectors, aka Bug ID CSCtn23871." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2011-1647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110525 Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f190.shtml" - }, - { - "name" : "47985", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47985" - }, - { - "name" : "1025565", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025565" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified vectors, aka Bug ID CSCtn23871." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "47985", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47985" + }, + { + "name": "20110525 Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f190.shtml" + }, + { + "name": "1025565", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025565" + } + ] + } +} \ No newline at end of file diff --git a/2011/5xxx/CVE-2011-5136.json b/2011/5xxx/CVE-2011-5136.json index 8b97ad93c6a..8abbdbbe37c 100644 --- a/2011/5xxx/CVE-2011-5136.json +++ b/2011/5xxx/CVE-2011-5136.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-5136", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-5136", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20111206 Backdoor in EPractize Labs Online Subscription Manager from epractizelabs.com", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2011/Dec/125" - }, - { - "name" : "77505", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/77505" - }, - { - "name" : "47072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47072" - }, - { - "name" : "epractice-showimg-code-exec(71630)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71630" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20111206 Backdoor in EPractize Labs Online Subscription Manager from epractizelabs.com", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2011/Dec/125" + }, + { + "name": "epractice-showimg-code-exec(71630)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71630" + }, + { + "name": "77505", + "refsource": "OSVDB", + "url": "http://osvdb.org/77505" + }, + { + "name": "47072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47072" + } + ] + } +} \ No newline at end of file diff --git a/2011/5xxx/CVE-2011-5173.json b/2011/5xxx/CVE-2011-5173.json index 8694935a5fe..ca6c9b18689 100644 --- a/2011/5xxx/CVE-2011-5173.json +++ b/2011/5xxx/CVE-2011-5173.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-5173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field in a bed file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-5173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "18173", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18173" - }, - { - "name" : "flatout-bed-bo(71578)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71578" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field in a bed file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18173", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18173" + }, + { + "name": "flatout-bed-bo(71578)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71578" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3200.json b/2014/3xxx/CVE-2014-3200.json index 6e26614e3e7..b077e04aa54 100644 --- a/2014/3xxx/CVE-2014-3200.json +++ b/2014/3xxx/CVE-2014-3200.json @@ -1,807 +1,807 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3200", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-3200", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=348333", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=348333" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=355438", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=355438" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=360433", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=360433" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=365141", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=365141" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=374052", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=374052" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=377416", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=377416" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=379458", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=379458" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=381696", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=381696" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=384365", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=384365" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=384891", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=384891" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=386728", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=386728" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=386729", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=386729" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=386730", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=386730" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387010", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387010" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387011", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387011" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387013", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387013" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387014", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387014" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387313", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387313" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387506", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387506" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387774", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387774" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387775", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387775" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387776", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387776" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387777", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387777" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387778", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387778" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387779", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387779" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387780", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387780" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387781", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387781" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387782", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387782" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387783", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387783" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387784", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387784" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387785", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387785" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387786", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387786" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387788", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387788" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387789", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387789" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387790", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387790" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387791", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387791" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387792", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387792" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387793", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387793" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387796", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387796" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387797", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387797" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387798", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387798" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387800", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387800" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387801", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387801" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387802", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387802" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387803", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387803" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387805", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387805" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387806", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387806" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387807", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387807" