From 717a0f0ed57506e248735824f882c5c802c62ae7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:10:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/2xxx/CVE-2007-2086.json | 150 +++---- 2007/2xxx/CVE-2007-2241.json | 200 ++++----- 2007/3xxx/CVE-2007-3381.json | 290 ++++++------- 2007/3xxx/CVE-2007-3389.json | 320 +++++++------- 2007/3xxx/CVE-2007-3667.json | 140 +++--- 2007/6xxx/CVE-2007-6414.json | 150 +++---- 2007/6xxx/CVE-2007-6428.json | 750 ++++++++++++++++----------------- 2007/6xxx/CVE-2007-6610.json | 180 ++++---- 2010/0xxx/CVE-2010-0448.json | 160 +++---- 2010/0xxx/CVE-2010-0907.json | 120 +++--- 2010/1xxx/CVE-2010-1333.json | 200 ++++----- 2010/1xxx/CVE-2010-1383.json | 130 +++--- 2010/1xxx/CVE-2010-1728.json | 200 ++++----- 2010/1xxx/CVE-2010-1853.json | 180 ++++---- 2010/5xxx/CVE-2010-5100.json | 190 ++++----- 2014/0xxx/CVE-2014-0075.json | 530 +++++++++++------------ 2014/0xxx/CVE-2014-0291.json | 34 +- 2014/0xxx/CVE-2014-0361.json | 130 +++--- 2014/0xxx/CVE-2014-0391.json | 170 ++++---- 2014/0xxx/CVE-2014-0900.json | 120 +++--- 2014/1xxx/CVE-2014-1398.json | 180 ++++---- 2014/1xxx/CVE-2014-1433.json | 34 +- 2014/1xxx/CVE-2014-1721.json | 170 ++++---- 2014/1xxx/CVE-2014-1816.json | 150 +++---- 2014/4xxx/CVE-2014-4898.json | 140 +++--- 2014/4xxx/CVE-2014-4984.json | 34 +- 2014/5xxx/CVE-2014-5959.json | 140 +++--- 2014/5xxx/CVE-2014-5971.json | 140 +++--- 2014/5xxx/CVE-2014-5997.json | 140 +++--- 2016/10xxx/CVE-2016-10500.json | 34 +- 2016/3xxx/CVE-2016-3314.json | 34 +- 2016/3xxx/CVE-2016-3698.json | 180 ++++---- 2016/3xxx/CVE-2016-3886.json | 150 +++---- 2016/3xxx/CVE-2016-3959.json | 200 ++++----- 2016/8xxx/CVE-2016-8077.json | 34 +- 2016/8xxx/CVE-2016-8979.json | 34 +- 2016/8xxx/CVE-2016-8988.json | 34 +- 2016/9xxx/CVE-2016-9044.json | 122 +++--- 2016/9xxx/CVE-2016-9111.json | 160 +++---- 2016/9xxx/CVE-2016-9943.json | 34 +- 2019/2xxx/CVE-2019-2351.json | 34 +- 2019/2xxx/CVE-2019-2678.json | 34 +- 2019/2xxx/CVE-2019-2933.json | 34 +- 2019/6xxx/CVE-2019-6018.json | 34 +- 2019/6xxx/CVE-2019-6367.json | 34 +- 2019/6xxx/CVE-2019-6437.json | 34 +- 2019/6xxx/CVE-2019-6584.json | 34 +- 2019/6xxx/CVE-2019-6688.json | 34 +- 48 files changed, 3380 insertions(+), 3380 deletions(-) diff --git a/2007/2xxx/CVE-2007-2086.json b/2007/2xxx/CVE-2007-2086.json index d445771d4dc..74e2a2b1cdb 100644 --- a/2007/2xxx/CVE-2007-2086.json +++ b/2007/2xxx/CVE-2007-2086.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in CNStats 2.9 allow remote attackers to execute arbitrary PHP code via a URL in the bj parameter to (1) who_r.php or (2) who_s.php in reports/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3741", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3741" - }, - { - "name" : "23501", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23501" - }, - { - "name" : "24902", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24902" - }, - { - "name" : "cnstats-whor-file-include(33672)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33672" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in CNStats 2.9 allow remote attackers to execute arbitrary PHP code via a URL in the bj parameter to (1) who_r.php or (2) who_s.php in reports/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24902", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24902" + }, + { + "name": "3741", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3741" + }, + { + "name": "cnstats-whor-file-include(33672)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33672" + }, + { + "name": "23501", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23501" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2241.json b/2007/2xxx/CVE-2007-2241.json index 0bb2b73d562..094ad4b66a9 100644 --- a/2007/2xxx/CVE-2007-2241.json +++ b/2007/2xxx/CVE-2007-2241.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-2241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php", - "refsource" : "CONFIRM", - "url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php" - }, - { - "name" : "MDKSA-2007:100", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:100" - }, - { - "name" : "VU#718460", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/718460" - }, - { - "name" : "23738", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23738" - }, - { - "name" : "ADV-2007-1593", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1593" - }, - { - "name" : "34748", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34748" - }, - { - "name" : "1017985", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017985" - }, - { - "name" : "25070", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25070" - }, - { - "name" : "bind-queryaddsoa-dos(33988)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33988" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:100", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:100" + }, + { + "name": "VU#718460", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/718460" + }, + { + "name": "25070", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25070" + }, + { + "name": "bind-queryaddsoa-dos(33988)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33988" + }, + { + "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", + "refsource": "CONFIRM", + "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" + }, + { + "name": "23738", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23738" + }, + { + "name": "1017985", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017985" + }, + { + "name": "34748", + "refsource": "OSVDB", + "url": "http://osvdb.org/34748" + }, + { + "name": "ADV-2007-1593", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1593" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3381.json b/2007/3xxx/CVE-2007-3381.json index c73bb1e7742..7081ef4dad7 100644 --- a/2007/3xxx/CVE-2007-3381.json +++ b/2007/3xxx/CVE-2007-3381.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3381", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of service (persistent daemon crash) via a crafted command to the daemon's socket, related to (1) gdm.c and (2) gdmconfig.c in daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3381", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070803 FLEA-2007-0041-1 gdm", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475451/30/5550/threaded" - }, - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.16/gdm-2.16.7.changes", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.16/gdm-2.16.7.changes" - }, - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.14/gdm-2.14.13.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.14/gdm-2.14.13.news" - }, - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.18/gdm-2.18.4.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.18/gdm-2.18.4.news" - }, - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.19/gdm-2.19.5.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.19/gdm-2.19.5.news" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1599", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1599" - }, - { - "name" : "GLSA-200709-11", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200709-11.xml" - }, - { - "name" : "MDKSA-2007:169", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:169" - }, - { - "name" : "RHSA-2007:0777", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0777.html" - }, - { - "name" : "25191", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25191" - }, - { - "name" : "oval:org.mitre.oval:def:10887", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10887" - }, - { - "name" : "ADV-2007-2781", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2781" - }, - { - "name" : "1018523", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018523" - }, - { - "name" : "26313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26313" - }, - { - "name" : "26368", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26368" - }, - { - "name" : "26520", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26520" - }, - { - "name" : "26900", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26900" - }, - { - "name" : "26879", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of service (persistent daemon crash) via a crafted command to the daemon's socket, related to (1) gdm.c and (2) gdmconfig.c in daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200709-11", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200709-11.xml" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.16/gdm-2.16.7.changes", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.16/gdm-2.16.7.changes" + }, + { + "name": "26313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26313" + }, + { + "name": "ADV-2007-2781", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2781" + }, + { + "name": "25191", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25191" + }, + { + "name": "26879", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26879" + }, + { + "name": "oval:org.mitre.oval:def:10887", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10887" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1599", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1599" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.14/gdm-2.14.13.