From 7191876bcf818e1d516d53c9d5a15c28f0fb206e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:56:22 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/0xxx/CVE-2006-0479.json | 200 ++++++------- 2006/0xxx/CVE-2006-0651.json | 150 +++++----- 2006/0xxx/CVE-2006-0819.json | 200 ++++++------- 2006/1xxx/CVE-2006-1651.json | 150 +++++----- 2006/1xxx/CVE-2006-1662.json | 170 +++++------ 2006/4xxx/CVE-2006-4255.json | 200 ++++++------- 2006/4xxx/CVE-2006-4331.json | 290 +++++++++--------- 2006/5xxx/CVE-2006-5029.json | 150 +++++----- 2006/5xxx/CVE-2006-5284.json | 160 +++++----- 2006/5xxx/CVE-2006-5321.json | 140 ++++----- 2006/5xxx/CVE-2006-5488.json | 150 +++++----- 2006/5xxx/CVE-2006-5782.json | 190 ++++++------ 2010/0xxx/CVE-2010-0209.json | 220 +++++++------- 2010/0xxx/CVE-2010-0737.json | 34 +-- 2010/2xxx/CVE-2010-2086.json | 130 ++++----- 2010/2xxx/CVE-2010-2900.json | 150 +++++----- 2010/3xxx/CVE-2010-3188.json | 150 +++++----- 2010/3xxx/CVE-2010-3398.json | 140 ++++----- 2010/3xxx/CVE-2010-3655.json | 140 ++++----- 2010/3xxx/CVE-2010-3702.json | 520 ++++++++++++++++----------------- 2010/4xxx/CVE-2010-4254.json | 240 +++++++-------- 2010/4xxx/CVE-2010-4348.json | 240 +++++++-------- 2010/4xxx/CVE-2010-4359.json | 160 +++++----- 2010/4xxx/CVE-2010-4582.json | 160 +++++----- 2014/0xxx/CVE-2014-0202.json | 120 ++++---- 2014/10xxx/CVE-2014-10076.json | 120 ++++---- 2014/3xxx/CVE-2014-3617.json | 140 ++++----- 2014/4xxx/CVE-2014-4338.json | 170 +++++------ 2014/8xxx/CVE-2014-8138.json | 320 ++++++++++---------- 2014/8xxx/CVE-2014-8449.json | 120 ++++---- 2014/8xxx/CVE-2014-8738.json | 280 +++++++++--------- 2014/9xxx/CVE-2014-9215.json | 140 ++++----- 2014/9xxx/CVE-2014-9419.json | 300 +++++++++---------- 2014/9xxx/CVE-2014-9538.json | 34 +-- 2014/9xxx/CVE-2014-9594.json | 140 ++++----- 2014/9xxx/CVE-2014-9856.json | 34 +-- 2014/9xxx/CVE-2014-9935.json | 140 ++++----- 2016/2xxx/CVE-2016-2089.json | 180 ++++++------ 2016/2xxx/CVE-2016-2297.json | 130 ++++----- 2016/2xxx/CVE-2016-2701.json | 34 +-- 2016/3xxx/CVE-2016-3383.json | 140 ++++----- 2016/3xxx/CVE-2016-3412.json | 140 ++++----- 2016/3xxx/CVE-2016-3434.json | 130 ++++----- 2016/3xxx/CVE-2016-3753.json | 120 ++++---- 2016/6xxx/CVE-2016-6442.json | 140 ++++----- 2016/6xxx/CVE-2016-6762.json | 154 +++++----- 2016/7xxx/CVE-2016-7152.json | 200 ++++++------- 2016/7xxx/CVE-2016-7202.json | 180 ++++++------ 2016/7xxx/CVE-2016-7748.json | 34 +-- 2016/7xxx/CVE-2016-7901.json | 34 +-- 50 files changed, 4054 insertions(+), 4054 deletions(-) diff --git a/2006/0xxx/CVE-2006-0479.json b/2006/0xxx/CVE-2006-0479.json index 90137f53f17..0e2dcddd6b6 100644 --- a/2006/0xxx/CVE-2006-0479.json +++ b/2006/0xxx/CVE-2006-0479.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0479", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0479", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060128 PmWiki Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0931.html" - }, - { - "name" : "http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/", - "refsource" : "MISC", - "url" : "http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/" - }, - { - "name" : "16421", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16421" - }, - { - "name" : "ADV-2006-0375", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0375" - }, - { - "name" : "1015550", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015550" - }, - { - "name" : "18634", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18634" - }, - { - "name" : "pmwiki-multiple-xss(24368)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24368" - }, - { - "name" : "pmwiki-path-disclosure(24366)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24366" - }, - { - "name" : "pmwiki-file-include(24367)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24367" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060128 PmWiki Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0931.html" + }, + { + "name": "pmwiki-multiple-xss(24368)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24368" + }, + { + "name": "18634", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18634" + }, + { + "name": "http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/", + "refsource": "MISC", + "url": "http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/" + }, + { + "name": "pmwiki-file-include(24367)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24367" + }, + { + "name": "1015550", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015550" + }, + { + "name": "16421", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16421" + }, + { + "name": "ADV-2006-0375", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0375" + }, + { + "name": "pmwiki-path-disclosure(24366)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24366" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0651.json b/2006/0xxx/CVE-2006-0651.json index eed167f83b6..e1587dfb430 100644 --- a/2006/0xxx/CVE-2006-0651.json +++ b/2006/0xxx/CVE-2006-0651.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "16547", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16547" - }, - { - "name" : "22991", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22991" - }, - { - "name" : "1015594", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015594" - }, - { - "name" : "vwdev-uid-sql-injection(24583)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24583" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22991", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22991" + }, + { + "name": "vwdev-uid-sql-injection(24583)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24583" + }, + { + "name": "1015594", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015594" + }, + { + "name": "16547", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16547" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0819.json b/2006/0xxx/CVE-2006-0819.json index f2fb00194fd..1390d159bb8 100644 --- a/2006/0xxx/CVE-2006-0819.json +++ b/2006/0xxx/CVE-2006-0819.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060313 Secunia Research: Dwarf HTTP Server Source Disclosure andCross-Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/427478/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2006-13/advisory", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2006-13/advisory" - }, - { - "name" : "17123", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17123" - }, - { - "name" : "ADV-2006-0937", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0937" - }, - { - "name" : "23836", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23836" - }, - { - "name" : "1015779", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015779" - }, - { - "name" : "18962", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18962" - }, - { - "name" : "576", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/576" - }, - { - "name" : "dwarfhttp-extension-information-disclosure(25178)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25178" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-0937", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0937" + }, + { + "name": "1015779", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015779" + }, + { + "name": "17123", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17123" + }, + { + "name": "dwarfhttp-extension-information-disclosure(25178)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25178" + }, + { + "name": "20060313 Secunia Research: Dwarf HTTP Server Source Disclosure andCross-Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/427478/100/0/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2006-13/advisory", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2006-13/advisory" + }, + { + "name": "23836", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23836" + }, + { + "name": "576", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/576" + }, + { + "name": "18962", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18962" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1651.json b/2006/1xxx/CVE-2006-1651.json index 950eb1a24ed..c7c8b4f73a4 100644 --- a/2006/1xxx/CVE-2006-1651.json +++ b/2006/1xxx/CVE-2006-1651.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that \"Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6 filtering ... This is different network protocol.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060403 Bypassing ISA Server 2004 with IPv6", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/429816/100/0/threaded" - }, - { - "name" : "20060404 Re: Bypassing ISA Server 2004 with IPv6", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/429846/100/0/threaded" - }, - { - "name" : "20060405 Re: Re: Bypassing ISA Server 2004 with IPv6", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/430281/100/0/threaded" - }, - { - "name" : "20060410 Re: Bypassing ISA Server 2004 with IPv6", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/430684/100/0/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that \"Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6 filtering ... This is different network protocol.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060403 Bypassing ISA Server 2004 with IPv6", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/429816/100/0/threaded" + }, + { + "name": "20060404 Re: Bypassing ISA Server 2004 with IPv6", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/429846/100/0/threaded" + }, + { + "name": "20060405 Re: Re: Bypassing ISA Server 2004 with IPv6", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/430281/100/0/threaded" + }, + { + "name": "20060410 Re: Bypassing ISA Server 2004 with IPv6", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/430684/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1662.json b/2006/1xxx/CVE-2006-1662.json index d4f55e87b2b..4413c05f5b3 100644 --- a/2006/1xxx/CVE-2006-1662.json +++ b/2006/1xxx/CVE-2006-1662.