diff --git a/2005/0xxx/CVE-2005-0151.json b/2005/0xxx/CVE-2005-0151.json index a322a035177..7f7cc61af9f 100644 --- a/2005/0xxx/CVE-2005-0151.json +++ b/2005/0xxx/CVE-2005-0151.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0151", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0151", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/techdocs/331688.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/techdocs/331688.html" - }, - { - "name" : "1014168", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014168" - }, - { - "name" : "1014169", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014169" - }, - { - "name" : "1014170", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014170" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1014168", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014168" + }, + { + "name": "http://www.adobe.com/support/techdocs/331688.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/techdocs/331688.html" + }, + { + "name": "1014170", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014170" + }, + { + "name": "1014169", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014169" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0227.json b/2005/0xxx/CVE-2005-0227.json index 68fa7f9c665..b83e5216fa7 100644 --- a/2005/0xxx/CVE-2005-0227.json +++ b/2005/0xxx/CVE-2005-0227.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0227", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2005-0227", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[pgsql-bugs] 20050121 Privilege escalation via LOAD", - "refsource" : "MLIST", - "url" : "http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php" - }, - { - "name" : "[pgsql-announce] 20050201 PostgreSQL Security Release", - "refsource" : "MLIST", - "url" : "http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php" - }, - { - "name" : "DSA-668", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-668" - }, - { - "name" : "200502-08", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200502-08.xml" - }, - { - "name" : "MDKSA-2005:040", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:040" - }, - { - "name" : "RHSA-2005:138", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-138.html" - }, - { - "name" : "RHSA-2005:150", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-150.html" - }, - { - "name" : "SUSE-SA:2005:036", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_36_sudo.html" - }, - { - "name" : "2005-0003", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2005/0003/" - }, - { - "name" : "20050201 [USN-71-1] PostgreSQL vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110726899107148&w=2" - }, - { - "name" : "12411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12411" - }, - { - "name" : "oval:org.mitre.oval:def:10234", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234" - }, - { - "name" : "12948", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12948" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "200502-08", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200502-08.xml" + }, + { + "name": "2005-0003", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2005/0003/" + }, + { + "name": "DSA-668", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-668" + }, + { + "name": "[pgsql-announce] 20050201 PostgreSQL Security Release", + "refsource": "MLIST", + "url": "http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php" + }, + { + "name": "12411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12411" + }, + { + "name": "MDKSA-2005:040", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:040" + }, + { + "name": "[pgsql-bugs] 20050121 Privilege escalation via LOAD", + "refsource": "MLIST", + "url": "http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php" + }, + { + "name": "oval:org.mitre.oval:def:10234", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234" + }, + { + "name": "RHSA-2005:138", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-138.html" + }, + { + "name": "12948", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12948" + }, + { + "name": "RHSA-2005:150", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-150.html" + }, + { + "name": "20050201 [USN-71-1] PostgreSQL vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110726899107148&w=2" + }, + { + "name": "SUSE-SA:2005:036", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0391.json b/2005/0xxx/CVE-2005-0391.json index 87d41f72aa7..5d3e2c746a0 100644 --- a/2005/0xxx/CVE-2005-0391.json +++ b/2005/0xxx/CVE-2005-0391.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2005-0391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-712", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-712" - }, - { - "name" : "geneweb-insecure-file-permission(20176)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20176" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "geneweb-insecure-file-permission(20176)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20176" + }, + { + "name": "DSA-712", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-712" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0858.json b/2005/0xxx/CVE-2005-0858.json index 442290becb7..fcee2522461 100644 --- a/2005/0xxx/CVE-2005-0858.json +++ b/2005/0xxx/CVE-2005-0858.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0858", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0858", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "12852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12852" - }, - { - "name" : "1013474", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1013474" - }, - { - "name" : "coolforum-adminentete-sql-injection(19759)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19759" - }, - { - "name" : "coolforum-register-sql-injection(19761)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19761" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "coolforum-register-sql-injection(19761)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19761" + }, + { + "name": "coolforum-adminentete-sql-injection(19759)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19759" + }, + { + "name": "12852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12852" + }, + { + "name": "1013474", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1013474" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0963.json b/2005/0xxx/CVE-2005-0963.json index c07d90b7e46..e1ef8c44497 100644 --- a/2005/0xxx/CVE-2005-0963.json +++ b/2005/0xxx/CVE-2005-0963.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050329 Portcullis Security Advisory 05-011 ACPI 1.6 BIOS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111214319914810&w=2" - }, - { - "name" : "20050331 Re: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111229708208629&w=2" - }, - { - "name" : "20050331 RE: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111229803502643&w=2" - }, - { - "name" : "toshiba-acpi-bios-dos(19895)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050331 Re: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111229708208629&w=2" + }, + { + "name": "20050331 RE: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111229803502643&w=2" + }, + { + "name": "toshiba-acpi-bios-dos(19895)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19895" + }, + { + "name": "20050329 Portcullis Security Advisory 05-011 ACPI 1.6 BIOS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111214319914810&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2272.json b/2005/2xxx/CVE-2005-2272.json index 1d7f7069fe9..b38fcd2b4e5 100644 --- a/2005/2xxx/CVE-2005-2272.json +++ b/2005/2xxx/CVE-2005-2272.