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.14/gdm-2.14.13.news" + }, + { + "name": "26368", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26368" + }, + { + "name": "MDKSA-2007:169", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:169" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.18/gdm-2.18.4.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.18/gdm-2.18.4.news" + }, + { + "name": "20070803 FLEA-2007-0041-1 gdm", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475451/30/5550/threaded" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.19/gdm-2.19.5.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/gdm/2.19/gdm-2.19.5.news" + }, + { + "name": "RHSA-2007:0777", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0777.html" + }, + { + "name": "1018523", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018523" + }, + { + "name": "26900", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26900" + }, + { + "name": "26520", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26520" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3389.json b/2007/3xxx/CVE-2007-3389.json index 0aadad02dec..dfd3c336042 100644 --- a/2007/3xxx/CVE-2007-3389.json +++ b/2007/3xxx/CVE-2007-3389.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3389", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2007-02.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2007-02.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1498", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1498" - }, - { - "name" : "GLSA-200708-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200708-12.xml" - }, - { - "name" : "MDKSA-2007:145", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:145" - }, - { - "name" : "RHSA-2007:0710", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0710.html" - }, - { - "name" : "RHSA-2007:0709", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0709.html" - }, - { - "name" : "RHSA-2008:0059", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0059.html" - }, - { - "name" : "SUSE-SR:2007:015", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html" - }, - { - "name" : "24662", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24662" - }, - { - "name" : "37643", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37643" - }, - { - "name" : "oval:org.mitre.oval:def:9964", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9964" - }, - { - "name" : "ADV-2007-2353", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2353" - }, - { - "name" : "1018315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018315" - }, - { - "name" : "26004", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26004" - }, - { - "name" : "25833", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25833" - }, - { - "name" : "25987", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25987" - }, - { - "name" : "26499", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26499" - }, - { - "name" : "27592", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27592" - }, - { - "name" : "28583", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28583" - }, - { - "name" : "wireshark-chunkedhttp-dos(35207)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35207" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25833", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25833" + }, + { + "name": "37643", + "refsource": "OSVDB", + "url": "http://osvdb.org/37643" + }, + { + "name": "RHSA-2008:0059", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0059.html" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2007-02.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2007-02.html" + }, + { + "name": "RHSA-2007:0710", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0710.html" + }, + { + "name": "26499", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26499" + }, + { + "name": "25987", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25987" + }, + { + "name": "26004", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26004" + }, + { + "name": "GLSA-200708-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200708-12.xml" + }, + { + "name": "wireshark-chunkedhttp-dos(35207)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35207" + }, + { + "name": "RHSA-2007:0709", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0709.html" + }, + { + "name": "MDKSA-2007:145", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:145" + }, + { + "name": "27592", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27592" + }, + { + "name": "oval:org.mitre.oval:def:9964", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9964" + }, + { + "name": "1018315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018315" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1498", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1498" + }, + { + "name": "24662", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24662" + }, + { + "name": "28583", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28583" + }, + { + "name": "http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html" + }, + { + "name": "ADV-2007-2353", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2353" + }, + { + "name": "SUSE-SR:2007:015", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3667.json b/2007/3xxx/CVE-2007-3667.json index 7569edb41c7..58f4870d630 100644 --- a/2007/3xxx/CVE-2007-3667.json +++ b/2007/3xxx/CVE-2007-3667.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport allows remote attackers to cause a denial of service via the DDRow Height variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070707 [Eleytt] 7LIPIEC2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473187" - }, - { - "name" : "24815", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24815" - }, - { - "name" : "activereports-exclexpt-dos(35866)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport allows remote attackers to cause a denial of service via the DDRow Height variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070707 [Eleytt] 7LIPIEC2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473187" + }, + { + "name": "activereports-exclexpt-dos(35866)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35866" + }, + { + "name": "24815", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24815" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6414.json b/2007/6xxx/CVE-2007-6414.json index 9f7ef31f6e7..232bfe04260 100644 --- a/2007/6xxx/CVE-2007-6414.json +++ b/2007/6xxx/CVE-2007-6414.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4731", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4731" - }, - { - "name" : "26870", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26870" - }, - { - "name" : "28064", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28064" - }, - { - "name" : "adultscript-administrator-security-bypass(39034)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39034" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "adultscript-administrator-security-bypass(39034)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39034" + }, + { + "name": "4731", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4731" + }, + { + "name": "28064", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28064" + }, + { + "name": "26870", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26870" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6428.json b/2007/6xxx/CVE-2007-6428.json index 5f9248932c9..bcd233bd340 100644 --- a/2007/6xxx/CVE-2007-6428.json +++ b/2007/6xxx/CVE-2007-6428.json @@ -1,377 +1,377 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6428", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080117 Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=644" - }, - { - "name" : "20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487335/100/0/threaded" - }, - { - "name" : "[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server", - "refsource" : "MLIST", - "url" : "http://lists.freedesktop.org/archives/xorg/2008-January/031918.html" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=204362", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=204362" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2010", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2010" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm" - }, - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "DSA-1466", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1466" - }, - { - "name" : "FEDORA-2008-0760", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html" - }, - { - "name" : "FEDORA-2008-0831", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html" - }, - { - "name" : "GLSA-200801-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-09.xml" - }, - { - "name" : "GLSA-200804-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-05.xml" - }, - { - "name" : "GLSA-200805-07", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" - }, - { - "name" : "MDVSA-2008:021", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:021" - }, - { - "name" : "MDVSA-2008:022", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:022" - }, - { - "name" : "MDVSA-2008:023", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:023" - }, - { - "name" : "MDVSA-2008:025", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:025" - }, - { - "name" : "[4.1] 