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1662", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1662", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060228 Limbo CMS code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/426428" - }, - { - "name" : "20060404 Re: Limbo CMS code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/429946/100/0/threaded" - }, - { - "name" : "20060228 Limbo CMS code execution", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0728.html" - }, - { - "name" : "16902", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16902" - }, - { - "name" : "519", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/519" - }, - { - "name" : "limbocms-index-code-execution(24992)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24992" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "519", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/519" + }, + { + "name": "20060228 Limbo CMS code execution", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0728.html" + }, + { + "name": "16902", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16902" + }, + { + "name": "20060404 Re: Limbo CMS code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/429946/100/0/threaded" + }, + { + "name": "20060228 Limbo CMS code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/426428" + }, + { + "name": "limbocms-index-code-execution(24992)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24992" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4255.json b/2006/4xxx/CVE-2006-4255.json index c2bdc1341bc..26af132f8b7 100644 --- a/2006/4xxx/CVE-2006-4255.json +++ b/2006/4xxx/CVE-2006-4255.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows remote attackers to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP search screen." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060816 [scip_Advisory 2457] Horde Framework and Horde IMP /horde/imp/search.php cross site scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/443361/100/0/threaded" - }, - { - "name" : "[horde-announce] 20060817 IMP H3 (4.1.3) (final)", - "refsource" : "MLIST", - "url" : "http://lists.horde.org/archives/announce/2006/000294.html" - }, - { - "name" : "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2457", - "refsource" : "MISC", - "url" : "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2457" - }, - { - "name" : "19544", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19544" - }, - { - "name" : "ADV-2006-3316", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3316" - }, - { - "name" : "1016713", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016713" - }, - { - "name" : "21533", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21533" - }, - { - "name" : "1423", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1423" - }, - { - "name" : "horde-search-xss(28409)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows remote attackers to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP search screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19544", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19544" + }, + { + "name": "[horde-announce] 20060817 IMP H3 (4.1.3) (final)", + "refsource": "MLIST", + "url": "http://lists.horde.org/archives/announce/2006/000294.html" + }, + { + "name": "ADV-2006-3316", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3316" + }, + { + "name": "1423", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1423" + }, + { + "name": "21533", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21533" + }, + { + "name": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2457", + "refsource": "MISC", + "url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2457" + }, + { + "name": "horde-search-xss(28409)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28409" + }, + { + "name": "20060816 [scip_Advisory 2457] Horde Framework and Horde IMP /horde/imp/search.php cross site scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/443361/100/0/threaded" + }, + { + "name": "1016713", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016713" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4331.json b/2006/4xxx/CVE-2006-4331.json index c673b147476..842d2f87e9b 100644 --- a/2006/4xxx/CVE-2006-4331.json +++ b/2006/4xxx/CVE-2006-4331.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4331", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-4331", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2006-02.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2006-02.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm" - }, - { - "name" : "GLSA-200608-26", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200608-26.xml" - }, - { - "name" : "MDKSA-2006:152", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:152" - }, - { - "name" : "RHSA-2006:0658", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0658.html" - }, - { - "name" : "VU#638376", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/638376" - }, - { - "name" : "19690", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19690" - }, - { - "name" : "oval:org.mitre.oval:def:10125", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10125" - }, - { - "name" : "oval:org.mitre.oval:def:14587", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14587" - }, - { - "name" : "ADV-2006-3370", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3370" - }, - { - "name" : "1016736", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016736" - }, - { - "name" : "21597", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21597" - }, - { - "name" : "21649", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21649" - }, - { - "name" : "21619", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21619" - }, - { - "name" : "21682", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21682" - }, - { - "name" : "21885", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21885" - }, - { - "name" : "22378", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22378" - }, - { - "name" : "wireshark-esp-offbyone(28553)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-3370", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3370" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm" + }, + { + "name": "21682", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21682" + }, + { + "name": "oval:org.mitre.oval:def:14587", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14587" + }, + { + "name": "19690", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19690" + }, + { + "name": "oval:org.mitre.oval:def:10125", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10125" + }, + { + "name": "1016736", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016736" + }, + { + "name": "RHSA-2006:0658", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0658.html" + }, + { + "name": "21649", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21649" + }, + { + "name": "MDKSA-2006:152", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:152" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2006-02.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2006-02.html" + }, + { + "name": "21619", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21619" + }, + { + "name": "GLSA-200608-26", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200608-26.xml" + }, + { + "name": "wireshark-esp-offbyone(28553)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28553" + }, + { + "name": "VU#638376", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/638376" + }, + { + "name": "21885", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21885" + }, + { + "name": "21597", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21597" + }, + { + "name": "22378", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22378" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5029.json b/2006/5xxx/CVE-2006-5029.json index 988ab373aa1..3b273a2422c 100644 --- a/2006/5xxx/CVE-2006-5029.json +++ b/2006/5xxx/CVE-2006-5029.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060921 Woltlab Burning Board 2.3.X SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446743/100/0/threaded" - }, - { - "name" : "20060923 Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446937/100/0/threaded" - }, - { - "name" : "20060924 Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446938/100/100/threaded" - }, - { - "name" : "20060926 Re: Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447069/100/100/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060926 Re: Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447069/100/100/threaded" + }, + { + "name": "20060923 Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446937/100/0/threaded" + }, + { + "name": "20060921 Woltlab Burning Board 2.3.X SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446743/100/0/threaded" + }, + { + "name": "20060924 Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446938/100/100/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5284.json b/2006/5xxx/CVE-2006-5284.json index 04024791449..b26c431d5a2 100644 --- a/2006/5xxx/CVE-2006-5284.json +++ b/2006/5xxx/CVE-2006-5284.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5284", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in auth/phpbb.inc.php in Shen Cheng-Da PHP News Reader (aka pnews) 2.6.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CFG[auth_phpbb_path] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5284", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2517", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2517" - }, - { - "name" : "20480", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20480" - }, - { - "name" : "ADV-2006-4011", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4011" - }, - { - "name" : "22354", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22354" - }, - { - "name" : "phpnewsreader-phpbbinc-file-include(29481)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29481" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in auth/phpbb.inc.php in Shen Cheng-Da PHP News Reader (aka pnews) 2.6.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CFG[auth_phpbb_path] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2517", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2517" + }, + { + "name": "20480", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20480" + }, + { + "name": "phpnewsreader-phpbbinc-file-include(29481)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29481" + }, + { + "name": "ADV-2006-4011", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4011" + }, + { + "name": "22354", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22354" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5321.json b/2006/5xxx/CVE-2006-5321.json index 636fbb8840d..6603bb350b4 100644 --- a/2006/5xxx/CVE-2006-5321.json +++ b/2006/5xxx/CVE-2006-5321.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phplist.com/news", - "refsource" : "MISC", - "url" : "http://www.phplist.com/news" - }, - { - "name" : "http://tincan.co.uk/?lid=1821", - "refsource" : "CONFIRM", - "url" : "http://tincan.co.uk/?lid=1821" - }, - { - "name" : "20483", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20483", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20483" + }, + { + "name": "http://www.phplist.com/news", + "refsource": "MISC", + "url": "http://www.phplist.com/news" + }, + { + "name": "http://tincan.co.uk/?lid=1821", + "refsource": "CONFIRM", + "url": "http://tincan.co.uk/?lid=1821" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5488.json b/2006/5xxx/CVE-2006-5488.json index 4db0e5d43f6..25f88e58e8a 100644 --- a/2006/5xxx/CVE-2006-5488.json +++ b/2006/5xxx/CVE-2006-5488.