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387808", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387808" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387809", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387809" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387811", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387811" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387812", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387812" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387813", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387813" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387814", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387814" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387815", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387815" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387816", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387816" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387817", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387817" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387818", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387818" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387819", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387819" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387820", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387820" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387821", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387821" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387822", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387822" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387824", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387824" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387825", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387825" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387826", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387826" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387827", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387827" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387831", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387831" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387832", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387832" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387833", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387833" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387834", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387834" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387835", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387835" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387836", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387836" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387837", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387837" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387838", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387838" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387839", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387839" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387840", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387840" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387841", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387841" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387842", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387842" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387843", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387843" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387844", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387844" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387845", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387845" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387846", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387846" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387847", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387847" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387848", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387848" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387850", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387850" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387852", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387852" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387853", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387853" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387854", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387854" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387855", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387855" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387856", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387856" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387857", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387857" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387860", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387860" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=387861", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=387861" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=388133", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=388133" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=388134", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=388134" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=388135", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=388135" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=389573", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=389573" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390069", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390069" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390308", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390308" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390567", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390567" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390601", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390601" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390941", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390941" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390944", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390944" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390945", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390945" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390973", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390973" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=390999", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=390999" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391000", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391000" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391004", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391004" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391301", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391301" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391470", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391470" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391472", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391472" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391905", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391905" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=391910", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=391910" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=392718", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=392718" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=392721", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=392721" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=392723", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=392723" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=393452", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=393452" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=393603", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=393603" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=393831", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=393831" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=393833", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=393833" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=395351", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=395351" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=395461", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=395461" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=395650", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=395650" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=397834", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