20080208 012: SECURITY FIX: February 8, 2008", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata41.html#012_xorg" - }, - { - "name" : "[4.2] 20080208 006: SECURITY FIX: February 8, 2008", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata42.html#006_xorg" - }, - { - "name" : "RHSA-2008:0029", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0029.html" - }, - { - "name" : "RHSA-2008:0030", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0030.html" - }, - { - "name" : "RHSA-2008:0031", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0031.html" - }, - { - "name" : "103200", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1" - }, - { - "name" : "200153", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1" - }, - { - "name" : "SUSE-SA:2008:003", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html" - }, - { - "name" : "SUSE-SR:2008:003", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" - }, - { - "name" : "SUSE-SR:2008:008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" - }, - { - "name" : "USN-571-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/571-1/" - }, - { - "name" : "27336", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27336" - }, - { - "name" : "27355", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27355" - }, - { - "name" : "oval:org.mitre.oval:def:11754", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11754" - }, - { - "name" : "ADV-2008-0179", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0179" - }, - { - "name" : "ADV-2008-0184", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0184" - }, - { - "name" : "ADV-2008-0497", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0497/references" - }, - { - "name" : "ADV-2008-0703", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0703" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "1019232", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019232" - }, - { - "name" : "28532", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28532" - }, - { - "name" : "28535", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28535" - }, - { - "name" : "28536", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28536" - }, - { - "name" : "28539", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28539" - }, - { - "name" : "28540", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28540" - }, - { - "name" : "28542", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28542" - }, - { - "name" : "28543", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28543" - }, - { - "name" : "28550", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28550" - }, - { - "name" : "28273", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28273" - }, - { - "name" : "28592", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28592" - }, - { - "name" : "28616", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28616" - }, - { - "name" : "28584", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28584" - }, - { - "name" : "28693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28693" - }, - { - "name" : "28718", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28718" - }, - { - "name" : "28838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28838" - }, - { - "name" : "28843", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28843" - }, - { - "name" : "28885", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28885" - }, - { - "name" : "28941", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28941" - }, - { - "name" : "29139", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29139" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "29622", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29622" - }, - { - "name" : "29707", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29707" - }, - { - "name" : "30161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30161" - }, - { - "name" : "xorg-togcup-information-disclosure(39761)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39761" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28542", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28542" + }, + { + "name": "29139", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29139" + }, + { + "name": "27336", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27336" + }, + { + "name": "oval:org.mitre.oval:def:11754", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11754" + }, + { + "name": "ADV-2008-0184", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0184" + }, + { + "name": "29622", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29622" + }, + { + "name": "FEDORA-2008-0831", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html" + }, + { + "name": "SUSE-SA:2008:003", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html" + }, + { + "name": "SUSE-SR:2008:008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" + }, + { + "name": "28532", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28532" + }, + { + "name": "29707", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29707" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm" + }, + { + "name": "28843", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28843" + }, + { + "name": "DSA-1466", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1466" + }, + { + "name": "28540", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28540" + }, + { + "name": "20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487335/100/0/threaded" + }, + { + "name": "ADV-2008-0703", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0703" + }, + { + "name": "MDVSA-2008:021", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:021" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "28718", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28718" + }, + { + "name": "200153", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1" + }, + { + "name": "RHSA-2008:0029", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0029.html" + }, + { + "name": "28584", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28584" + }, + { + "name": "[4.1] 20080208 012: SECURITY FIX: February 8, 2008", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata41.html#012_xorg" + }, + { + "name": "28941", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28941" + }, + { + "name": "28592", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28592" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "MDVSA-2008:022", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:022" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "30161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30161" + }, + { + "name": "GLSA-200805-07", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" + }, + { + "name": "RHSA-2008:0030", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0030.html" + }, + { + "name": "28543", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28543" + }, + { + "name": "28273", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28273" + }, + { + "name": "RHSA-2008:0031", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0031.html" + }, + { + "name": "28550", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28550" + }, + { + "name": "ADV-2008-0497", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0497/references" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=204362", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=204362" + }, + { + "name": "MDVSA-2008:023", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:023" + }, + { + "name": "28885", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28885" + }, + { + "name": "103200", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1" + }, + { + "name": "MDVSA-2008:025", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:025" + }, + { + "name": "USN-571-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/571-1/" + }, + { + "name": "GLSA-200804-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-05.xml" + }, + { + "name": "28535", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28535" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server", + "refsource": "MLIST", + "url": "http://lists.freedesktop.org/archives/xorg/2008-January/031918.html" + }, + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities" + }, + { + "name": "27355", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27355" + }, + { + "name": "xorg-togcup-information-disclosure(39761)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39761" + }, + { + "name": "28838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28838" + }, + { + "name": "1019232", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019232" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2010", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2010" + }, + { + "name": "[4.2] 20080208 006: SECURITY FIX: February 8, 2008", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata42.html#006_xorg" + }, + { + "name": "28539", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28539" + }, + { + "name": "20080117 Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=644" + }, + { + "name": "SUSE-SR:2008:003", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" + }, + { + "name": "28616", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28616" + }, + { + "name": "FEDORA-2008-0760", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html" + }, + { + "name": "28536", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28536" + }, + { + "name": "28693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28693" + }, + { + "name": "GLSA-200801-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-09.xml" + }, + { + "name": "ADV-2008-0179", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0179" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6610.json b/2007/6xxx/CVE-2007-6610.json index fbcca11be2b..96b1f8ab8d7 100644 --- a/2007/6xxx/CVE-2007-6610.json +++ b/2007/6xxx/CVE-2007-6610.