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5488", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in XchangeBoard 1.70, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginNick parameter during login. NOTE: the provenance of this information is unknown; the details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5488", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20643", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20643" - }, - { - "name" : "29898", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/29898" - }, - { - "name" : "22489", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22489" - }, - { - "name" : "xchangeboard-loginnick-sql-injection(29675)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29675" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in XchangeBoard 1.70, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginNick parameter during login. NOTE: the provenance of this information is unknown; the details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29898", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/29898" + }, + { + "name": "xchangeboard-loginnick-sql-injection(29675)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29675" + }, + { + "name": "22489", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22489" + }, + { + "name": "20643", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20643" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5782.json b/2006/5xxx/CVE-2006-5782.json index a5852b46bf1..fcfe5977365 100644 --- a/2006/5xxx/CVE-2006-5782.json +++ b/2006/5xxx/CVE-2006-5782.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5782", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5782", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061108 TSRT-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/450942/100/0/threaded" - }, - { - "name" : "HPSBMA02167", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00795552" - }, - { - "name" : "SSRT061262", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00795552" - }, - { - "name" : "ADV-2006-4410", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4410" - }, - { - "name" : "1017197", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017197" - }, - { - "name" : "22780", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22780" - }, - { - "name" : "1842", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1842" - }, - { - "name" : "hp-openview-radianotify-dos(30138)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061108 TSRT-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/450942/100/0/threaded" + }, + { + "name": "22780", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22780" + }, + { + "name": "HPSBMA02167", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00795552" + }, + { + "name": "1842", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1842" + }, + { + "name": "ADV-2006-4410", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4410" + }, + { + "name": "hp-openview-radianotify-dos(30138)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30138" + }, + { + "name": "SSRT061262", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00795552" + }, + { + "name": "1017197", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017197" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0209.json b/2010/0xxx/CVE-2010-0209.json index 7f63b8c6ae7..9bdcb02b8e3 100644 --- a/2010/0xxx/CVE-2010-0209.json +++ b/2010/0xxx/CVE-2010-0209.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0209", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2010-0209", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-16.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-16.html" - }, - { - "name" : "http://support.apple.com/kb/HT4435", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4435" - }, - { - "name" : "APPLE-SA-2010-11-10-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" - }, - { - "name" : "GLSA-201101-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml" - }, - { - "name" : "HPSBMA02592", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=128767780602751&w=2" - }, - { - "name" : "SSRT100300", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=128767780602751&w=2" - }, - { - "name" : "oval:org.mitre.oval:def:11461", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11461" - }, - { - "name" : "oval:org.mitre.oval:def:16106", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16106" - }, - { - "name" : "1024621", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024621" - }, - { - "name" : "43026", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43026" - }, - { - "name" : "ADV-2011-0192", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0192", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0192" + }, + { + "name": "http://support.apple.com/kb/HT4435", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4435" + }, + { + "name": "HPSBMA02592", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=128767780602751&w=2" + }, + { + "name": "1024621", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024621" + }, + { + "name": "43026", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43026" + }, + { + "name": "GLSA-201101-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml" + }, + { + "name": "APPLE-SA-2010-11-10-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" + }, + { + "name": "oval:org.mitre.oval:def:11461", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11461" + }, + { + "name": "SSRT100300", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=128767780602751&w=2" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-16.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html" + }, + { + "name": "oval:org.mitre.oval:def:16106", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16106" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0737.json b/2010/0xxx/CVE-2010-0737.json index a7e372ad993..0f69ac8102d 100644 --- a/2010/0xxx/CVE-2010-0737.json +++ b/2010/0xxx/CVE-2010-0737.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0737", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0737", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2086.json b/2010/2xxx/CVE-2010-2086.json index 5b33d2b3aed..04207278a80 100644 --- a/2010/2xxx/CVE-2010-2086.json +++ b/2010/2xxx/CVE-2010-2086.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.blackhat.com/presentations/bh-dc-10/Byrne_David/BlackHat-DC-2010-Byrne-SGUI-slides.pdf", - "refsource" : "MISC", - "url" : "http://www.blackhat.com/presentations/bh-dc-10/Byrne_David/BlackHat-DC-2010-Byrne-SGUI-slides.pdf" - }, - { - "name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2010-001.txt", - "refsource" : "MISC", - "url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2010-001.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2010-001.txt", + "refsource": "MISC", + "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2010-001.txt" + }, + { + "name": "http://www.blackhat.com/presentations/bh-dc-10/Byrne_David/BlackHat-DC-2010-Byrne-SGUI-slides.pdf", + "refsource": "MISC", + "url": "http://www.blackhat.com/presentations/bh-dc-10/Byrne_David/BlackHat-DC-2010-Byrne-SGUI-slides.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2900.json b/2010/2xxx/CVE-2010-2900.json index 17d280c0d2b..ed2a577b38e 100644 --- a/2010/2xxx/CVE-2010-2900.json +++ b/2010/2xxx/CVE-2010-2900.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2900", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2900", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=43813", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=43813" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html" - }, - { - "name" : "oval:org.mitre.oval:def:11818", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11818" - }, - { - "name" : "40743", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40743" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:11818", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11818" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=43813", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=43813" + }, + { + "name": "40743", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40743" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3188.json b/2010/3xxx/CVE-2010-3188.json index 48257218efb..fa264c5856e 100644 --- a/2010/3xxx/CVE-2010-3188.json +++ b/2010/3xxx/CVE-2010-3188.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3188", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3188", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100826 BugTracker.net 3.4.3 SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/513385/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view" - }, - { - "name" : "41150", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41150" - }, - { - "name" : "bugtrackernet-search-sql-injection(61434)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "bugtrackernet-search-sql-injection(61434)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61434" + }, + { + "name": "20100826 BugTracker.net 3.4.3 SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/513385/100/0/threaded" + }, + { + "name": "41150", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41150" + }, + { + "name": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3398.json b/2010/3xxx/CVE-2010-3398.json index dcf18f7fbbb..7fa1891cdc9 100644 --- a/2010/3xxx/CVE-2010-3398.json +++ b/2010/3xxx/CVE-2010-3398.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21445669", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21445669" - }, - { - "name" : "43220", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43220" - }, - { - "name" : "ADV-2010-2380", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43220", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43220" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21445669", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21445669" + }, + { + "name": "ADV-2010-2380", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2380" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3655.json b/2010/3xxx/CVE-2010-3655.json index be4422f81e6..ecedd0e6dc3 100644 --- a/2010/3xxx/CVE-2010-3655.json +++ b/2010/3xxx/CVE-2010-3655.