=397834" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=397835", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=397835" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=399783", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=399783" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=400025", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=400025" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=401363", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=401363" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=404513", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=404513" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=405335", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=405335" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=405416", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=405416" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=406548", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=406548" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=406879", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=406879" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=407235", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=407235" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=407477", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=407477" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=408551", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=408551" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=409023", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=409023" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=409506", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=409506" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=411154", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=411154" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=411163", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=411163" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=411177", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=411177" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=411210", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=411210" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=411318", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=411318" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=416526", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=416526" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=416528", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=416528" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=417731", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=417731" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=420899", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=420899" - }, - { - "name" : "RHSA-2014:1626", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1626.html" - }, - { - "name" : "70273", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70273" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/chromium/issues/detail?id=392721", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=392721" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=384365", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=384365" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=397834", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=397834" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=381696", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=381696" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=389573", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=389573" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=388133", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=388133" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=377416", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=377416" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=411210", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=411210" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=407235", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=407235" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=393831", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=393831" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387852", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387852" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=400025", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=400025" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387815", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387815" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=395461", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=395461" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387798", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387798" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387812", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387812" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387824", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387824" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387816", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387816" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=360433", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=360433" + }, + { + "name": "RHSA-2014:1626", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1626.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=406548", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=406548" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=355438", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=355438" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387853", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387853" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387846", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387846" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387860", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387860" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387780", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387780" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390308", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390308" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387806", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387806" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387776", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387776" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387831", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387831" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387842", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387842" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387839", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387839" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387801", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387801" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387836", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387836" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387855", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387855" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387856", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387856" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387506", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387506" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387013", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387013" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=388135", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=388135" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387820", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387820" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387825", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387825" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387782", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387782" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387826", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387826" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391472", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391472" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391910", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391910" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=411177", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=411177" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387786", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387786" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391470", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391470" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=411163", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=411163" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391905", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391905" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391301", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