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6610", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6610", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448437", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448437" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=203106", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=203106" - }, - { - "name" : "GLSA-200801-01", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-01.xml" - }, - { - "name" : "27182", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27182" - }, - { - "name" : "42759", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42759" - }, - { - "name" : "28282", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28282" - }, - { - "name" : "28388", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28388" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28388", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28388" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=203106", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=203106" + }, + { + "name": "28282", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28282" + }, + { + "name": "27182", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27182" + }, + { + "name": "GLSA-200801-01", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-01.xml" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448437", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448437" + }, + { + "name": "42759", + "refsource": "OSVDB", + "url": "http://osvdb.org/42759" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0448.json b/2010/0xxx/CVE-2010-0448.json index 9d5ba353a05..d5de649ea9b 100644 --- a/2010/0xxx/CVE-2010-0448.json +++ b/2010/0xxx/CVE-2010-0448.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0448", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to obtain \"unauthorized access to data\" via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2010-0448", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA02490", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126996774125378&w=2" - }, - { - "name" : "SSRT090222", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126996774125378&w=2" - }, - { - "name" : "39059", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39059" - }, - { - "name" : "1023765", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023765" - }, - { - "name" : "39187", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39187" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to obtain \"unauthorized access to data\" via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBMA02490", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126996774125378&w=2" + }, + { + "name": "1023765", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023765" + }, + { + "name": "SSRT090222", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126996774125378&w=2" + }, + { + "name": "39187", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39187" + }, + { + "name": "39059", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39059" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0907.json b/2010/0xxx/CVE-2010-0907.json index a688f5ca5c5..448aa479739 100644 --- a/2010/0xxx/CVE-2010-0907.json +++ b/2010/0xxx/CVE-2010-0907.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0907", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0898, CVE-2010-0899, CVE-2010-0904, and CVE-2010-0906." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0907", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0898, CVE-2010-0899, CVE-2010-0904, and CVE-2010-0906." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1333.json b/2010/1xxx/CVE-2010-1333.json index 4d9d48e08c8..a767491b5b4 100644 --- a/2010/1xxx/CVE-2010-1333.json +++ b/2010/1xxx/CVE-2010-1333.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. Compiere J300_A02 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.compiere-japan.com/products/release/patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.compiere-japan.com/products/release/patch.html" - }, - { - "name" : "JVN#38687002", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN38687002/index.html" - }, - { - "name" : "JVN#57963254", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN57963254/index.html" - }, - { - "name" : "JVNDB-2010-000008", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000008.html" - }, - { - "name" : "JVNDB-2010-000009", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000009.html" - }, - { - "name" : "63419", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/63419" - }, - { - "name" : "39177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39177" - }, - { - "name" : "compiere-unspec-xss(57494)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57494" - }, - { - "name" : "compiere-unspecified-xss(57493)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57493" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. Compiere J300_A02 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.compiere-japan.com/products/release/patch.html", + "refsource": "CONFIRM", + "url": "http://www.compiere-japan.com/products/release/patch.html" + }, + { + "name": "JVNDB-2010-000009", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000009.html" + }, + { + "name": "JVN#38687002", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN38687002/index.html" + }, + { + "name": "JVNDB-2010-000008", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000008.html" + }, + { + "name": "63419", + "refsource": "OSVDB", + "url": "http://osvdb.org/63419" + }, + { + "name": "compiere-unspec-xss(57494)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57494" + }, + { + "name": "JVN#57963254", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN57963254/index.html" + }, + { + "name": "compiere-unspecified-xss(57493)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57493" + }, + { + "name": "39177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39177" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1383.json b/2010/1xxx/CVE-2010-1383.json index 5a39196d4e3..ccebba60d8a 100644 --- a/2010/1xxx/CVE-2010-1383.json +++ b/2010/1xxx/CVE-2010-1383.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4808", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4808" - }, - { - "name" : "APPLE-SA-2011-07-20-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT4808", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4808" + }, + { + "name": "APPLE-SA-2011-07-20-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1728.json b/2010/1xxx/CVE-2010-1728.json index 3f5fe69d323..c6fa8b581ea 100644 --- a/2010/1xxx/CVE-2010-1728.json +++ b/2010/1xxx/CVE-2010-1728.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1728", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1728", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://h.ackack.net/?p=258", - "refsource" : "MISC", - "url" : "http://h.ackack.net/?p=258" - }, - { - "name" : "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac", - "refsource" : "CONFIRM", - "url" : "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac" - }, - { - "name" : "http://www.opera.com/docs/changelogs/mac/1053/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/mac/1053/" - }, - { - "name" : "http://www.opera.com/docs/changelogs/windows/1053/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/windows/1053/" - }, - { - "name" : "http://www.opera.com/support/kb/view/953/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/support/kb/view/953/" - }, - { - "name" : "oval:org.mitre.oval:def:11927", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927" - }, - { - "name" : "39590", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39590" - }, - { - "name" : "ADV-2010-0999", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0999" - }, - { - "name" : "opera-documentwrite-code-execution(58231)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.opera.com/docs/changelogs/mac/1053/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/mac/1053/" + }, + { + "name": "http://www.opera.com/docs/changelogs/windows/1053/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/windows/1053/" + }, + { + "name": "http://www.opera.com/support/kb/view/953/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/support/kb/view/953/" + }, + { + "name": "http://h.ackack.net/?p=258", + "refsource": "MISC", + "url": "http://h.ackack.net/?p=258" + }, + { + "name": "ADV-2010-0999", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0999" + }, + { + "name": "oval:org.mitre.oval:def:11927", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927" + }, + { + "name": "39590", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39590" + }, + { + "name": "opera-documentwrite-code-execution(58231)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231" + }, + { + "name": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac", + "refsource": "CONFIRM", + "url": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1853.json b/2010/1xxx/CVE-2010-1853.json index 29ab3a3cf3c..8fe583d9c6c 100644 --- a/2010/1xxx/CVE-2010-1853.json +++ b/2010/1xxx/CVE-2010-1853.