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-3655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-25.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-25.html" - }, - { - "name" : "oval:org.mitre.oval:def:12077", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12077" - }, - { - "name" : "1024664", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024664" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1024664", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024664" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-25.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html" + }, + { + "name": "oval:org.mitre.oval:def:12077", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12077" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3702.json b/2010/3xxx/CVE-2010-3702.json index cbd1a04cece..b9e08996abd 100644 --- a/2010/3xxx/CVE-2010-3702.json +++ b/2010/3xxx/CVE-2010-3702.json @@ -1,262 +1,262 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-3702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/10/04/6" - }, - { - "name" : "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf", - "refsource" : "MISC", - "url" : "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf" - }, - { - "name" : "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=595245", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=595245" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" - }, - { - "name" : "DSA-2119", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2119" - }, - { - "name" : "DSA-2135", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2135" - }, - { - "name" : "FEDORA-2010-15857", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" - }, - { - "name" : "FEDORA-2010-15911", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" - }, - { - "name" : "FEDORA-2010-15981", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" - }, - { - "name" : "FEDORA-2010-16662", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" - }, - { - "name" : "FEDORA-2010-16705", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" - }, - { - "name" : "FEDORA-2010-16744", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" - }, - { - "name" : "MDVSA-2010:228", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" - }, - { - "name" : "MDVSA-2010:229", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" - }, - { - "name" : "MDVSA-2010:230", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" - }, - { - "name" : "MDVSA-2010:231", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" - }, - { - "name" : "MDVSA-2012:144", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" - }, - { - "name" : "RHSA-2010:0749", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0749.html" - }, - { - "name" : "RHSA-2010:0750", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0750.html" - }, - { - "name" : "RHSA-2010:0751", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0751.html" - }, - { - "name" : "RHSA-2010:0752", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0752.html" - }, - { - "name" : "RHSA-2010:0753", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0753.html" - }, - { - "name" : "RHSA-2010:0754", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0754.html" - }, - { - "name" : "RHSA-2010:0755", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0755.html" - }, - { - "name" : "RHSA-2010:0859", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0859.html" - }, - { - "name" : "RHSA-2012:1201", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1201.html" - }, - { - "name" : "SSA:2010-324-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720" - }, - { - "name" : "SUSE-SR:2010:022", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" - }, - { - "name" : "SUSE-SR:2010:023", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" - }, - { - "name" : "SUSE-SR:2010:024", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" - }, - { - "name" : "USN-1005-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1005-1" - }, - { - "name" : "43845", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43845" - }, - { - "name" : "42141", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42141" - }, - { - "name" : "42397", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42397" - }, - { - "name" : "42357", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42357" - }, - { - "name" : "42691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42691" - }, - { - "name" : "43079", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43079" - }, - { - "name" : "ADV-2010-2897", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2897" - }, - { - "name" : "ADV-2010-3097", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3097" - }, - { - "name" : "ADV-2011-0230", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0230" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2010-16662", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" + }, + { + "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" + }, + { + "name": "FEDORA-2010-15857", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" + }, + { + "name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf", + "refsource": "MISC", + "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf" + }, + { + "name": "RHSA-2010:0859", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" + }, + { + "name": "42357", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42357" + }, + { + "name": "MDVSA-2010:228", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" + }, + { + "name": "ADV-2011-0230", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0230" + }, + { + "name": "RHSA-2010:0752", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" + }, + { + "name": "SUSE-SR:2010:023", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" + }, + { + "name": "MDVSA-2010:230", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" + }, + { + "name": "SUSE-SR:2010:022", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" + }, + { + "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch", + "refsource": "CONFIRM", + "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" + }, + { + "name": "RHSA-2012:1201", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" + }, + { + "name": "43845", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43845" + }, + { + "name": "MDVSA-2010:231", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" + }, + { + "name": "FEDORA-2010-16705", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" + }, + { + "name": "SSA:2010-324-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720" + }, + { + "name": "RHSA-2010:0751", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" + }, + { + "name": "42397", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42397" + }, + { + "name": "42141", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42141" + }, + { + "name": "FEDORA-2010-15911", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" + }, + { + "name": "MDVSA-2012:144", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" + }, + { + "name": "ADV-2010-3097", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3097" + }, + { + "name": "USN-1005-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1005-1" + }, + { + "name": "RHSA-2010:0749", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" + }, + { + "name": "RHSA-2010:0754", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html" + }, + { + "name": "FEDORA-2010-15981", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" + }, + { + "name": "FEDORA-2010-16744", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=595245", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245" + }, + { + "name": "ADV-2010-2897", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2897" + }, + { + "name": "42691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42691" + }, + { + "name": "DSA-2119", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2119" + }, + { + "name": "SUSE-SR:2010:024", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" + }, + { + "name": "MDVSA-2010:229", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" + }, + { + "name": "DSA-2135", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2135" + }, + { + "name": "RHSA-2010:0750", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html" + }, + { + "name": "RHSA-2010:0755", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html" + }, + { + "name": "RHSA-2010:0753", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" + }, + { + "name": "43079", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43079" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4254.json b/2010/4xxx/CVE-2010-4254.json index 6af649a692c..164cca58938 100644 --- a/2010/4xxx/CVE-2010-4254.json +++ b/2010/4xxx/CVE-2010-4254.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15974", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15974" - }, - { - "name" : "http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability", - "refsource" : "CONFIRM", - "url" : "http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=654136", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=654136" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=655847", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=655847" - }, - { - "name" : "https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399", - "refsource" : "CONFIRM", - "url" : "https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399" - }, - { - "name" : "https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358", - "refsource" : "CONFIRM", - "url" : "https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358" - }, - { - "name" : "https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac", - "refsource" : "CONFIRM", - "url" : "https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac" - }, - { - "name" : "SUSE-SR:2011:001", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html" - }, - { - "name" : "SUSE-SR:2010:024", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" - }, - { - "name" : "45051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45051" - }, - { - "name" : "42373", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42373" - }, - { - "name" : "42877", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42877" - }, - { - "name" : "ADV-2011-0076", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0076" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SR:2011:001", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html" + }, + { + "name": "42373", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42373" + }, + { + "name": "http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability", + "refsource": "CONFIRM", + "url": "http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability" + }, + { + "name": "15974", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15974" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=655847", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=655847" + }, + { + "name": "42877", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42877" + }, + { + "name": "https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399", + "refsource": "CONFIRM", + "url": "https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399" + }, + { + "name": "https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac", + "refsource": "CONFIRM", + "url": "https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac" + }, + { + "name": "45051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45051" + }, + { + "name": "ADV-2011-0076", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0076" + }, + { + "name": "SUSE-SR:2010:024", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" + }, + { + "name": "https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358", + "refsource": "CONFIRM", + "url": "https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=654136", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=654136" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4348.json