391301" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=395351", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=395351" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387775", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387775" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387813", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387813" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387011", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387011" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387845", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387845" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=384891", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=384891" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387778", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387778" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=386728", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=386728" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=388134", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=388134" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=407477", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=407477" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387313", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387313" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=393452", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=393452" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=395650", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=395650" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390999", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390999" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387790", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387790" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387793", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387793" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=411154", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=411154" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=399783", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=399783" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387802", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387802" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387837", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387837" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387805", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387805" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387779", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387779" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387841", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387841" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387822", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387822" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387847", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387847" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=392718", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=392718" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391004", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391004" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387838", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387838" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387014", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387014" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=393833", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=393833" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387789", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387789" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387796", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387796" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387834", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387834" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390973", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390973" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=401363", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=401363" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387844", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387844" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=392723", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=392723" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=406879", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=406879" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390069", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390069" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=420899", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=420899" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387784", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387784" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=409023", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=409023" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=416526", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=416526" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390601", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390601" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387861", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387861" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387821", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387821" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387788", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387788" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387809", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387809" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387785", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387785" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387010", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387010" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387848", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387848" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=374052", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=374052" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=386730", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=386730" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=365141", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=365141" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387774", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387774" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387833", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387833" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387783", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387783" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=408551", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=408551" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387840", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387840" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=386729", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=386729" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387814", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387814" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390567", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390567" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=416528", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=416528" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=411318", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=411318" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387817", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387817" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387792", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387792" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=417731", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=417731" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387843", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387843" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=409506", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=409506" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=379458", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=379458" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=397835", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=397835" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387857", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387857" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390945", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390945" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=404513", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=404513" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387777", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387777" + }, + { + "name": "70273", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70273" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387811", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387811" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387803", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387803" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387808", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387808" + }, + { + "name": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=405335", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=405335" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387818", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387818" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=393603", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=393603" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390944", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390944" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387781", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387781" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=348333", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=348333" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=391000", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=391000" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=390941", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=390941" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387835", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387835" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387797", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387797" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387832", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387832" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=405416", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=405416" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387819", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387819" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387827", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387827" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387800", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387800" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387854", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387854" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387807", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387807" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387791", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387791" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=387850", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=387850" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3464.json b/2014/3xxx/CVE-2014-3464.json index e361893026f..594caf358bf 100644 --- a/2014/3xxx/CVE-2014-3464.json +++ b/2014/3xxx/CVE-2014-3464.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers by leveraging permissions to the EJB class. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2133." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102317", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102317" - }, - { - "name" : "RHSA-2014:1019", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1019.html" - }, - { - "name" : "RHSA-2014:1020", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1020.html" - }, - { - "name" : "RHSA-2014:1021", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1021.html" - }, - { - "name" : "jboss-eap-cve20143464-sec-bypass(95409)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers by leveraging permissions to the EJB class. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2133." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "jboss-eap-cve20143464-sec-bypass(95409)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95409" + }, + { + "name": "RHSA-2014:1020", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102317", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102317" + }, + { + "name": "RHSA-2014:1021", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html" + }, + { + "name": "RHSA-2014:1019", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7193.json b/2014/7xxx/CVE-2014-7193.json index 4e7aefa2ec6..7ed4dce6f99 100644 --- a/2014/7xxx/CVE-2014-7193.json +++ b/2014/7xxx/CVE-2014-7193.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7193", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site that is visited by an application consumer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-7193", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/hapijs/crumb/commit/5e6d4f5c81677fe9e362837ffd4a02394303db3c", - "refsource" : "CONFIRM", - "url" : "https://github.com/hapijs/crumb/commit/5e6d4f5c81677fe9e362837ffd4a02394303db3c" - }, - { - "name" : "https://nodesecurity.io/advisories/crumb_cors_token_disclosure", - "refsource" : "CONFIRM", - "url" : "https://nodesecurity.io/advisories/crumb_cors_token_disclosure" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site that is visited by an application consumer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/crumb_cors_token_disclosure", + "refsource": "CONFIRM", + "url": "https://nodesecurity.io/advisories/crumb_cors_token_disclosure" + }, + { + "name": "https://github.com/hapijs/crumb/commit/5e6d4f5c81677fe9e362837ffd4a02394303db3c", + "refsource": "CONFIRM", + "url": "https://github.com/hapijs/crumb/commit/5e6d4f5c81677fe9e362837ffd4a02394303db3c" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7258.json b/2014/7xxx/CVE-2014-7258.json index c3ba9327b0c..c57730cb4f5 100644 --- a/2014/7xxx/CVE-2014-7258.json +++ b/2014/7xxx/CVE-2014-7258.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-7258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kent-web.com/bbs/clipbbs.html", - "refsource" : "CONFIRM", - "url" : "http://www.kent-web.com/bbs/clipbbs.html" - }, - { - "name" : "JVN#12798709", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN12798709/index.html" - }, - { - "name" : "JVNDB-2014-000147", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000147.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#12798709", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN12798709/index.html" + }, + { + "name": "http://www.kent-web.com/bbs/clipbbs.html", + "refsource": "CONFIRM", + "url": "http://www.kent-web.com/bbs/clipbbs.html" + }, + { + "name": "JVNDB-2014-000147", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000147.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7321.json b/2014/7xxx/CVE-2014-7321.json index 06ab16d338e..2146fa1385c 100644 --- a/2014/7xxx/CVE-2014-7321.json +++ b/2014/7xxx/CVE-2014-7321.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Firenze map (aka com.wFirenzemap) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-7321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#408433", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/408433" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Firenze map (aka com.wFirenzemap) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#408433", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/408433" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7343.json b/2014/7xxx/CVE-2014-7343.json index 4cab87df7be..d04bf3228b8 100644 --- a/2014/7xxx/CVE-2014-7343.json +++ b/2014/7xxx/CVE-2014-7343.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7343", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-7343", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7724.json b/2014/7xxx/CVE-2014-7724.json index c894fcd3c2b..36fb03c3850 100644 --- a/2014/7xxx/CVE-2014-7724.json +++ b/2014/7xxx/CVE-2014-7724.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7724", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Chemssou Blink (aka com.chemssou.blink) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-7724", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#338913", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/338913" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Chemssou Blink (aka com.chemssou.blink) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#338913", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/338913" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8175.json b/2014/8xxx/CVE-2014-8175.json index cbc73334e2c..be6cb9747ae 100644 --- a/2014/8xxx/CVE-2014-8175.json +++ b/2014/8xxx/CVE-2014-8175.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-8175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2015:1176", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1176.html" - }, - { - "name" : "RHSA-2015:1177", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1177.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1176", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html" + }, + { + "name": "RHSA-2015:1177", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8402.json b/2014/8xxx/CVE-2014-8402.json index 4ef8b5ad416..c5144953b01 100644 --- a/2014/8xxx/CVE-2014-8402.json +++ b/2014/8xxx/CVE-2014-8402.