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1853", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted magnet URL with a large number of (1) tr or (2) ws links." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1853", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://trac.transmissionbt.com/changeset/10279", - "refsource" : "CONFIRM", - "url" : "http://trac.transmissionbt.com/changeset/10279" - }, - { - "name" : "http://trac.transmissionbt.com/ticket/2965", - "refsource" : "CONFIRM", - "url" : "http://trac.transmissionbt.com/ticket/2965" - }, - { - "name" : "http://trac.transmissionbt.com/wiki/Changes", - "refsource" : "CONFIRM", - "url" : "http://trac.transmissionbt.com/wiki/Changes" - }, - { - "name" : "38814", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38814" - }, - { - "name" : "63066", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/63066" - }, - { - "name" : "39031", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39031" - }, - { - "name" : "ADV-2010-0655", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0655" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted magnet URL with a large number of (1) tr or (2) ws links." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38814", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38814" + }, + { + "name": "63066", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/63066" + }, + { + "name": "http://trac.transmissionbt.com/wiki/Changes", + "refsource": "CONFIRM", + "url": "http://trac.transmissionbt.com/wiki/Changes" + }, + { + "name": "ADV-2010-0655", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0655" + }, + { + "name": "http://trac.transmissionbt.com/ticket/2965", + "refsource": "CONFIRM", + "url": "http://trac.transmissionbt.com/ticket/2965" + }, + { + "name": "39031", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39031" + }, + { + "name": "http://trac.transmissionbt.com/changeset/10279", + "refsource": "CONFIRM", + "url": "http://trac.transmissionbt.com/changeset/10279" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5100.json b/2010/5xxx/CVE-2010-5100.json index dc9f3f51e8d..7e363b151c2 100644 --- a/2010/5xxx/CVE-2010-5100.json +++ b/2010/5xxx/CVE-2010-5100.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5100", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Install Tool in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-5100", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110113 CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/01/13/2" - }, - { - "name" : "[oss-security] 20120510 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/05/11/3" - }, - { - "name" : "[oss-security] 20120511 CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/05/10/7" - }, - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/" - }, - { - "name" : "45470", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45470" - }, - { - "name" : "70120", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/70120" - }, - { - "name" : "35770", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35770" - }, - { - "name" : "typo3-install-tool-xss(64181)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64181" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Install Tool in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/" + }, + { + "name": "45470", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45470" + }, + { + "name": "35770", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35770" + }, + { + "name": "70120", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/70120" + }, + { + "name": "[oss-security] 20110113 CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/01/13/2" + }, + { + "name": "[oss-security] 20120510 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/05/11/3" + }, + { + "name": "typo3-install-tool-xss(64181)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64181" + }, + { + "name": "[oss-security] 20120511 CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/05/10/7" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0075.json b/2014/0xxx/CVE-2014-0075.json index e6bc70434e2..abffda5500a 100644 --- a/2014/0xxx/CVE-2014-0075.json +++ b/2014/0xxx/CVE-2014-0075.json @@ -1,267 +1,267 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0075", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0075", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1578337", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1578337" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1578341", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1578341" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1579262", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1579262" - }, - { - "name" : "http://tomcat.apache.org/security-6.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-6.html" - }, - { - "name" : "http://tomcat.apache.org/security-7.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-7.html" - }, - { - "name" : "http://tomcat.apache.org/security-8.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-8.html" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7010166", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7010166" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678231", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678231" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-0865.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-0865.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680603", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680603" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681528", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681528" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0268.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0268.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "DSA-3530", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3530" - }, - { - "name" : "DSA-3447", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3447" - }, - { - "name" : "FEDORA-2015-2109", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html" - }, - { - "name" : "HPSBUX03150", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141390017113542&w=2" - }, - { - "name" : "HPSBOV03503", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144498216801440&w=2" - }, - { - "name" : "HPSBUX03102", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141017844705317&w=2" - }, - { - "name" : "SSRT101681", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141017844705317&w=2" - }, - { - "name" : "MDVSA-2015:052", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052" - }, - { - "name" : "MDVSA-2015:053", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053" - }, - { - "name" : "MDVSA-2015:084", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084" - }, - { - "name" : "RHSA-2015:0675", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0675.html" - }, - { - "name" : "RHSA-2015:0720", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0720.html" - }, - { - "name" : "RHSA-2015:0765", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0765.html" - }, - { - "name" : "67671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67671" - }, - { - "name" : "59616", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59616" - }, - { - "name" : "59678", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59678" - }, - { - "name" : "59835", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59835" - }, - { - "name" : "59873", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59873" - }, - { - "name" : "59732", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59732" - }, - { - "name" : "59849", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59849" - }, - { - "name" : "60729", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60729" - }, - { - "name" : "60793", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60793" - }, - { - "name" : "59121", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59121" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1578337", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1578337" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0268.