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2272", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the \"Dialog Origin Spoofing Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2272", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2005-12/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2005-12/advisory/" - }, - { - "name" : "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/", - "refsource" : "MISC", - "url" : "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/" - }, - { - "name" : "APPLE-SA-2005-11-29", - "refsource" : "APPLE", - "url" : "http://docs.info.apple.com/article.html?artnum=302847" - }, - { - "name" : "14011", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14011" - }, - { - "name" : "ADV-2005-2659", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2659" - }, - { - "name" : "17397", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/17397" - }, - { - "name" : "1015294", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015294" - }, - { - "name" : "15474", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15474" - }, - { - "name" : "17813", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17813" - }, - { - "name" : "mozilla-javascript-dialog-box-spoofing(21070)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21070" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the \"Dialog Origin Spoofing Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17813", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17813" + }, + { + "name": "ADV-2005-2659", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2659" + }, + { + "name": "17397", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/17397" + }, + { + "name": "1015294", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015294" + }, + { + "name": "APPLE-SA-2005-11-29", + "refsource": "APPLE", + "url": "http://docs.info.apple.com/article.html?artnum=302847" + }, + { + "name": "15474", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15474" + }, + { + "name": "mozilla-javascript-dialog-box-spoofing(21070)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21070" + }, + { + "name": "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/", + "refsource": "MISC", + "url": "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/" + }, + { + "name": "http://secunia.com/secunia_research/2005-12/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2005-12/advisory/" + }, + { + "name": "14011", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14011" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2452.json b/2005/2xxx/CVE-2005-2452.json index 8246384866c..9c8b9b9d248 100644 --- a/2005/2xxx/CVE-2005-2452.json +++ b/2005/2xxx/CVE-2005-2452.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero \"YCbCr subsampling\" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MDKSA-2005:142", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:142" - }, - { - "name" : "MDKSA-2005:143", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:143" - }, - { - "name" : "MDKSA-2005:144", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:144" - }, - { - "name" : "USN-156-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/156-1/" - }, - { - "name" : "https://bugzilla.ubuntu.com/show_bug.cgi?id=12008", - "refsource" : "MISC", - "url" : "https://bugzilla.ubuntu.com/show_bug.cgi?id=12008" - }, - { - "name" : "14417", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14417" - }, - { - "name" : "16266", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16266" - }, - { - "name" : "16486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16486" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero \"YCbCr subsampling\" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.ubuntu.com/show_bug.cgi?id=12008", + "refsource": "MISC", + "url": "https://bugzilla.ubuntu.com/show_bug.cgi?id=12008" + }, + { + "name": "MDKSA-2005:143", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:143" + }, + { + "name": "16486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16486" + }, + { + "name": "MDKSA-2005:144", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:144" + }, + { + "name": "USN-156-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/156-1/" + }, + { + "name": "16266", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16266" + }, + { + "name": "14417", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14417" + }, + { + "name": "MDKSA-2005:142", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:142" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2750.json b/2005/2xxx/CVE-2005-2750.json index 48dba851069..2edd3d0e868 100644 --- a/2005/2xxx/CVE-2005-2750.json +++ b/2005/2xxx/CVE-2005-2750.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-10-31", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html" - }, - { - "name" : "15252", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15252" - }, - { - "name" : "ADV-2005-2256", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2256" - }, - { - "name" : "20428", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20428" - }, - { - "name" : "1015124", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015124" - }, - { - "name" : "17368", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17368" - }, - { - "name" : "macos-softwareupdate-weak-security(44464)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44464" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "macos-softwareupdate-weak-security(44464)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44464" + }, + { + "name": "ADV-2005-2256", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2256" + }, + { + "name": "17368", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17368" + }, + { + "name": "1015124", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015124" + }, + { + "name": "APPLE-SA-2005-10-31", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html" + }, + { + "name": "15252", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15252" + }, + { + "name": "20428", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20428" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3084.json b/2005/3xxx/CVE-2005-3084.json index 9923bc7f1f2..9d4d631299a 100644 --- a/2005/3xxx/CVE-2005-3084.json +++ b/2005/3xxx/CVE-2005-3084.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pspupdates.qj.net/2005/09/20-overflow-found-and-working.html", - "refsource" : "MISC", - "url" : "http://pspupdates.qj.net/2005/09/20-overflow-found-and-working.html" - }, - { - "name" : "16922", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16922" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://pspupdates.qj.net/2005/09/20-overflow-found-and-working.html", + "refsource": "MISC", + "url": "http://pspupdates.qj.net/2005/09/20-overflow-found-and-working.html" + }, + { + "name": "16922", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16922" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3757.json b/2005/3xxx/CVE-2005-3757.json index 86b61a3464e..2a0f924c03e 100644 --- a/2005/3xxx/CVE-2005-3757.json +++ b/2005/3xxx/CVE-2005-3757.