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8402", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8402", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8436.json b/2014/8xxx/CVE-2014-8436.json index 0446f7ffa80..2c56bef0728 100644 --- a/2014/8xxx/CVE-2014-8436.json +++ b/2014/8xxx/CVE-2014-8436.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8436", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8436", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8718.json b/2014/8xxx/CVE-2014-8718.json index b1679d2af3a..b9067c02537 100644 --- a/2014/8xxx/CVE-2014-8718.json +++ b/2014/8xxx/CVE-2014-8718.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8718", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8718", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8999.json b/2014/8xxx/CVE-2014-8999.json index 02a0ee71a4d..7d0816ed08a 100644 --- a/2014/8xxx/CVE-2014-8999.json +++ b/2014/8xxx/CVE-2014-8999.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8999", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8999", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141117 XOOPS <= 2.5.6 - Blind SQL Injection", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Nov/39" - }, - { - "name" : "http://packetstormsecurity.com/files/129134/XOOPS-2.5.6-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129134/XOOPS-2.5.6-SQL-Injection.html" - }, - { - "name" : "http://xoops.org/modules/news/article.php?storyid=6658", - "refsource" : "CONFIRM", - "url" : "http://xoops.org/modules/news/article.php?storyid=6658" - }, - { - "name" : "71117", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20141117 XOOPS <= 2.5.6 - Blind SQL Injection", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Nov/39" + }, + { + "name": "http://packetstormsecurity.com/files/129134/XOOPS-2.5.6-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129134/XOOPS-2.5.6-SQL-Injection.html" + }, + { + "name": "http://xoops.org/modules/news/article.php?storyid=6658", + "refsource": "CONFIRM", + "url": "http://xoops.org/modules/news/article.php?storyid=6658" + }, + { + "name": "71117", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71117" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9569.json b/2014/9xxx/CVE-2014-9569.json index 87efc908dc7..5f3be214f4a 100644 --- a/2014/9xxx/CVE-2014-9569.json +++ b/2014/9xxx/CVE-2014-9569.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client (NWBC) for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) roundtrips parameter, aka SAP Security Note 2051285." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.senseofsecurity.com.au/advisories/SOS-14-005", - "refsource" : "MISC", - "url" : "http://www.senseofsecurity.com.au/advisories/SOS-14-005" - }, - { - "name" : "1031509", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031509" - }, - { - "name" : "62017", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62017" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client (NWBC) for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) roundtrips parameter, aka SAP Security Note 2051285." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62017", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62017" + }, + { + "name": "http://www.senseofsecurity.com.au/advisories/SOS-14-005", + "refsource": "MISC", + "url": "http://www.senseofsecurity.com.au/advisories/SOS-14-005" + }, + { + "name": "1031509", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031509" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9691.json b/2014/9xxx/CVE-2014-9691.json index 1b5f6762405..07eedfaff4f 100644 --- a/2014/9xxx/CVE-2014-9691.json +++ b/2014/9xxx/CVE-2014-9691.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@huawei.com", - "ID" : "CVE-2014-9691", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Tecal RH1288 V2,Tecal RH2265 V2,Tecal RH2285 V2,Tecal RH2265 V2,Tecal RH2285H V2,Tecal RH2268 V2,Tecal RH2288 V2,Tecal RH2288H V2,Tecal RH2485 V2,Tecal RH5885 V2,Tecal RH5885 V3,Tecal RH5885H V3,Tecal XH310 V2,Tecal XH311 V2,Tecal XH320 V2,Tecal XH621 V2,Tecal DH310 V2,Tecal DH320 V2,Tecal DH620 V2,Tecal DH621 V2,Tecal DH628 V2,Tecal BH620 V2,Tecal BH621 V2,Tecal BH622 V2,Tecal BH640 V2,Tecal CH121,Tecal CH140,Tecal CH220,Tecal CH221,Tecal CH222,Tecal CH240,Tecal CH242,Tecal CH242 V3, Tecal RH1288 V2 V100R002C00SPC107 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285 V2 V100R002C00SPC115 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285H V2 V100R002C00SPC111 and earlier versions,Tecal RH2268 V2 V100R002C00,Tecal RH2288 V2 V100R002C00SPC117 and earlier versions,Tecal RH2288H V2 V100R002C00SPC115 and earlier versions,Tecal RH2485 V2 V100R002C00SPC502 and earlier versions,Tecal RH5885 V2 V100R001C02SPC109 and earlier versions,Tecal RH5885 V3 V100R003C01SPC102 and earlier versions,Tecal RH5885H V3 V100R003C00SPC102 and earlier versions,Tecal XH310 V2 V100R001C00SPC110 and earlier versions,Tecal XH311 V2 V100R001C00SPC110 and earlier versions,Tecal XH320 V2 V100R001C00SPC110 and earlier versions,Tecal XH621 V2 V100R001C00SPC106 and earlier versions,Tecal DH310 V2 V100R001C00SPC110 and earlier versions,Tecal DH320 V2 V100R001C00SPC106 and earlier versions,Tecal DH620 V2 V100R001C00SPC106 and earlier versions,Tecal DH621 V2 V100R001C00SPC107 and earlier versions,Tecal DH628 V2 V100R001C00SPC107 and earlier versions,Tecal BH620 V2 V100R002C00SPC107 and earlier versions,Tecal BH621 V2 V100R002C00SPC106 and earlier versions,Tecal BH622 V2 V100R002C00SPC110 ?and earlier versions,Tecal BH640 V2 V100R002C00SPC108 and earlier versions,Tecal CH121 V100R001C00SPC180 and earlier versions,Tecal CH140 V100R001C00SPC110 and earlier versions,Tecal CH220 V100R001C00SPC180 and earlier versions,Tecal CH221 V100R001C00SPC180 and earlier versions,Tecal CH222 V100R002C00SPC180 and earlier versions,Tecal CH240 V100R001C00SPC180 and earlier versions,Tecal CH242 V100R001C00SPC180 and earlier versions,Tecal CH242 V3 V100R001C00SPC110 and earlier versions,", - "version" : { - "version_data" : [ - { - "version_value" : "Tecal RH1288 V2,Tecal RH2265 V2,Tecal RH2285 V2,Tecal RH2265 V2,Tecal RH2285H V2,Tecal RH2268 V2,Tecal RH2288 V2,Tecal RH2288H V2,Tecal RH2485 V2,Tecal RH5885 V2,Tecal RH5885 V3,Tecal RH5885H V3,Tecal XH310 V2,Tecal XH311 V2,Tecal XH320 V2,Tecal XH621 V2,Tecal DH310 V2,Tecal DH320 V2,Tecal DH620 V2,Tecal DH621 V2,Tecal DH628 V2,Tecal BH620 V2,Tecal BH621 V2,Tecal BH622 V2,Tecal BH640 V2,Tecal CH121,Tecal CH140,Tecal CH220,Tecal CH221,Tecal CH222,Tecal CH240,Tecal CH242,Tecal CH242 V3, Tecal RH1288 V2 V100R002C00SPC107 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285 V2 V100R002C00SPC115 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285H V2 V100R002C00SPC111 and earlier versions,Tecal RH2268 V2 V100R002C00,Tecal RH2288 V2 V100R002C00SPC117 and earlier versions,Tecal RH2288H V2 V100R002C00SPC115 and earlier versions,Tecal RH2485 V2 V100R002C00SPC502 and earlier versions,Tecal RH5885 V2 V100R001C02SPC109 and earlier versions,Tecal RH5885 V3 V100R003C01SPC102 and earlier versions,Tecal RH5885H V3 V100R003C00SPC102 and earlier versions,Tecal XH310 V2 V100R001C00SPC110 and earlier versions,Tecal XH311 V2 V100R001C00SPC110 and earlier versions,Tecal XH320 V2 V100R001C00SPC110 and earlier versions,Tecal XH621 V2 V100R001C00SPC106 and earlier versions,Tecal DH310 V2 V100R001C00SPC110 and earlier versions,Tecal DH320 V2 V100R001C00SPC106 and earlier versions,Tecal DH620 V2 V100R001C00SPC106 and earlier versions,Tecal DH621 V2 V100R001C00SPC107 and earlier versions,Tecal DH628 V2 V100R001C00SPC107 and earlier versions,Tecal BH620 V2 V100R002C00SPC107 and earlier versions,Tecal BH621 V2 V100R002C00SPC106 and earlier versions,Tecal BH622 V2 V100R002C00SPC110 ?and earlier versions,Tecal BH640 V2 V100R002C00SPC108 and earlier versions,Tecal CH121 V100R001C00SPC180 and earlier versions,Tecal CH140 V100R001C00SPC110 and earlier versions,Tecal CH220 V100R001C00SPC180 and earlier versions,Tecal CH221 V100R001C00SPC180 and earlier versions,Tecal CH222 V100R002C00SPC180 and earlier versions,Tecal CH240 V100R001C00SPC180 and earlier versions,Tecal CH242 V100R001C00SPC180 and earlier versions,Tecal CH242 V3 V100R001C00SPC110 and earlier versions," - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow users who log in to the products to view the sessions IDs of all online users on the Online Users page of the web UI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@huawei.com", + "ID": "CVE-2014-9691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tecal RH1288 V2,Tecal RH2265 V2,Tecal RH2285 V2,Tecal RH2265 V2,Tecal RH2285H V2,Tecal RH2268 V2,Tecal RH2288 V2,Tecal RH2288H V2,Tecal RH2485 V2,Tecal RH5885 V2,Tecal RH5885 V3,Tecal RH5885H V3,Tecal XH310 V2,Tecal XH311 V2,Tecal XH320 V2,Tecal XH621 V2,Tecal DH310 V2,Tecal DH320 V2,Tecal DH620 V2,Tecal DH621 V2,Tecal DH628 V2,Tecal BH620 V2,Tecal BH621 V2,Tecal BH622 V2,Tecal BH640 V2,Tecal CH121,Tecal CH140,Tecal CH220,Tecal CH221,Tecal CH222,Tecal CH240,Tecal CH242,Tecal CH242 V3, Tecal RH1288 V2 V100R002C00SPC107 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285 V2 V100R002C00SPC115 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285H V2 V100R002C00SPC111 and earlier versions,Tecal RH2268 V2 V100R002C00,Tecal RH2288 V2 V100R002C00SPC117 and earlier versions,Tecal