b/2010/4xxx/CVE-2010-4348.json index feab9d2a490..7b751a12042 100644 --- a/2010/4xxx/CVE-2010-4348.json +++ b/2010/4xxx/CVE-2010-4348.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/12/15/4" - }, - { - "name" : "[oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/12/16/1" - }, - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php" - }, - { - "name" : "http://www.mantisbt.org/bugs/changelog_page.php?version_id=112", - "refsource" : "CONFIRM", - "url" : "http://www.mantisbt.org/bugs/changelog_page.php?version_id=112" - }, - { - "name" : "http://www.mantisbt.org/bugs/view.php?id=12607", - "refsource" : "CONFIRM", - "url" : "http://www.mantisbt.org/bugs/view.php?id=12607" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=663230", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=663230" - }, - { - "name" : "http://www.mantisbt.org/blog/?p=123", - "refsource" : "CONFIRM", - "url" : "http://www.mantisbt.org/blog/?p=123" - }, - { - "name" : "FEDORA-2010-19070", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052721.html" - }, - { - "name" : "FEDORA-2010-19078", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052730.html" - }, - { - "name" : "GLSA-201211-01", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201211-01.xml" - }, - { - "name" : "42772", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42772" - }, - { - "name" : "51199", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51199" - }, - { - "name" : "ADV-2011-0002", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0002" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0002", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0002" + }, + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php" + }, + { + "name": "[oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/12/16/1" + }, + { + "name": "GLSA-201211-01", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201211-01.xml" + }, + { + "name": "http://www.mantisbt.org/blog/?p=123", + "refsource": "CONFIRM", + "url": "http://www.mantisbt.org/blog/?p=123" + }, + { + "name": "http://www.mantisbt.org/bugs/view.php?id=12607", + "refsource": "CONFIRM", + "url": "http://www.mantisbt.org/bugs/view.php?id=12607" + }, + { + "name": "51199", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51199" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=663230", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=663230" + }, + { + "name": "FEDORA-2010-19078", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052730.html" + }, + { + "name": "[oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/12/15/4" + }, + { + "name": "42772", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42772" + }, + { + "name": "FEDORA-2010-19070", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052721.html" + }, + { + "name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=112", + "refsource": "CONFIRM", + "url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=112" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4359.json b/2010/4xxx/CVE-2010-4359.json index 1ebbe0407d2..12d97a90c17 100644 --- a/2010/4xxx/CVE-2010-4359.json +++ b/2010/4xxx/CVE-2010-4359.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4359", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows remote attackers to execute arbitrary SQL commands via the category parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4359", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15621", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15621" - }, - { - "name" : "http://packetstormsecurity.org/files/view/96131/jurpopage-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/files/view/96131/jurpopage-sql.txt" - }, - { - "name" : "45076", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45076" - }, - { - "name" : "42387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42387" - }, - { - "name" : "ADV-2010-3071", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3071" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows remote attackers to execute arbitrary SQL commands via the category parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15621", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15621" + }, + { + "name": "42387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42387" + }, + { + "name": "http://packetstormsecurity.org/files/view/96131/jurpopage-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/files/view/96131/jurpopage-sql.txt" + }, + { + "name": "ADV-2010-3071", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3071" + }, + { + "name": "45076", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45076" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4582.json b/2010/4xxx/CVE-2010-4582.json index a21ff49bfc7..e5d17808b9c 100644 --- a/2010/4xxx/CVE-2010-4582.json +++ b/2010/4xxx/CVE-2010-4582.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4582", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4582", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.opera.com/docs/changelogs/mac/1100/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/mac/1100/" - }, - { - "name" : "http://www.opera.com/docs/changelogs/unix/1100/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/unix/1100/" - }, - { - "name" : "http://www.opera.com/docs/changelogs/windows/1100/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/windows/1100/" - }, - { - "name" : "SUSE-SR:2010:024", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" - }, - { - "name" : "42653", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42653" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42653", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42653" + }, + { + "name": "http://www.opera.com/docs/changelogs/unix/1100/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/unix/1100/" + }, + { + "name": "http://www.opera.com/docs/changelogs/windows/1100/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/windows/1100/" + }, + { + "name": "http://www.opera.com/docs/changelogs/mac/1100/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/mac/1100/" + }, + { + "name": "SUSE-SR:2010:024", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0202.json b/2014/0xxx/CVE-2014-0202.json index f1b2b6758af..a8f17e1401b 100644 --- a/2014/0xxx/CVE-2014-0202.json +++ b/2014/0xxx/CVE-2014-0202.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2014:0559", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0559.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0559", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0559.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/10xxx/CVE-2014-10076.json b/2014/10xxx/CVE-2014-10076.json index 523dd42e438..16b710c6268 100644 --- a/2014/10xxx/CVE-2014-10076.json +++ b/2014/10xxx/CVE-2014-10076.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-10076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-10076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapidlabs.com/advisory.php?v=81", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/advisory.php?v=81" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapidlabs.com/advisory.php?v=81", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/advisory.php?v=81" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3617.json b/2014/3xxx/CVE-2014-3617.json index 3ff3e7aded1..26af69bb192 100644 --- a/2014/3xxx/CVE-2014-3617.json +++ b/2014/3xxx/CVE-2014-3617.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3617", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3617", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140915 Moodle security notifications public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/09/15/1" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=269591", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=269591" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619" + }, + { + "name": "[oss-security] 20140915 Moodle security notifications public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/09/15/1" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=269591", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=269591" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4338.json b/2014/4xxx/CVE-2014-4338.json index 4f24b7ffbc4..e014f9eeae4 100644 --- a/2014/4xxx/CVE-2014-4338.json +++ b/2014/4xxx/CVE-2014-4338.