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3757", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3757", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051121 Google Search Appliance proxystylesheet Flaws", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/417310/30/0/threaded" - }, - { - "name" : "http://metasploit.com/research/vulns/google_proxystylesheet/", - "refsource" : "MISC", - "url" : "http://metasploit.com/research/vulns/google_proxystylesheet/" - }, - { - "name" : "15509", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15509" - }, - { - "name" : "ADV-2005-2500", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2500" - }, - { - "name" : "20981", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20981" - }, - { - "name" : "1015246", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015246" - }, - { - "name" : "17644", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17644" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17644", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17644" + }, + { + "name": "http://metasploit.com/research/vulns/google_proxystylesheet/", + "refsource": "MISC", + "url": "http://metasploit.com/research/vulns/google_proxystylesheet/" + }, + { + "name": "20051121 Google Search Appliance proxystylesheet Flaws", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/417310/30/0/threaded" + }, + { + "name": "ADV-2005-2500", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2500" + }, + { + "name": "15509", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15509" + }, + { + "name": "1015246", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015246" + }, + { + "name": "20981", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20981" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3915.json b/2005/3xxx/CVE-2005-3915.json index 9f789236492..01474894fdb 100644 --- a/2005/3xxx/CVE-2005-3915.json +++ b/2005/3xxx/CVE-2005-3915.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3915", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3915", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.clavister.com/support/support_update_ISAKMP.html", - "refsource" : "CONFIRM", - "url" : "http://www.clavister.com/support/support_update_ISAKMP.html" - }, - { - "name" : "15560", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15560" - }, - { - "name" : "ADV-2005-2566", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2566" - }, - { - "name" : "17663", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17663", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17663" + }, + { + "name": "http://www.clavister.com/support/support_update_ISAKMP.html", + "refsource": "CONFIRM", + "url": "http://www.clavister.com/support/support_update_ISAKMP.html" + }, + { + "name": "ADV-2005-2566", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2566" + }, + { + "name": "15560", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15560" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4699.json b/2005/4xxx/CVE-2005-4699.json index 0d3e9d499d7..1adfd7251ce 100644 --- a/2005/4xxx/CVE-2005-4699.json +++ b/2005/4xxx/CVE-2005-4699.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4699", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via \"--\" style options in the q_Host parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4699", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051005 Tellme 1.2", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0107.html" - }, - { - "name" : "http://exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt", - "refsource" : "MISC", - "url" : "http://exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt" - }, - { - "name" : "http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff", - "refsource" : "CONFIRM", - "url" : "http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff" - }, - { - "name" : "19871", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/19871" - }, - { - "name" : "17078", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17078" - }, - { - "name" : "tellme-index-command-option(22522)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22522" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via \"--\" style options in the q_Host parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "tellme-index-command-option(22522)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22522" + }, + { + "name": "20051005 Tellme 1.2", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0107.html" + }, + { + "name": "http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff", + "refsource": "CONFIRM", + "url": "http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff" + }, + { + "name": "http://exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt", + "refsource": "MISC", + "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt" + }, + { + "name": "17078", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17078" + }, + { + "name": "19871", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/19871" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4726.json b/2005/4xxx/CVE-2005-4726.json index 82a1d93df0a..59ceac52af9 100644 --- a/2005/4xxx/CVE-2005-4726.json +++ b/2005/4xxx/CVE-2005-4726.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MUTE 0.4 uses improper flood protection algorithms, which allows remote attackers to obtain sensitive information (privacy leak and search result data) by controlling a drop chain neighbor that is near the end of a message chain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[mute-net-discuss] 20050317 Houston, Houston we have problem!", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_id=11184523" - }, - { - "name" : "[mute-net-discuss] 20050318 Re: Houston, Houston we have problem!", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_id=11200225" - }, - { - "name" : "23335", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MUTE 0.4 uses improper flood protection algorithms, which allows remote attackers to obtain sensitive information (privacy leak and search result data) by controlling a drop chain neighbor that is near the end of a message chain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23335", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23335" + }, + { + "name": "[mute-net-discuss] 20050318 Re: Houston, Houston we have problem!", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_id=11200225" + }, + { + "name": "[mute-net-discuss] 20050317 Houston, Houston we have problem!", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_id=11184523" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0022.json b/2009/0xxx/CVE-2009-0022.json index ebbbd0e5f4e..cbc378a9874 100644 --- a/2009/0xxx/CVE-2009-0022.json +++ b/2009/0xxx/CVE-2009-0022.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2009-0022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://master.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch", - "refsource" : "MISC", - "url" : "http://master.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch" - }, - { - "name" : "http://www.samba.org/samba/security/CVE-2009-0022.html", - "refsource" : "CONFIRM", - "url" : "http://www.samba.org/samba/security/CVE-2009-0022.html" - }, - { - "name" : "FEDORA-2009-0268", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00309.html" - }, - { - "name" : "MDVSA-2009:042", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:042" - }, - { - "name" : "USN-702-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/702-1/" - }, - { - "name" : "33118", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33118" - }, - { - "name" : "1021513", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021513" - }, - { - "name" : "33392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33392" - }, - { - "name" : "ADV-2009-0017", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0017" - }, - { - "name" : "51152", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/51152" - }, - { - "name" : "33379", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33379" - }, - { - "name" : "33431", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33431" - }, - { - "name" : "samba-file-system-security-bypass(47733)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47733" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://master.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch", + "refsource": "MISC", + "url": "http://master.