RH2288H V2 V100R002C00SPC115 and earlier versions,Tecal RH2485 V2 V100R002C00SPC502 and earlier versions,Tecal RH5885 V2 V100R001C02SPC109 and earlier versions,Tecal RH5885 V3 V100R003C01SPC102 and earlier versions,Tecal RH5885H V3 V100R003C00SPC102 and earlier versions,Tecal XH310 V2 V100R001C00SPC110 and earlier versions,Tecal XH311 V2 V100R001C00SPC110 and earlier versions,Tecal XH320 V2 V100R001C00SPC110 and earlier versions,Tecal XH621 V2 V100R001C00SPC106 and earlier versions,Tecal DH310 V2 V100R001C00SPC110 and earlier versions,Tecal DH320 V2 V100R001C00SPC106 and earlier versions,Tecal DH620 V2 V100R001C00SPC106 and earlier versions,Tecal DH621 V2 V100R001C00SPC107 and earlier versions,Tecal DH628 V2 V100R001C00SPC107 and earlier versions,Tecal BH620 V2 V100R002C00SPC107 and earlier versions,Tecal BH621 V2 V100R002C00SPC106 and earlier versions,Tecal BH622 V2 V100R002C00SPC110 ?and earlier versions,Tecal BH640 V2 V100R002C00SPC108 and earlier versions,Tecal CH121 V100R001C00SPC180 and earlier versions,Tecal CH140 V100R001C00SPC110 and earlier versions,Tecal CH220 V100R001C00SPC180 and earlier versions,Tecal CH221 V100R001C00SPC180 and earlier versions,Tecal CH222 V100R002C00SPC180 and earlier versions,Tecal CH240 V100R001C00SPC180 and earlier versions,Tecal CH242 V100R001C00SPC180 and earlier versions,Tecal CH242 V3 V100R001C00SPC110 and earlier versions,", + "version": { + "version_data": [ + { + "version_value": "Tecal RH1288 V2,Tecal RH2265 V2,Tecal RH2285 V2,Tecal RH2265 V2,Tecal RH2285H V2,Tecal RH2268 V2,Tecal RH2288 V2,Tecal RH2288H V2,Tecal RH2485 V2,Tecal RH5885 V2,Tecal RH5885 V3,Tecal RH5885H V3,Tecal XH310 V2,Tecal XH311 V2,Tecal XH320 V2,Tecal XH621 V2,Tecal DH310 V2,Tecal DH320 V2,Tecal DH620 V2,Tecal DH621 V2,Tecal DH628 V2,Tecal BH620 V2,Tecal BH621 V2,Tecal BH622 V2,Tecal BH640 V2,Tecal CH121,Tecal CH140,Tecal CH220,Tecal CH221,Tecal CH222,Tecal CH240,Tecal CH242,Tecal CH242 V3, Tecal RH1288 V2 V100R002C00SPC107 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285 V2 V100R002C00SPC115 and earlier versions,Tecal RH2265 V2 V100R002C00,Tecal RH2285H V2 V100R002C00SPC111 and earlier versions,Tecal RH2268 V2 V100R002C00,Tecal RH2288 V2 V100R002C00SPC117 and earlier versions,Tecal RH2288H V2 V100R002C00SPC115 and earlier versions,Tecal RH2485 V2 V100R002C00SPC502 and earlier versions,Tecal RH5885 V2 V100R001C02SPC109 and earlier versions,Tecal RH5885 V3 V100R003C01SPC102 and earlier versions,Tecal RH5885H V3 V100R003C00SPC102 and earlier versions,Tecal XH310 V2 V100R001C00SPC110 and earlier versions,Tecal XH311 V2 V100R001C00SPC110 and earlier versions,Tecal XH320 V2 V100R001C00SPC110 and earlier versions,Tecal XH621 V2 V100R001C00SPC106 and earlier versions,Tecal DH310 V2 V100R001C00SPC110 and earlier versions,Tecal DH320 V2 V100R001C00SPC106 and earlier versions,Tecal DH620 V2 V100R001C00SPC106 and earlier versions,Tecal DH621 V2 V100R001C00SPC107 and earlier versions,Tecal DH628 V2 V100R001C00SPC107 and earlier versions,Tecal BH620 V2 V100R002C00SPC107 and earlier versions,Tecal BH621 V2 V100R002C00SPC106 and earlier versions,Tecal BH622 V2 V100R002C00SPC110 ?and earlier versions,Tecal BH640 V2 V100R002C00SPC108 and earlier versions,Tecal CH121 V100R001C00SPC180 and earlier versions,Tecal CH140 V100R001C00SPC110 and earlier versions,Tecal CH220 V100R001C00SPC180 and earlier versions,Tecal CH221 V100R001C00SPC180 and earlier versions,Tecal CH222 V100R002C00SPC180 and earlier versions,Tecal CH240 V100R001C00SPC180 and earlier versions,Tecal CH242 V100R001C00SPC180 and earlier versions,Tecal CH242 V3 V100R001C00SPC110 and earlier versions," + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/hw-408100", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/hw-408100" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow users who log in to the products to view the sessions IDs of all online users on the Online Users page of the web UI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/hw-408100", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/hw-408100" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9798.json b/2014/9xxx/CVE-2014-9798.json index 0e229a290f8..18a467b5bc3 100644 --- a/2014/9xxx/CVE-2014-9798.json +++ b/2014/9xxx/CVE-2014-9798.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9798", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka Android internal bug 28821448 and Qualcomm internal bug CR681965." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2014-9798", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-07-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-07-01.html" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka Android internal bug 28821448 and Qualcomm internal bug CR681965." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484" + }, + { + "name": "http://source.android.com/security/bulletin/2016-07-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-07-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9966.json b/2014/9xxx/CVE-2014-9966.json index d2de80cd079..f3bb2df9ab8 100644 --- a/2014/9xxx/CVE-2014-9966.json +++ b/2014/9xxx/CVE-2014-9966.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2014-9966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Time-of-check Time-of-use (TOCTOU) Race Condition in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2014-9966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Time-of-check Time-of-use (TOCTOU) Race Condition in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9988.json b/2014/9xxx/CVE-2014-9988.json index baed50eb433..36d8f20a11f 100644 --- a/2014/9xxx/CVE-2014-9988.json +++ b/2014/9xxx/CVE-2014-9988.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2014-9988", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, SD 850" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, and SD 850, lack of input validation for message length causes buffer over read in drm_app_encapsulate_save_keys." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Over Read in Core" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2014-9988", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, SD 850" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, and SD 850, lack of input validation for message length causes buffer over read in drm_app_encapsulate_save_keys." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Over Read in Core" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2030.json b/2016/2xxx/CVE-2016-2030.json index 86f054f5b5e..044d7a8c446 100644 --- a/2016/2xxx/CVE-2016-2030.json +++ b/2016/2xxx/CVE-2016-2030.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2022." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2022." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2166.json b/2016/2xxx/CVE-2016-2166.json index 40ee569cdb6..5ab4f49df27 100644 --- a/2016/2xxx/CVE-2016-2166.json +++ b/2016/2xxx/CVE-2016-2166.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-2166", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-2166", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160323 CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537864/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html" - }, - { - "name" : "http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html", - "refsource" : "CONFIRM", - "url" : "http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html" - }, - { - "name" : "https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585", - "refsource" : "CONFIRM", - "url" : "https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585" - }, - { - "name" : "https://issues.apache.org/jira/browse/PROTON-1157", - "refsource" : "CONFIRM", - "url" : "https://issues.apache.org/jira/browse/PROTON-1157" - }, - { - "name" : "FEDORA-2016-e6e8436b98", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://issues.apache.org/jira/browse/PROTON-1157", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/PROTON-1157" + }, + { + "name": "http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html" + }, + { + "name": "FEDORA-2016-e6e8436b98", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182414.html" + }, + { + "name": "https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585", + "refsource": "CONFIRM", + "url": "https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=a058585" + }, + { + "name": "http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html", + "refsource": "CONFIRM", + "url": "http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html" + }, + { + "name": "20160323 CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537864/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2372.json b/2016/2xxx/CVE-2016-2372.json index 9b70932857e..fd54f01f8ba 100644 --- a/2016/2xxx/CVE-2016-2372.json +++ b/2016/2xxx/CVE-2016-2372.