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-4338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140425 Re: Re: cups-browsed remote exploit", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/04/25/7" - }, - { - "name" : "[oss-security] 20140619 Re: cups-browsed remote exploit", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/06/19/12" - }, - { - "name" : "https://bugs.linuxfoundation.org/show_bug.cgi?id=1204", - "refsource" : "CONFIRM", - "url" : "https://bugs.linuxfoundation.org/show_bug.cgi?id=1204" - }, - { - "name" : "RHSA-2014:1795", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1795.html" - }, - { - "name" : "68124", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68124" - }, - { - "name" : "62044", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62044" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:1795", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1795.html" + }, + { + "name": "68124", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68124" + }, + { + "name": "https://bugs.linuxfoundation.org/show_bug.cgi?id=1204", + "refsource": "CONFIRM", + "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=1204" + }, + { + "name": "62044", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62044" + }, + { + "name": "[oss-security] 20140425 Re: Re: cups-browsed remote exploit", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/04/25/7" + }, + { + "name": "[oss-security] 20140619 Re: cups-browsed remote exploit", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/06/19/12" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8138.json b/2014/8xxx/CVE-2014-8138.json index 0ede90924c2..58a08a7b297 100644 --- a/2014/8xxx/CVE-2014-8138.json +++ b/2014/8xxx/CVE-2014-8138.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-8138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ocert.org/advisories/ocert-2014-012.html", - "refsource" : "MISC", - "url" : "https://www.ocert.org/advisories/ocert-2014-012.html" - }, - { - "name" : "http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0539.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0539.html" - }, - { - "name" : "DSA-3106", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3106" - }, - { - "name" : "MDVSA-2015:012", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:012" - }, - { - "name" : "MDVSA-2015:159", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:159" - }, - { - "name" : "RHSA-2014:2021", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-2021.html" - }, - { - "name" : "RHSA-2015:0698", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0698.html" - }, - { - "name" : "RHSA-2015:1713", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1713.html" - }, - { - "name" : "SSA:2015-302-02", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606" - }, - { - "name" : "openSUSE-SU-2015:0038", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:0039", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00014.html" - }, - { - "name" : "openSUSE-SU-2015:0042", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00017.html" - }, - { - "name" : "USN-2483-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2483-1" - }, - { - "name" : "USN-2483-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2483-2" - }, - { - "name" : "71746", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71746" - }, - { - "name" : "1033459", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033459" - }, - { - "name" : "61747", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61747" - }, - { - "name" : "62311", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62311" - }, - { - "name" : "62615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62615" - }, - { - "name" : "62619", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2015:012", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:012" + }, + { + "name": "DSA-3106", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3106" + }, + { + "name": "62619", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62619" + }, + { + "name": "openSUSE-SU-2015:0038", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00013.html" + }, + { + "name": "openSUSE-SU-2015:0042", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00017.html" + }, + { + "name": "61747", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61747" + }, + { + "name": "http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html" + }, + { + "name": "USN-2483-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2483-2" + }, + { + "name": "USN-2483-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2483-1" + }, + { + "name": "https://www.ocert.org/advisories/ocert-2014-012.html", + "refsource": "MISC", + "url": "https://www.ocert.org/advisories/ocert-2014-012.html" + }, + { + "name": "62615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62615" + }, + { + "name": "1033459", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033459" + }, + { + "name": "RHSA-2015:0698", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" + }, + { + "name": "openSUSE-SU-2015:0039", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00014.html" + }, + { + "name": "62311", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62311" + }, + { + "name": "RHSA-2014:2021", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-2021.html" + }, + { + "name": "71746", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71746" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0539.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0539.html" + }, + { + "name": "SSA:2015-302-02", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606" + }, + { + "name": "MDVSA-2015:159", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:159" + }, + { + "name": "RHSA-2015:1713", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1713.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8449.json b/2014/8xxx/CVE-2014-8449.json index d009f3ca5a2..ad37caaae82 100644 --- a/2014/8xxx/CVE-2014-8449.json +++ b/2014/8xxx/CVE-2014-8449.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-8449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/reader/apsb14-28.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/reader/apsb14-28.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://helpx.adobe.com/security/products/reader/apsb14-28.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8738.json b/2014/8xxx/CVE-2014-8738.json index c50a45db9e7..4acf6452ad7 100644 --- a/2014/8xxx/CVE-2014-8738.json +++ b/2014/8xxx/CVE-2014-8738.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8738", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8738", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20141103 Re: Re: strings / libbfd crasher", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/11/02/4" - }, - { - "name" : "[oss-security] 20141105 Re: Re: strings / libbfd crasher", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/11/05/7" - }, - { - "name" : "[oss-security] 20141113 Re: strings / libbfd crasher", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/11/13/2" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=17533", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=17533" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3123", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3123" - }, - { - "name" : "FEDORA-2014-17586", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147354.html" - }, - { - "name" : "FEDORA-2014-17603", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147346.html" - }, - { - "name" : "FEDORA-2015-0471", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148427.html" - }, - { - "name" : "FEDORA-2015-0750", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148438.html" - }, - { - "name" : "GLSA-201612-24", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-24" - }, - { - "name" : "MDVSA-2015:029", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:029" - }, - { - "name" : "USN-2496-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2496-1" - }, - { - "name" : "71083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71083" - }, - { - "name" : "62241", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62241" - }, - { - "name" : "62746", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62746" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62241", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62241" + }, + { + "name": "[oss-security] 20141105 Re: Re: strings / libbfd crasher", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/11/05/7" + }, + { + "name": "MDVSA-2015:029", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:029" + }, + { + "name": "FEDORA-2015-0750", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148438.html" + }, + { + "name": "USN-2496-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2496-1" + }, + { + "name": "[oss-security] 20141103 Re: Re: strings / libbfd crasher", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/11/02/4" + }, + { + "name": "[oss-security] 20141113 Re: strings / libbfd crasher", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/11/13/2" + }, + { + "name": "71083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71083" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "FEDORA-2014-17603", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147346.html" + }, + { + "name": "FEDORA-2015-0471", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148427.html" + }, + { + "name": "62746", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62746" + }, + { + "name": "FEDORA-2014-17586", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147354.html" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f", + "refsource": "CONFIRM", + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17533", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17533" + }, + { + "name": "DSA-3123", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3123" + }, + { + "name": "GLSA-201612-24", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-24" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9215.json b/2014/9xxx/CVE-2014-9215.json index 22400241be3..90f946a4788 100644 --- a/2014/9xxx/CVE-2014-9215.json +++ b/2014/9xxx/CVE-2014-9215.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the forget page vector is already covered by CVE-2012-4034.2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141204 CVE-2014-9215 - SQL Injection in PBBoard CMS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534149/100/0/threaded" - }, - { - "name" : "http://www.itas.vn/news/ITAS-Team-discovered-SQL-Injection-in-PBBoard-CMS-68.html", - "refsource" : "MISC", - "url" : "http://www.itas.vn/news/ITAS-Team-discovered-SQL-Injection-in-PBBoard-CMS-68.html" - }, - { - "name" : "https://www.youtube.com/watch?v=AQiGvH5xrJg", - "refsource" : "MISC", - "url" : "https://www.youtube.com/watch?v=AQiGvH5xrJg" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the forget page vector is already covered by CVE-2012-4034.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20141204 CVE-2014-9215 - SQL Injection in PBBoard CMS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534149/100/0/threaded" + }, + { + "name": "https://www.youtube.com/watch?v=AQiGvH5xrJg", + "refsource": "MISC", + "url": "https://www.youtube.com/watch?v=AQiGvH5xrJg" + }, + { + "name": "http://www.itas.vn/news/ITAS-Team-discovered-SQL-Injection-in-PBBoard-CMS-68.html", + "refsource": "MISC", + "url": "http://www.itas.vn/news/ITAS-Team-discovered-SQL-Injection-in-PBBoard-CMS-68.