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0268.html" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7010166", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7010166" + }, + { + "name": "59121", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59121" + }, + { + "name": "RHSA-2015:0765", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html" + }, + { + "name": "59732", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59732" + }, + { + "name": "59835", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59835" + }, + { + "name": "RHSA-2015:0675", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681528" + }, + { + "name": "MDVSA-2015:052", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052" + }, + { + "name": "RHSA-2015:0720", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html" + }, + { + "name": "59849", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59849" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-0865.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-0865.html" + }, + { + "name": "MDVSA-2015:084", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084" + }, + { + "name": "DSA-3530", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3530" + }, + { + "name": "59678", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59678" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1578341", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1578341" + }, + { + "name": "HPSBUX03102", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" + }, + { + "name": "http://tomcat.apache.org/security-7.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-7.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1579262", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1579262" + }, + { + "name": "MDVSA-2015:053", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:053" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "HPSBUX03150", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141390017113542&w=2" + }, + { + "name": "FEDORA-2015-2109", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html" + }, + { + "name": "67671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67671" + }, + { + "name": "http://tomcat.apache.org/security-8.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-8.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231" + }, + { + "name": "59616", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59616" + }, + { + "name": "http://tomcat.apache.org/security-6.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-6.html" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "59873", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59873" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + }, + { + "name": "HPSBOV03503", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144498216801440&w=2" + }, + { + "name": "SSRT101681", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + }, + { + "name": "DSA-3447", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3447" + }, + { + "name": "60729", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60729" + }, + { + "name": "60793", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60793" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680603" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0291.json b/2014/0xxx/CVE-2014-0291.json index eaa79f076a5..eadacf0df57 100644 --- a/2014/0xxx/CVE-2014-0291.json +++ b/2014/0xxx/CVE-2014-0291.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0291", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-0291", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0361.json b/2014/0xxx/CVE-2014-0361.json index 89beef1a048..250f4183a2e 100644 --- a/2014/0xxx/CVE-2014-0361.json +++ b/2014/0xxx/CVE-2014-0361.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0361", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified cryptanalysis of an ADXCSOUF.DAT file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-0361", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=pos1R1005054", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=pos1R1005054" - }, - { - "name" : "VU#622950", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/622950" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified cryptanalysis of an ADXCSOUF.DAT file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#622950", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/622950" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=pos1R1005054", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=pos1R1005054" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0391.json b/2014/0xxx/CVE-2014-0391.json index 486c622c2db..33783e17620 100644 --- a/2014/0xxx/CVE-2014-0391.json +++ b/2014/0xxx/CVE-2014-0391.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "64829", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64829" - }, - { - "name" : "102099", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102099" - }, - { - "name" : "1029613", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029613" - }, - { - "name" : "56459", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56459" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64829", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64829" + }, + { + "name": "1029613", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029613" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "56459", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56459" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + }, + { + "name": "102099", + "refsource": "OSVDB", + "url": "http://osvdb.org/102099" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0900.json b/2014/0xxx/CVE-2014-0900.json index 7a17ad6d3c6..d3277f99483 100644 --- a/2014/0xxx/CVE-2014-0900.json +++ b/2014/0xxx/CVE-2014-0900.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0900", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0900", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/", - "refsource" : "MISC", - "url" : "https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/", + "refsource": "MISC", + "url": "https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1398.json b/2014/1xxx/CVE-2014-1398.json index 37d06e1ec38..bf0c44c21e7 100644 --- a/2014/1xxx/CVE-2014-1398.json +++ b/2014/1xxx/CVE-2014-1398.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140109 Re: CVE Request: drupal7-entity: multiple access bypass vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/01/09/3" - }, - { - "name" : "https://www.drupal.org/node/2169595", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2169595" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1050802", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1050802" - }, - { - "name" : "FEDORA-2014-0508", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126811.html" - }, - { - "name" : "FEDORA-2014-0509", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126816.html" - }, - { - "name" : "64729", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64729" - }, - { - "name" : "drupal-entityapi-cve20141398-security-bypass(90215)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64729", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64729" + }, + { + "name": "drupal-entityapi-cve20141398-security-bypass(90215)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90215" + }, + { + "name": "FEDORA-2014-0508", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126811.html" + }, + { + "name": "FEDORA-2014-0509", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126816.html" + }, + { + "name": "[oss-security] 20140109 Re: CVE Request: drupal7-entity: multiple access bypass vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/01/09/3" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1050802", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1050802" + }, + { + "name": "https://www.drupal.org/node/2169595", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2169595" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1433.json b/2014/1xxx/CVE-2014-1433.json index d2b0d2e3429..a09d1698fa7 100644 --- a/2014/1xxx/CVE-2014-1433.json +++ b/2014/1xxx/CVE-2014-1433.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1433", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-1433", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1721.json b/2014/1xxx/CVE-2014-1721.json index 5ec7d653d57..72b10889a58 100644 --- a/2014/1xxx/CVE-2014-1721.json +++ b/2014/1xxx/CVE-2014-1721.