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-2372", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Pidgin", - "version" : { - "version_data" : [ - { - "version_value" : "2.10.11" - } - ] - } - } - ] - }, - "vendor_name" : "Pidgin" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "out-of-bounds read" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-2372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pidgin", + "version": { + "version_data": [ + { + "version_value": "2.10.11" + } + ] + } + } + ] + }, + "vendor_name": "Pidgin" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0140/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0140/" - }, - { - "name" : "http://www.pidgin.im/news/security/?id=105", - "refsource" : "CONFIRM", - "url" : "http://www.pidgin.im/news/security/?id=105" - }, - { - "name" : "DSA-3620", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3620" - }, - { - "name" : "GLSA-201701-38", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-38" - }, - { - "name" : "USN-3031-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3031-1" - }, - { - "name" : "91335", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "out-of-bounds read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91335", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91335" + }, + { + "name": "DSA-3620", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3620" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0140/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0140/" + }, + { + "name": "GLSA-201701-38", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-38" + }, + { + "name": "USN-3031-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3031-1" + }, + { + "name": "http://www.pidgin.im/news/security/?id=105", + "refsource": "CONFIRM", + "url": "http://www.pidgin.im/news/security/?id=105" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2859.json b/2016/2xxx/CVE-2016-2859.json index d120a66858e..fde2c3a417d 100644 --- a/2016/2xxx/CVE-2016-2859.json +++ b/2016/2xxx/CVE-2016-2859.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2859", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0834. Reason: This candidate is a reservation duplicate of CVE-2016-0834. Notes: All CVE users should reference CVE-2016-0834 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-2859", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0834. Reason: This candidate is a reservation duplicate of CVE-2016-0834. Notes: All CVE users should reference CVE-2016-0834 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6180.json b/2016/6xxx/CVE-2016-6180.json index a13c75a997b..c2e33767db2 100644 --- a/2016/6xxx/CVE-2016-6180.json +++ b/2016/6xxx/CVE-2016-6180.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6181, CVE-2016-6182, CVE-2016-6183, and CVE-2016-6184." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160716-01-smartphone-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160716-01-smartphone-en" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6181, CVE-2016-6182, CVE-2016-6183, and CVE-2016-6184." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160716-01-smartphone-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160716-01-smartphone-en" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6522.json b/2016/6xxx/CVE-2016-6522.json index 0b4a2b90aa8..4877f12f295 100644 --- a/2016/6xxx/CVE-2016-6522.json +++ b/2016/6xxx/CVE-2016-6522.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6522", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6522", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160802 CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/08/02/8" - }, - { - "name" : "[oss-security] 20160802 Re: CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/08/02/12" - }, - { - "name" : "http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig", - "refsource" : "CONFIRM", - "url" : "http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig" - }, - { - "name" : "92264", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92264" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160802 CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/08/02/8" + }, + { + "name": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig", + "refsource": "CONFIRM", + "url": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig" + }, + { + "name": "[oss-security] 20160802 Re: CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/08/02/12" + }, + { + "name": "92264", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92264" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6540.json b/2016/6xxx/CVE-2016-6540.json index 9c9ed36dbb8..ebead4b4145 100644 --- a/2016/6xxx/CVE-2016-6540.json +++ b/2016/6xxx/CVE-2016-6540.json @@ -1,94 +1,94 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-6540", - "STATE" : "PUBLIC", - "TITLE" : "TrackR Bravo is missing authentication for the cloud service and allows querying or sending of GPS data from unauthenticated users" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Bravo Mobile Application", - "version" : { - "version_data" : [ - { - "affected" : "!", - "platform" : "iOS", - "version_value" : "5.1.6" - }, - { - "affected" : "!", - "platform" : "Android", - "version_value" : "2.2.5" - } - ] - } - } - ] - }, - "vendor_name" : "TrackR" - } - ] - } - }, - "credit" : [ - { - "lang" : "eng", - "value" : "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability." - } - ], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-306: Missing Authentication for Critical Function" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-6540", + "STATE": "PUBLIC", + "TITLE": "TrackR Bravo is missing authentication for the cloud service and allows querying or sending of GPS data from unauthenticated users" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Bravo Mobile Application", + "version": { + "version_data": [ + { + "affected": "!", + "platform": "iOS", + "version_value": "5.1.6" + }, + { + "affected": "!", + "platform": "Android", + "version_value": "2.2.5" + } + ] + } + } + ] + }, + "vendor_name": "TrackR" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/", - "refsource" : "MISC", - "url" : "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/" - }, - { - "name" : "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ", - "refsource" : "MISC", - "url" : "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ" - }, - { - "name" : "VU#617567", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/617567" - }, - { - "name" : "93874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93874" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-306: Missing Authentication for Critical Function" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93874" + }, + { + "name": "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ", + "refsource": "MISC", + "url": "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ" + }, + { + "name": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/", + "refsource": "MISC", + "url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/" + }, + { + "name": "VU#617567", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/617567" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6593.json b/2016/6xxx/CVE-2016-6593.json index f5b91e3552b..439b33882fc 100644 --- a/2016/6xxx/CVE-2016-6593.json +++ b/2016/6xxx/CVE-2016-6593.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6593", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6593", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7804.json b/2016/7xxx/CVE-2016-7804.json index 8c485a5c87b..3c9f6a90c65 100644 --- a/2016/7xxx/CVE-2016-7804.json +++ b/2016/7xxx/CVE-2016-7804.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-7804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "7 Zip for Windows", - "version" : { - "version_data" : [ - { - "version_value" : "16.02 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Igor Pavlov" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-7804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "7 Zip for Windows", + "version": { + "version_data": [ + { + "version_value": "16.02 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Igor Pavlov" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.7-zip.org/history.txt", - "refsource" : "CONFIRM", - "url" : "http://www.7-zip.org/history.txt" - }, - { - "name" : "JVN#76780067", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN76780067/index.html" - }, - { - "name" : "JVNDB-2016-000211", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000211" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000211", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000211" + }, + { + "name": "JVN#76780067", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN76780067/index.html" + }, + { + "name": "http://www.7-zip.org/history.txt", + "refsource": "CONFIRM", + "url": "http://www.7-zip.org/history.txt" + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5298.json b/2017/5xxx/CVE-2017-5298.json index 7800dcb5b9f..2954603cfbc 100644 --- a/2017/5xxx/CVE-2017-5298.json +++ b/2017/5xxx/CVE-2017-5298.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5298", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5298", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5497.json b/2017/5xxx/CVE-2017-5497.json index 76bc4d8e428..77488303edd 100644 --- a/2017/5xxx/CVE-2017-5497.json +++ b/2017/5xxx/CVE-2017-5497.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5497", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5497", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file