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9419.json b/2014/9xxx/CVE-2014-9419.json index 3c9a35dbe4e..019e4a1e1fd 100644 --- a/2014/9xxx/CVE-2014-9419.json +++ b/2014/9xxx/CVE-2014-9419.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20141225 Re: CVE Request: Linux x86_64 userspace address leak", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/12/25/1" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f647d7c155f069c1a068030255c300663516420e", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f647d7c155f069c1a068030255c300663516420e" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1177260", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1177260" - }, - { - "name" : "https://github.com/torvalds/linux/commit/f647d7c155f069c1a068030255c300663516420e", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/f647d7c155f069c1a068030255c300663516420e" - }, - { - "name" : "DSA-3128", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3128" - }, - { - "name" : "FEDORA-2015-0515", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html" - }, - { - "name" : "FEDORA-2015-0517", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html" - }, - { - "name" : "MDVSA-2015:058", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058" - }, - { - "name" : "RHSA-2015:1081", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1081.html" - }, - { - "name" : "SUSE-SU-2015:0529", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html" - }, - { - "name" : "SUSE-SU-2015:0736", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html" - }, - { - "name" : "openSUSE-SU-2015:0714", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html" - }, - { - "name" : "USN-2515-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2515-1" - }, - { - "name" : "USN-2516-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2516-1" - }, - { - "name" : "USN-2517-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2517-1" - }, - { - "name" : "USN-2518-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2518-1" - }, - { - "name" : "USN-2541-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2541-1" - }, - { - "name" : "USN-2542-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2542-1" - }, - { - "name" : "71794", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71794" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-0517", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html" + }, + { + "name": "USN-2515-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2515-1" + }, + { + "name": "https://github.com/torvalds/linux/commit/f647d7c155f069c1a068030255c300663516420e", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/f647d7c155f069c1a068030255c300663516420e" + }, + { + "name": "USN-2542-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2542-1" + }, + { + "name": "SUSE-SU-2015:0736", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html" + }, + { + "name": "USN-2541-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2541-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1177260", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1177260" + }, + { + "name": "USN-2518-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2518-1" + }, + { + "name": "MDVSA-2015:058", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058" + }, + { + "name": "FEDORA-2015-0515", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html" + }, + { + "name": "71794", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71794" + }, + { + "name": "SUSE-SU-2015:0529", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html" + }, + { + "name": "[oss-security] 20141225 Re: CVE Request: Linux x86_64 userspace address leak", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/12/25/1" + }, + { + "name": "USN-2517-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2517-1" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f647d7c155f069c1a068030255c300663516420e", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f647d7c155f069c1a068030255c300663516420e" + }, + { + "name": "openSUSE-SU-2015:0714", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html" + }, + { + "name": "DSA-3128", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3128" + }, + { + "name": "USN-2516-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2516-1" + }, + { + "name": "RHSA-2015:1081", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1081.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9538.json b/2014/9xxx/CVE-2014-9538.json index ad1b01ae695..90b9ba1fa68 100644 --- a/2014/9xxx/CVE-2014-9538.json +++ b/2014/9xxx/CVE-2014-9538.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9538", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9538", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9594.json b/2014/9xxx/CVE-2014-9594.json index e89a17aa2f1..a391100c156 100644 --- a/2014/9xxx/CVE-2014-9594.json +++ b/2014/9xxx/CVE-2014-9594.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9594", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the ABAP VM, aka SAP Note 2059734." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9594", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://erpscan.io/advisories/erpscan-14-025-sap-kernel-rce-dos/", - "refsource" : "MISC", - "url" : "https://erpscan.io/advisories/erpscan-14-025-sap-kernel-rce-dos/" - }, - { - "name" : "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/", - "refsource" : "MISC", - "url" : "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/" - }, - { - "name" : "62150", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62150" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the ABAP VM, aka SAP Note 2059734." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62150", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62150" + }, + { + "name": "https://erpscan.io/advisories/erpscan-14-025-sap-kernel-rce-dos/", + "refsource": "MISC", + "url": "https://erpscan.io/advisories/erpscan-14-025-sap-kernel-rce-dos/" + }, + { + "name": "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/", + "refsource": "MISC", + "url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-december-2014/" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9856.json b/2014/9xxx/CVE-2014-9856.json index b2438196b3d..b5110d1aaba 100644 --- a/2014/9xxx/CVE-2014-9856.json +++ b/2014/9xxx/CVE-2014-9856.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9856", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9856", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9935.json b/2014/9xxx/CVE-2014-9935.json index 8a021b2a7ad..cd0de65ada0 100644 --- a/2014/9xxx/CVE-2014-9935.json +++ b/2014/9xxx/CVE-2014-9935.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2014-9935", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm Products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer Overflow to Buffer Overflow Vulnerability in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2014-9935", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm Products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-04-01" - }, - { - "name" : "97329", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97329" - }, - { - "name" : "1038201", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow to Buffer Overflow Vulnerability in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-04-01" + }, + { + "name": "97329", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97329" + }, + { + "name": "1038201", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038201" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2089.json b/2016/2xxx/CVE-2016-2089.json index b8dea0fb878..75bb842dc4e 100644 --- a/2016/2xxx/CVE-2016-2089.json +++ b/2016/2xxx/CVE-2016-2089.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160128 Re: invalid Read in the JasPer's jas_matrix_clip() function", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/28/6" - }, - { - "name" : "[oss-security] 20160128 invalid Read in the JasPer's jas_matrix_clip() function", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/28/4" - }, - { - "name" : "DSA-3508", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3508" - }, - { - "name" : "RHSA-2017:1208", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1208" - }, - { - "name" : "openSUSE-SU-2016:0408", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html" - }, - { - "name" : "openSUSE-SU-2016:0413", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html" - }, - { - "name" : "83108", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/83108" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3508", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3508" + }, + { + "name": "83108", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/83108" + }, + { + "name": "[oss-security] 20160128 Re: invalid Read in the JasPer's jas_matrix_clip() function", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/28/6" + }, + { + "name": "RHSA-2017:1208", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1208" + }, + { + "name": "[oss-security] 20160128 invalid Read in the JasPer's jas_matrix_clip() function", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/28/4" + }, + { + "name": "openSUSE-SU-2016:0408", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html" + }, + { + "name": "openSUSE-SU-2016:0413", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2297.json b/2016/2xxx/CVE-2016-2297.json index 3cb18af6892..b302e2f653d 100644 --- a/2016/2xxx/CVE-2016-2297.json +++ b/2016/2xxx/CVE-2016-2297.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2297", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-2297", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160517 [ICS] Meteocontrol WEB'log Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/May/52" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160517 [ICS] Meteocontrol WEB'log Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/May/52" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2701.json b/2016/2xxx/CVE-2016-2701.json index 5c608c13d9a..79ddf23f974 100644 --- a/2016/2xxx/CVE-2016-2701.json +++ b/2016/2xxx/CVE-2016-2701.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2701", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-2701", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3383.json b/2016/3xxx/CVE-2016-3383.json index 284005616f3..d0e3b0b8232 100644 --- a/2016/3xxx/CVE-2016-3383.json +++ b/2016/3xxx/CVE-2016-3383.