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch" + }, + { + "name": "MDVSA-2009:042", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:042" + }, + { + "name": "33392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33392" + }, + { + "name": "samba-file-system-security-bypass(47733)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47733" + }, + { + "name": "1021513", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021513" + }, + { + "name": "FEDORA-2009-0268", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00309.html" + }, + { + "name": "33118", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33118" + }, + { + "name": "USN-702-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/702-1/" + }, + { + "name": "http://www.samba.org/samba/security/CVE-2009-0022.html", + "refsource": "CONFIRM", + "url": "http://www.samba.org/samba/security/CVE-2009-0022.html" + }, + { + "name": "51152", + "refsource": "OSVDB", + "url": "http://osvdb.org/51152" + }, + { + "name": "33379", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33379" + }, + { + "name": "33431", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33431" + }, + { + "name": "ADV-2009-0017", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0017" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0607.json b/2009/0xxx/CVE-2009-0607.json index 5ac452f8007..afc94faa15c 100644 --- a/2009/0xxx/CVE-2009-0607.json +++ b/2009/0xxx/CVE-2009-0607.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0607", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0607", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090208 rooting your own phone: android security", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/500753/100/0/threaded" - }, - { - "name" : "33695", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33695" - }, - { - "name" : "android-malloc-overflow(48841)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48841" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33695", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33695" + }, + { + "name": "20090208 rooting your own phone: android security", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/500753/100/0/threaded" + }, + { + "name": "android-malloc-overflow(48841)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48841" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2392.json b/2009/2xxx/CVE-2009-2392.json index 743bd0a385e..8269ff2b86d 100644 --- a/2009/2xxx/CVE-2009-2392.json +++ b/2009/2xxx/CVE-2009-2392.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2392", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2392", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9022", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9022" - }, - { - "name" : "35591", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35591" - }, - { - "name" : "virtue-text-sql-injection(51387)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51387" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "virtue-text-sql-injection(51387)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51387" + }, + { + "name": "9022", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9022" + }, + { + "name": "35591", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35591" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2751.json b/2009/2xxx/CVE-2009-2751.json index b1c26688c8d..5381e1e9f70 100644 --- a/2009/2xxx/CVE-2009-2751.json +++ b/2009/2xxx/CVE-2009-2751.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2751", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2751", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21418443", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21418443" - }, - { - "name" : "JR35136", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1JR35136" - }, - { - "name" : "websphere-commerce-key-weak-security(56089)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56089" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "websphere-commerce-key-weak-security(56089)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56089" + }, + { + "name": "JR35136", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR35136" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21418443", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21418443" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3107.json b/2009/3xxx/CVE-2009-3107.json index ceaf333dc62..2a671049324 100644 --- a/2009/3xxx/CVE-2009-3107.json +++ b/2009/3xxx/CVE-2009-3107.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3107", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3107", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00" - }, - { - "name" : "36110", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36110" - }, - { - "name" : "1022779", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022779" - }, - { - "name" : "36502", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36502" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36502", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36502" + }, + { + "name": "36110", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36110" + }, + { + "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00" + }, + { + "name": "1022779", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022779" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3245.json b/2009/3xxx/CVE-2009-3245.json index 6b932ba21e5..f646cbd8b0a 100644 --- a/2009/3xxx/CVE-2009-3245.json +++ b/2009/3xxx/CVE-2009-3245.json @@ -1,227 +1,227 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=openssl-cvs&m=126692180606861&w=2" - }, - { - "name" : "[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=openssl-cvs&m=126692159706582&w=2" - }, - { - "name" : "[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=openssl-cvs&m=126692170906712&w=2" - }, - { - "name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released", - "refsource" : "MLIST", - "url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html" - }, - { - "name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released", - "refsource" : "MLIST", - "url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html" - }, - { - "name" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc", - "refsource" : "CONFIRM", - "url" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc" - }, - { - "name" : "https://kb.bluecoat.com/index?page=content&id=SA50", - "refsource" : "CONFIRM", - "url" : "https://kb.bluecoat.com/index?page=content&id=SA50" - }, - { - "name" : "http://support.apple.com/kb/HT4723", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4723" - }, - { - "name" : "APPLE-SA-2011-06-23-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" - }, - { - "name" : "FEDORA-2010-5744", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html" - }, - { - "name" : "FEDORA-2010-5357", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html" - }, - { - "name" : "HPSBOV02540", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127678688104458&w=2" - }, - { - "name" : "HPSBUX02517", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127128920008563&w=2" - }, - { - "name" : "SSRT100058", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127128920008563&w=2" - }, - { - "name" : "MDVSA-2010:076", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076" - }, - { - "name" : "RHSA-2010:0977", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0977.html" - }, - { - "name" : "RHSA-2011:0896", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0896.html" - }, - { - "name" : "SSA:2010-060-02", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049" - }, - { - "name" : "SUSE-SR:2010:013", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" - }, - { - "name" : "USN-1003-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1003-1" - }, - { - "name" : "38562", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