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-1721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=350434", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=350434" - }, - { - "name" : "https://code.google.com/p/v8/source/detail?r=19834", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/v8/source/detail?r=19834" - }, - { - "name" : "DSA-2905", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2905" - }, - { - "name" : "GLSA-201408-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml" - }, - { - "name" : "openSUSE-SU-2014:0601", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/v8/source/detail?r=19834", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/v8/source/detail?r=19834" + }, + { + "name": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html" + }, + { + "name": "openSUSE-SU-2014:0601", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html" + }, + { + "name": "GLSA-201408-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml" + }, + { + "name": "DSA-2905", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2905" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=350434", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=350434" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1816.json b/2014/1xxx/CVE-2014-1816.json index d6b51b9d193..1b4c4155339 100644 --- a/2014/1xxx/CVE-2014-1816.json +++ b/2014/1xxx/CVE-2014-1816.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1816", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover (1) full pathnames on the client system and (2) local usernames embedded in these pathnames via a crafted web site, aka \"MSXML Entity URI Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1816", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx" - }, - { - "name" : "MS14-033", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-033" - }, - { - "name" : "67895", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67895" - }, - { - "name" : "58538", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58538" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover (1) full pathnames on the client system and (2) local usernames embedded in these pathnames via a crafted web site, aka \"MSXML Entity URI Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-033", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-033" + }, + { + "name": "67895", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67895" + }, + { + "name": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx" + }, + { + "name": "58538", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58538" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4898.json b/2014/4xxx/CVE-2014-4898.json index c12448065e7..e79cdd64610 100644 --- a/2014/4xxx/CVE-2014-4898.json +++ b/2014/4xxx/CVE-2014-4898.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4898", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Harivijay (aka com.upasanhar.marathi.harivijay) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-4898", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#439409", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/439409" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Harivijay (aka com.upasanhar.marathi.harivijay) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#439409", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/439409" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4984.json b/2014/4xxx/CVE-2014-4984.json index 3282e17ae61..846b8f6ef18 100644 --- a/2014/4xxx/CVE-2014-4984.json +++ b/2014/4xxx/CVE-2014-4984.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4984", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4984", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5959.json b/2014/5xxx/CVE-2014-5959.json index d947ad9fe24..38720c32482 100644 --- a/2014/5xxx/CVE-2014-5959.json +++ b/2014/5xxx/CVE-2014-5959.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#447329", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/447329" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#447329", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/447329" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5971.json b/2014/5xxx/CVE-2014-5971.json index 579a079e90d..353048145cd 100644 --- a/2014/5xxx/CVE-2014-5971.json +++ b/2014/5xxx/CVE-2014-5971.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#849577", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/849577" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#849577", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/849577" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5997.json b/2014/5xxx/CVE-2014-5997.json index 90c9826a91f..13f438775c7 100644 --- a/2014/5xxx/CVE-2014-5997.json +++ b/2014/5xxx/CVE-2014-5997.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Auto Trader (aka za.co.autotrader.android.app) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#319465", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/319465" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Auto Trader (aka za.co.autotrader.android.app) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#319465", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/319465" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10500.json b/2016/10xxx/CVE-2016-10500.json index aba387a141f..4a0c20d0875 100644 --- a/2016/10xxx/CVE-2016-10500.json +++ b/2016/10xxx/CVE-2016-10500.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10500", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10500", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3314.json b/2016/3xxx/CVE-2016-3314.json index 54259a04b08..87a92d38aa0 100644 --- a/2016/3xxx/CVE-2016-3314.json +++ b/2016/3xxx/CVE-2016-3314.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3314", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-3314", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3698.json b/2016/3xxx/CVE-2016-3698.json index 13d121434f9..bd84a677699 100644 --- a/2016/3xxx/CVE-2016-3698.json +++ b/2016/3xxx/CVE-2016-3698.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3698", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-3698", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160517 RHSA-2016:1086 libndp: denial of service due to insufficient validation of source of NDP messages", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/17/9" - }, - { - "name" : "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839", - "refsource" : "CONFIRM", - "url" : "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839" - }, - { - "name" : "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f", - "refsource" : "CONFIRM", - "url" : "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3581", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3581" - }, - { - "name" : "RHSA-2016:1086", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2016-1086.html" - }, - { - "name" : "USN-2980-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2980-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f", + "refsource": "CONFIRM", + "url": "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f" + }, + { + "name": "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839", + "refsource": "CONFIRM", + "url": "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839" + }, + { + "name": "DSA-3581", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3581" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "[oss-security] 20160517 RHSA-2016:1086 libndp: denial of service due to insufficient validation of source of NDP messages", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/17/9" + }, + { + "name": "USN-2980-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2980-1" + }, + { + "name": "RHSA-2016:1086", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2016-1086.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3886.json b/2016/3xxx/CVE-2016-3886.json index 1e0d664ee34..a9dae45a241 100644 --- a/2016/3xxx/CVE-2016-3886.json +++ b/2016/3xxx/CVE-2016-3886.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3886", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attackers to gain privileges by modifying a setting, aka internal bug 30107438." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3886", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-09-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-09-01.html" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5" - }, - { - "name" : "92860", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92860" - }, - { - "name" : "1036763", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036763" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attackers to gain privileges by modifying a setting, aka internal bug 30107438." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5" + }, + { + "name": "http://source.android.com/security/bulletin/2016-09-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-09-01.html" + }, + { + "name": "92860", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92860" + }, + { + "name": "1036763", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036763" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3959.json b/2016/3xxx/CVE-2016-3959.json index c095bff62fe..df956e06065 100644 --- a/2016/3xxx/CVE-2016-3959.json +++ b/2016/3xxx/CVE-2016-3959.