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-118", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118" - }, - { - "name" : "93396", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93396" - }, - { - "name" : "1036992", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036992" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-118", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118" + }, + { + "name": "93396", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93396" + }, + { + "name": "1036992", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036992" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3412.json b/2016/3xxx/CVE-2016-3412.json index 7f4ca5a0402..b1cf4a9c9f2 100644 --- a/2016/3xxx/CVE-2016-3412.json +++ b/2016/3xxx/CVE-2016-3412.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103997, 104413, 104414, 104777, and 104791." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0", - "refsource" : "CONFIRM", - "url" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0" - }, - { - "name" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", - "refsource" : "CONFIRM", - "url" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" - }, - { - "name" : "95899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103997, 104413, 104414, 104777, and 104791." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95899" + }, + { + "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0", + "refsource": "CONFIRM", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0" + }, + { + "name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", + "refsource": "CONFIRM", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3434.json b/2016/3xxx/CVE-2016-3434.json index 63365d9f34c..5a21e63d22e 100644 --- a/2016/3xxx/CVE-2016-3434.json +++ b/2016/3xxx/CVE-2016-3434.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3434", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Logout." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3434", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035603", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035603" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Logout." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "1035603", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035603" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3753.json b/2016/3xxx/CVE-2016-3753.json index d69c5a51ed8..5e147658fd7 100644 --- a/2016/3xxx/CVE-2016-3753.json +++ b/2016/3xxx/CVE-2016-3753.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3753", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mediaserver in Android 4.x before 4.4.4 allows remote attackers to obtain sensitive information via unspecified vectors, aka internal bug 27210135." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3753", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-07-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-07-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mediaserver in Android 4.x before 4.4.4 allows remote attackers to obtain sensitive information via unspecified vectors, aka internal bug 27210135." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-07-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-07-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6442.json b/2016/6xxx/CVE-2016-6442.json index 3e8dc65f9f5..877496a8116 100644 --- a/2016/6xxx/CVE-2016-6442.json +++ b/2016/6xxx/CVE-2016-6442.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2016-6442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Finesse 11.0(1)", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco Finesse 11.0(1)" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. More Information: CSCvb57213. Known Affected Releases: 11.0(1)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-6442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Finesse 11.0(1)", + "version": { + "version_data": [ + { + "version_value": "Cisco Finesse 11.0(1)" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-fin", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-fin" - }, - { - "name" : "93519", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93519" - }, - { - "name" : "1037004", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037004" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. More Information: CSCvb57213. Known Affected Releases: 11.0(1)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037004", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037004" + }, + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-fin", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-fin" + }, + { + "name": "93519", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93519" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6762.json b/2016/6xxx/CVE-2016-6762.json index f758e5052de..27ff0b0f5d0 100644 --- a/2016/6xxx/CVE-2016-6762.json +++ b/2016/6xxx/CVE-2016-6762.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-6762", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-5.0.2" - }, - { - "version_value" : "Android-5.1.1" - }, - { - "version_value" : "Android-6.0" - }, - { - "version_value" : "Android-6.0.1" - }, - { - "version_value" : "Android-7.0" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31251826." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-6762", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-5.0.2" + }, + { + "version_value": "Android-5.1.1" + }, + { + "version_value": "Android-6.0" + }, + { + "version_value": "Android-6.0.1" + }, + { + "version_value": "Android-7.0" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2016-12-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2016-12-01.html" - }, - { - "name" : "94700", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94700" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31251826." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2016-12-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2016-12-01.html" + }, + { + "name": "94700", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94700" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7152.json b/2016/7xxx/CVE-2016-7152.json index 41bf4d056be..d44f06136e2 100644 --- a/2016/7xxx/CVE-2016-7152.json +++ b/2016/7xxx/CVE-2016-7152.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7152", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a \"HEIST\" attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7152", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/", - "refsource" : "MISC", - "url" : "http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/" - }, - { - "name" : "https://tom.vg/papers/heist_blackhat2016.pdf", - "refsource" : "MISC", - "url" : "https://tom.vg/papers/heist_blackhat2016.pdf" - }, - { - "name" : "92769", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92769" - }, - { - "name" : "1036744", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036744" - }, - { - "name" : "1036741", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036741" - }, - { - "name" : "1036742", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036742" - }, - { - "name" : "1036743", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036743" - }, - { - "name" : "1036745", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036745" - }, - { - "name" : "1036746", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036746" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a \"HEIST\" attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036741", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036741" + }, + { + "name": "1036742", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036742" + }, + { + "name": "92769", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92769" + }, + { + "name": "https://tom.vg/papers/heist_blackhat2016.pdf", + "refsource": "MISC", + "url": "https://tom.vg/papers/heist_blackhat2016.pdf" + }, + { + "name": "1036745", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036745" + }, + { + "name": "http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/", + "refsource": "MISC", + "url": "http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/" + }, + { + "name": "1036744", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036744" + }, + { + "name": "1036743", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036743" + }, + { + "name": "1036746", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036746" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7202.json b/2016/7xxx/CVE-2016-7202.json index b9f49024adb..c20df7e2c80 100644 --- a/2016/7xxx/CVE-2016-7202.json +++ b/2016/7xxx/CVE-2016-7202.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40786", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40786/" - }, - { - "name" : "40793", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40793/" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-593", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-593" - }, - { - "name" : "MS16-129", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129" - }, - { - "name" : "MS16-144", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-144" - }, - { - "name" : "94042", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94042" - }, - { - "name" : "1037245", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037245" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40793", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40793/" + }, + { + "name": "MS16-129", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129" + }, + { + "name": "MS16-144", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-144" + }, + { + "name": "40786", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40786/" + }, + { + "name": "94042", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94042" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-593", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-593" + }, + { + "name": "1037245", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037245" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7748.json b/2016/7xxx/CVE-2016-7748.json index 83b11ed4fb8..1d2e1316f81 100644 --- a/2016/7xxx/CVE-2016-7748.json +++ b/2016/7xxx/CVE-2016-7748.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7748", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7748", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7901.json b/2016/7xxx/CVE-2016-7901.json index ffe8e8f8a23..c173b98c3dc 100644 --- a/2016/7xxx/CVE-2016-7901.json +++ b/2016/7xxx/CVE-2016-7901.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7901", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7901", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file