38562" - }, - { - "name" : "oval:org.mitre.oval:def:9790", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9790" - }, - { - "name" : "oval:org.mitre.oval:def:11738", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11738" - }, - { - "name" : "oval:org.mitre.oval:def:6640", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6640" - }, - { - "name" : "38761", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38761" - }, - { - "name" : "39461", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39461" - }, - { - "name" : "39932", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39932" - }, - { - "name" : "42724", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42724" - }, - { - "name" : "42733", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42733" - }, - { - "name" : "37291", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37291" - }, - { - "name" : "ADV-2010-0839", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0839" - }, - { - "name" : "ADV-2010-0933", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0933" - }, - { - "name" : "ADV-2010-0916", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0916" - }, - { - "name" : "ADV-2010-1216", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-0916", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0916" + }, + { + "name": "42724", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42724" + }, + { + "name": "oval:org.mitre.oval:def:11738", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11738" + }, + { + "name": "39461", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39461" + }, + { + "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...", + "refsource": "MLIST", + "url": "http://marc.info/?l=openssl-cvs&m=126692159706582&w=2" + }, + { + "name": "http://support.apple.com/kb/HT4723", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4723" + }, + { + "name": "FEDORA-2010-5357", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html" + }, + { + "name": "SSA:2010-060-02", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049" + }, + { + "name": "APPLE-SA-2011-06-23-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" + }, + { + "name": "oval:org.mitre.oval:def:6640", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6640" + }, + { + "name": "HPSBOV02540", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127678688104458&w=2" + }, + { + "name": "[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...", + "refsource": "MLIST", + "url": "http://marc.info/?l=openssl-cvs&m=126692170906712&w=2" + }, + { + "name": "38761", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38761" + }, + { + "name": "SUSE-SR:2010:013", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" + }, + { + "name": "38562", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38562" + }, + { + "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released", + "refsource": "MLIST", + "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html" + }, + { + "name": "oval:org.mitre.oval:def:9790", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9790" + }, + { + "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...", + "refsource": "MLIST", + "url": "http://marc.info/?l=openssl-cvs&m=126692180606861&w=2" + }, + { + "name": "RHSA-2010:0977", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html" + }, + { + "name": "ADV-2010-0839", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0839" + }, + { + "name": "MDVSA-2010:076", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076" + }, + { + "name": "HPSBUX02517", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2" + }, + { + "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released", + "refsource": "MLIST", + "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html" + }, + { + "name": "USN-1003-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1003-1" + }, + { + "name": "39932", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39932" + }, + { + "name": "ADV-2010-0933", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0933" + }, + { + "name": "RHSA-2011:0896", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html" + }, + { + "name": "SSRT100058", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2" + }, + { + "name": "https://kb.bluecoat.com/index?page=content&id=SA50", + "refsource": "CONFIRM", + "url": "https://kb.bluecoat.com/index?page=content&id=SA50" + }, + { + "name": "ADV-2010-1216", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1216" + }, + { + "name": "42733", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42733" + }, + { + "name": "37291", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37291" + }, + { + "name": "FEDORA-2010-5744", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html" + }, + { + "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc", + "refsource": "CONFIRM", + "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3411.json b/2009/3xxx/CVE-2009-3411.json index f457161386a..95c8e17a2f6 100644 --- a/2009/3xxx/CVE-2009-3411.json +++ b/2009/3xxx/CVE-2009-3411.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2009-3411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" - }, - { - "name" : "TA10-012A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-012A.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" + }, + { + "name": "TA10-012A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-012A.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3844.json b/2009/3xxx/CVE-2009-3844.json index efef3a4ab0f..3a81357caf5 100644 --- a/2009/3xxx/CVE-2009-3844.json +++ b/2009/3xxx/CVE-2009-3844.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3844", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2009-3844", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20091208 ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/508329/100/0/threaded" - }, - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-09-091/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-09-091/" - }, - { - "name" : "HPSBMA02481", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126029001704529&w=2" - }, - { - "name" : "SSRT090113", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126029001704529&w=2" - }, - { - "name" : "37250", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37250" - }, - { - "name" : "1023288", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023288" - }, - { - "name" : "37600", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37600" - }, - { - "name" : "ADV-2009-3454", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3454" - }, - { - "name" : "openview-dparm-omniinet-bo(54638)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54638" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openview-dparm-omniinet-bo(54638)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54638" + }, + { + "name": "SSRT090113", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126029001704529&w=2" + }, + { + "name": "ADV-2009-3454", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3454" + }, + { + "name": "20091208 ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/508329/100/0/threaded" + }, + { + "name": "HPSBMA02481", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126029001704529&w=2" + }, + { + "name": "37250", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37250" + }, + { + "name": "37600", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37600" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-09-091/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-09-091/" + }, + { + "name": "1023288", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023288" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3899.json b/2009/3xxx/CVE-2009-3899.json index 182069fc91d..05c83486821 100644 --- a/2009/3xxx/CVE-2009-3899.json +++ b/2009/3xxx/CVE-2009-3899.