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[golang-announce] 20160412 [security] Go 1.6.1 and 1.5.4 are released", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/#!topic/golang-announce/9eqIHqaWvck" - }, - { - "name" : "[oss-security] 20160405 CVE request - Go - DLL loading, Big int", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/05/1" - }, - { - "name" : "[oss-security] 20160405 Re: CVE request - Go - DLL loading, Big int", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/05/2" - }, - { - "name" : "https://go-review.googlesource.com/#/c/21533/", - "refsource" : "CONFIRM", - "url" : "https://go-review.googlesource.com/#/c/21533/" - }, - { - "name" : "FEDORA-2016-2940ad5550", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182526.html" - }, - { - "name" : "FEDORA-2016-2fcfc7670f", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183137.html" - }, - { - "name" : "FEDORA-2016-59c5e405e3", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183106.html" - }, - { - "name" : "RHSA-2016:1538", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1538.html" - }, - { - "name" : "openSUSE-SU-2016:1331", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00077.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160405 Re: CVE request - Go - DLL loading, Big int", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/05/2" + }, + { + "name": "https://go-review.googlesource.com/#/c/21533/", + "refsource": "CONFIRM", + "url": "https://go-review.googlesource.com/#/c/21533/" + }, + { + "name": "RHSA-2016:1538", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1538.html" + }, + { + "name": "FEDORA-2016-2940ad5550", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182526.html" + }, + { + "name": "[golang-announce] 20160412 [security] Go 1.6.1 and 1.5.4 are released", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/#!topic/golang-announce/9eqIHqaWvck" + }, + { + "name": "FEDORA-2016-59c5e405e3", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183106.html" + }, + { + "name": "openSUSE-SU-2016:1331", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00077.html" + }, + { + "name": "[oss-security] 20160405 CVE request - Go - DLL loading, Big int", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/05/1" + }, + { + "name": "FEDORA-2016-2fcfc7670f", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183137.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8077.json b/2016/8xxx/CVE-2016-8077.json index 7d5ecdfa10c..7ca306c422d 100644 --- a/2016/8xxx/CVE-2016-8077.json +++ b/2016/8xxx/CVE-2016-8077.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8077", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8077", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8979.json b/2016/8xxx/CVE-2016-8979.json index 12ea8094d30..df90cb6e19a 100644 --- a/2016/8xxx/CVE-2016-8979.json +++ b/2016/8xxx/CVE-2016-8979.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8979", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8979", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8988.json b/2016/8xxx/CVE-2016-8988.json index 77b4967b178..609769cd983 100644 --- a/2016/8xxx/CVE-2016-8988.json +++ b/2016/8xxx/CVE-2016-8988.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8988", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8988", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9044.json b/2016/9xxx/CVE-2016-9044.json index 2d441ebff7d..45460d60493 100644 --- a/2016/9xxx/CVE-2016-9044.json +++ b/2016/9xxx/CVE-2016-9044.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "DATE_PUBLIC" : "2017-07-19T00:00:00", - "ID" : "CVE-2016-9044", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WebFOCUS", - "version" : { - "version_data" : [ - { - "version_value" : "WebFOCUS Business Intelligence Portal 8.1" - } - ] - } - } - ] - }, - "vendor_name" : "Information Builders" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Intelligence Portal 8.1 . A specially crafted web parameter can cause a command injection. An authenticated attacker can send a crafted web request to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "command injection" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "DATE_PUBLIC": "2017-07-19T00:00:00", + "ID": "CVE-2016-9044", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebFOCUS", + "version": { + "version_data": [ + { + "version_value": "WebFOCUS Business Intelligence Portal 8.1" + } + ] + } + } + ] + }, + "vendor_name": "Information Builders" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0315", - "refsource" : "MISC", - "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Intelligence Portal 8.1 . A specially crafted web parameter can cause a command injection. An authenticated attacker can send a crafted web request to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0315", + "refsource": "MISC", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0315" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9111.json b/2016/9xxx/CVE-2016-9111.json index 3d87ad50ca6..859e7ce07b7 100644 --- a/2016/9xxx/CVE-2016-9111.json +++ b/2016/9xxx/CVE-2016-9111.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating \"the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40686", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40686/" - }, - { - "name" : "https://packetstormsecurity.com/files/139493/Citrix-Receiver-Receiver-Desktop-Lock-4.5-Authentication-Bypass.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/139493/Citrix-Receiver-Receiver-Desktop-Lock-4.5-Authentication-Bypass.html" - }, - { - "name" : "https://vuldb.com/?id.93250", - "refsource" : "MISC", - "url" : "https://vuldb.com/?id.93250" - }, - { - "name" : "94229", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94229" - }, - { - "name" : "1037176", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037176" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating \"the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://vuldb.com/?id.93250", + "refsource": "MISC", + "url": "https://vuldb.com/?id.93250" + }, + { + "name": "1037176", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037176" + }, + { + "name": "40686", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40686/" + }, + { + "name": "https://packetstormsecurity.com/files/139493/Citrix-Receiver-Receiver-Desktop-Lock-4.5-Authentication-Bypass.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/139493/Citrix-Receiver-Receiver-Desktop-Lock-4.5-Authentication-Bypass.html" + }, + { + "name": "94229", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94229" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9943.json b/2016/9xxx/CVE-2016-9943.json index f3d5ca8e3a1..18d18c9d31e 100644 --- a/2016/9xxx/CVE-2016-9943.json +++ b/2016/9xxx/CVE-2016-9943.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9943", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9943", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2351.json b/2019/2xxx/CVE-2019-2351.json index e347b3c78f6..c81a01c6719 100644 --- a/2019/2xxx/CVE-2019-2351.json +++ b/2019/2xxx/CVE-2019-2351.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2351", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2351", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2678.json b/2019/2xxx/CVE-2019-2678.json index 773f2741e55..ab30bfe9125 100644 --- a/2019/2xxx/CVE-2019-2678.json +++ b/2019/2xxx/CVE-2019-2678.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2678", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2678", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2933.json b/2019/2xxx/CVE-2019-2933.json index 26dccb5d455..13cc710d6b3 100644 --- a/2019/2xxx/CVE-2019-2933.json +++ b/2019/2xxx/CVE-2019-2933.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2933", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2933", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6018.json b/2019/6xxx/CVE-2019-6018.json index 1cbc0bf5cdd..59d17b8aae2 100644 --- a/2019/6xxx/CVE-2019-6018.json +++ b/2019/6xxx/CVE-2019-6018.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6018", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6018", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6367.json b/2019/6xxx/CVE-2019-6367.json index 5f2d8c20a82..e4c6261ffea 100644 --- a/2019/6xxx/CVE-2019-6367.json +++ b/2019/6xxx/CVE-2019-6367.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6367", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6367", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6437.json b/2019/6xxx/CVE-2019-6437.json index 51b29a241ad..47006940235 100644 --- a/2019/6xxx/CVE-2019-6437.json +++ b/2019/6xxx/CVE-2019-6437.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6437", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6437", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6584.json b/2019/6xxx/CVE-2019-6584.json index 35384736bc4..4ae2aef7657 100644 --- a/2019/6xxx/CVE-2019-6584.json +++ b/2019/6xxx/CVE-2019-6584.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6584", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6584", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6688.json b/2019/6xxx/CVE-2019-6688.json index 8d62f0cfc69..cbf60bf2f43 100644 --- a/2019/6xxx/CVE-2019-6688.json +++ b/2019/6xxx/CVE-2019-6688.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6688", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6688", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file