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3899", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3899", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1" - }, - { - "name" : "264730", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264730-1" - }, - { - "name" : "36904", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36904" - }, - { - "name" : "oval:org.mitre.oval:def:6563", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6563" - }, - { - "name" : "1023124", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023124" - }, - { - "name" : "ADV-2009-3130", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3130" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36904", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36904" + }, + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1" + }, + { + "name": "oval:org.mitre.oval:def:6563", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6563" + }, + { + "name": "ADV-2009-3130", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3130" + }, + { + "name": "1023124", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023124" + }, + { + "name": "264730", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264730-1" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4099.json b/2009/4xxx/CVE-2009-4099.json index 3b62f30e66f..19958a8b017 100644 --- a/2009/4xxx/CVE-2009-4099.json +++ b/2009/4xxx/CVE-2009-4099.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0911-exploits/joomlagcalendar-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0911-exploits/joomlagcalendar-sql.txt" - }, - { - "name" : "37141", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37141" - }, - { - "name" : "37134", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37134" - }, - { - "name" : "60517", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/60517" - }, - { - "name" : "37476", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37476" - }, - { - "name" : "gcalendar-index-sql-injection(54450)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54450" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "gcalendar-index-sql-injection(54450)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54450" + }, + { + "name": "37476", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37476" + }, + { + "name": "http://packetstormsecurity.org/0911-exploits/joomlagcalendar-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0911-exploits/joomlagcalendar-sql.txt" + }, + { + "name": "37134", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37134" + }, + { + "name": "37141", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37141" + }, + { + "name": "60517", + "refsource": "OSVDB", + "url": "http://osvdb.org/60517" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4323.json b/2009/4xxx/CVE-2009-4323.json index d9a603603ec..3738278b974 100644 --- a/2009/4xxx/CVE-2009-4323.json +++ b/2009/4xxx/CVE-2009-4323.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4323", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zen-cart.com/forum/showthread.php?t=142784", - "refsource" : "CONFIRM", - "url" : "http://www.zen-cart.com/forum/showthread.php?t=142784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zen-cart.com/forum/showthread.php?t=142784", + "refsource": "CONFIRM", + "url": "http://www.zen-cart.com/forum/showthread.php?t=142784" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4741.json b/2009/4xxx/CVE-2009-4741.json index 130d7d7d30f..0d260fb07ad 100644 --- a/2009/4xxx/CVE-2009-4741.json +++ b/2009/4xxx/CVE-2009-4741.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4741", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4741", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://developer.skype.com/WindowsSkype/ReleaseNotes#head-21c1b2583e7cc405f994ca162d574fb15a6e986b", - "refsource" : "CONFIRM", - "url" : "https://developer.skype.com/WindowsSkype/ReleaseNotes#head-21c1b2583e7cc405f994ca162d574fb15a6e986b" - }, - { - "name" : "36459", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36459" - }, - { - "name" : "37012", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37012", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37012" + }, + { + "name": "https://developer.skype.com/WindowsSkype/ReleaseNotes#head-21c1b2583e7cc405f994ca162d574fb15a6e986b", + "refsource": "CONFIRM", + "url": "https://developer.skype.com/WindowsSkype/ReleaseNotes#head-21c1b2583e7cc405f994ca162d574fb15a6e986b" + }, + { + "name": "36459", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36459" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4767.json b/2009/4xxx/CVE-2009-4767.json index 8efb4e35c64..d5078bb3d3a 100644 --- a/2009/4xxx/CVE-2009-4767.json +++ b/2009/4xxx/CVE-2009-4767.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.php in Plohni Shoutbox 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) input_name and (2) input_text parameters. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "10168", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/10168" - }, - { - "name" : "60310", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/60310" - }, - { - "name" : "37418", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37418" - }, - { - "name" : "shoutbox-name-xss(54321)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54321" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in Plohni Shoutbox 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) input_name and (2) input_text parameters. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37418", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37418" + }, + { + "name": "60310", + "refsource": "OSVDB", + "url": "http://osvdb.org/60310" + }, + { + "name": "shoutbox-name-xss(54321)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54321" + }, + { + "name": "10168", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/10168" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4780.json b/2009/4xxx/CVE-2009-4780.json index 718cb7316b7..243a07ebcad 100644 --- a/2009/4xxx/CVE-2009-4780.json +++ b/2009/4xxx/CVE-2009-4780.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4780", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action, (2) the search parameter in a search action, (3) the tagging_id parameter in a search action, (4) the highlight parameter in an artikel action, (5) the artlang parameter in an artikel action, (6) the letter parameter in a sitemap action, (7) the lang parameter in a show action, (8) the cat parameter in a show action, (9) the newslang parameter in a news action, (10) the artlang parameter in a send2friend action, (11) the cat parameter in a send2friend action, (12) the id parameter in a send2friend action, (13) the srclang parameter in a translate action, (14) the id parameter in a translate action, (15) the cat parameter in a translate action, (16) the cat parameter in an add action, or (17) the question parameter in an add action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37180", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37180" - }, - { - "name" : "37520", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37520" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action, (2) the search parameter in a search action, (3) the tagging_id parameter in a search action, (4) the highlight parameter in an artikel action, (5) the artlang parameter in an artikel action, (6) the letter parameter in a sitemap action, (7) the lang parameter in a show action, (8) the cat parameter in a show action, (9) the newslang parameter in a news action, (10) the artlang parameter in a send2friend action, (11) the cat parameter in a send2friend action, (12) the id parameter in a send2friend action, (13) the srclang parameter in a translate action, (14) the id parameter in a translate action, (15) the cat parameter in a translate action, (16) the cat parameter in an add action, or (17) the question parameter in an add action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37180", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37180" + }, + { + "name": "37520", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37520" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2151.json b/2012/2xxx/CVE-2012-2151.json index 755e62179c5..e9d46511075 100644 --- a/2012/2xxx/CVE-2012-2151.json +++ b/2012/2xxx/CVE-2012-2151.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2151", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-2151", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Spip-en] 20120423 New stable releases SPIP 1.9.2o, 2.0.18 et 2.1.13 are availables", - "refsource" : "MLIST", - "url" : "http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/" - }, - { - "name" : "[oss-security] 20120430 CVE request: spip before 1.9.2.o, 2.0.18 and 2.1.13 multiple XSS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/04/30/4" - }, - { - "name" : "[oss-security] 20120501 Re: CVE request: spip before 1.9.2.o, 2.0.18 and 2.1.13 multiple XSS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/05/01/4" - }, - { - "name" : "DSA-2461", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2012/dsa-2461" - }, - { - "name" : "53216", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53216" - }, - { - "name" : "81473", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/81473" - }, - { - "name" : "1026970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026970" - }, - { - "name" : "48939", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48939" - }, - { - "name" : "spip-unspecified-xss(75104)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75104" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "spip-unspecified-xss(75104)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75104" + }, + { + "name": "[oss-security] 20120501 Re: CVE request: spip before 1.9.2.o, 2.0.18 and 2.1.13 multiple XSS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/05/01/4" + }, + { + "name": "1026970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026970" + }, + { + "name": "[Spip-en] 20120423 New stable releases SPIP 1.9.2o, 2.0.18 et 2.1.13 are availables", + "refsource": "MLIST", + "url": "http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/" + }, + { + "name": "[oss-security] 20120430 CVE request: spip before 1.9.2.o, 2.0.18 and 2.1.13 multiple XSS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/04/30/4" + }, + { + "name": "48939", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48939" + }, + { + "name": "81473", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/81473" + }, + { + "name": "53216", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53216" + }, + { + "name": "DSA-2461", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2012/dsa-2461" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0327.json b/2015/0xxx/CVE-2015-0327.json index 5cf955574a0..3b00bf45389 100644 --- a/2015/0xxx/CVE-2015-0327.json +++ b/2015/0xxx/CVE-2015-0327.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-0327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html" - }, - { - "name" : "https://technet.microsoft.com/library/security/2755801", - "refsource" : "CONFIRM", - "url" : "https://technet.microsoft.com/library/security/2755801" - }, - { - "name" : "GLSA-201502-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-02.xml" - }, - { - "name" : "RHSA-2015:0140", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0140.html" - }, - { - "name" : "SUSE-SU-2015:0236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html" - }, - { - "name" : "SUSE-SU-2015:0239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html" - }, - { - "name" : "openSUSE-SU-2015:0237", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2015:0238", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html" - }, - { - "name" : "72514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72514" - }, - { - "name" : "1031706", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031706" - }, - { - "name" : "62777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62777" - }, - { - "name" : "62886", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62886" - }, - { - "name" : "62895", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62895" - }, - { - "name" : "adobe-flash-cve20150327-bo(100709)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100709" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201502-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-02.xml" + }, + { + "name": "openSUSE-SU-2015:0238", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html" + }, + { + "name": "62895", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62895" + }, + { + "name": "1031706", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031706" + }, + { + "name": "62886", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62886" + }, + { + "name": "https://technet.microsoft.com/library/security/2755801", + "refsource": "CONFIRM", + "url": "https://technet.microsoft.com/library/security/2755801" + }, + { + "name": "62777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62777" + }, + { + "name": "adobe-flash-cve20150327-bo(100709)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100709" + }, + { + "name": "openSUSE-SU-2015:0237", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html" + }, + { + "name": "SUSE-SU-2015:0236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html" + }, + { + "name": "72514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72514" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html" + }, + { + "name": "RHSA-2015:0140", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0140.html" + }, + { + "name": "SUSE-SU-2015:0239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0674.json b/2015/0xxx/CVE-2015-0674.json index af50853804f..e0c9115b703 100644 --- a/2015/0xxx/CVE-2015-0674.json +++ b/2015/0xxx/CVE-2015-0674.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0674", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0674", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150326 Cisco Web Security Alert Service Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/viewAlert.x?alertId=38058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150326 Cisco Web Security Alert Service Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=38058" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0943.json b/2015/0xxx/CVE-2015-0943.json index c50e0339dd5..130aecab6fd 100644 --- a/2015/0xxx/CVE-2015-0943.json +++ b/2015/0xxx/CVE-2015-0943.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0943", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user credentials, and other sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-0943", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150727 Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jul/120" - }, - { - "name" : "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html", - "refsource" : "MISC", - "url" : "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user credentials, and other sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150727 Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jul/120" + }, + { + "name": "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html", + "refsource": "MISC", + "url": "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1809.json b/2015/1xxx/CVE-2015-1809.json index 5eafb8f86f1..f2366d0f6c5 100644 --- a/2015/1xxx/CVE-2015-1809.json +++ b/2015/1xxx/CVE-2015-1809.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1809", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1809", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5219.json b/2015/5xxx/CVE-2015-5219.json index 9a70600d4f2..8bb8a48016a 100644 --- a/2015/5xxx/CVE-2015-5219.json +++ b/2015/5xxx/CVE-2015-5219.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5219", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-5219", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150825 Several low impact ntp.org ntpd issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/25/3" - }, - { - "name" : "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc", - "refsource" : "CONFIRM", - "url" : "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc" - }, - { - "name" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg", - "refsource" : "CONFIRM", - "url" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1255118", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1255118" - }, - { - "name" : "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8", - "refsource" : "CONFIRM", - "url" : "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8" - }, - { - "name" : "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", - "refsource" : "CONFIRM", - "url" : "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157" - }, - { - "name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", - "refsource" : "CONFIRM", - "url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21985122" - }, - { - "name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", - "refsource" : "CONFIRM", - "url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21986956" - }, - { - "name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", - "refsource" : "CONFIRM", - "url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21988706" - }, - { - "name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", - "refsource" : "CONFIRM", - "url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21989542" - }, - { - "name" : "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3388", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3388" - }, - { - "name" : "FEDORA-2015-14212", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html" - }, - { - "name" : "FEDORA-2015-14213", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html" - }, - { - "name" : "FEDORA-2015-77bfbc1bcd", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html" - }, - { - "name" : "RHSA-2016:0780", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0780.html" - }, - { - "name" : "RHSA-2016:2583", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2583.html" - }, - { - "name" : "SUSE-SU:2016:1311", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" - }, - { - "name" : "openSUSE-SU:2016:3280", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html" - }, - { - "name" : "USN-2783-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2783-1" - }, - { - "name" : "76473", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76473" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc", + "refsource": "CONFIRM", + "url": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc" + }, + { + "name": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", + "refsource": "CONFIRM", + "url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157" + }, + { + "name": "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8", + "refsource": "CONFIRM", + "url": "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8" + }, + { + "name": "openSUSE-SU:2016:3280", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html" + }, + { + "name": "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "USN-2783-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2783-1" + }, + { + "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", + "refsource": "CONFIRM", + "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21986956" + }, + { + "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", + "refsource": "CONFIRM", + "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21988706" + }, + { + "name": "RHSA-2016:2583", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" + }, + { + "name": "FEDORA-2015-77bfbc1bcd", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html" + }, + { + "name": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg", + "refsource": "CONFIRM", + "url": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg" + }, + { + "name": "RHSA-2016:0780", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" + }, + { + "name": "DSA-3388", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3388" + }, + { + "name": "[oss-security] 20150825 Several low impact ntp.org ntpd issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/25/3" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118" + }, + { + "name": "76473", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76473" + }, + { + "name": "SUSE-SU:2016:1311", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" + }, + { + "name": "FEDORA-2015-14212", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html" + }, + { + "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", + "refsource": "CONFIRM", + "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21989542" + }, + { + "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", + "refsource": "CONFIRM", + "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985122" + }, + { + "name": "FEDORA-2015-14213", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5453.json b/2015/5xxx/CVE-2015-5453.json index f2d2205a492..604eeed01b0 100644 --- a/2015/5xxx/CVE-2015-5453.json +++ b/2015/5xxx/CVE-2015-5453.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-5453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38346", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38346/" - }, - { - "name" : "http://packetstormsecurity.com/files/132498/Watchguard-XCS-10.0-SQL-Injection-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132498/Watchguard-XCS-10.0-SQL-Injection-Command-Execution.html" - }, - { - "name" : "http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf", - "refsource" : "MISC", - "url" : "http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf" - }, - { - "name" : "http://packetstormsecurity.com/files/133721/Watchguard-XCS-Remote-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133721/Watchguard-XCS-Remote-Command-Execution.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/freebsd/http/watchguard_cmd_exec", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/freebsd/http/watchguard_cmd_exec" - }, - { - "name" : "http://www.watchguard.com/support/release-notes/xcs/10/en-US/EN_Release_Notes_XCS_v10_0_Security_Hotfix/EN_Release_Notes_XCS_v10_0_Security_Hotfix.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.watchguard.com/support/release-notes/xcs/10/en-US/EN_Release_Notes_XCS_v10_0_Security_Hotfix/EN_Release_Notes_XCS_v10_0_Security_Hotfix.pdf" - }, - { - "name" : "http://www.watchguard.com/support/release-notes/xcs/9/en-US/EN_ReleaseNotes_XCS_9_2_Security_Hotfix/EN_Release_Notes_XCS_v9_2_Security_Hotfix.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.watchguard.com/support/release-notes/xcs/9/en-US/EN_ReleaseNotes_XCS_9_2_Security_Hotfix/EN_Release_Notes_XCS_v9_2_Security_Hotfix.pdf" - }, - { - "name" : "75516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75516" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.watchguard.com/support/release-notes/xcs/9/en-US/EN_ReleaseNotes_XCS_9_2_Security_Hotfix/EN_Release_Notes_XCS_v9_2_Security_Hotfix.pdf", + "refsource": "CONFIRM", + "url": "http://www.watchguard.com/support/release-notes/xcs/9/en-US/EN_ReleaseNotes_XCS_9_2_Security_Hotfix/EN_Release_Notes_XCS_v9_2_Security_Hotfix.pdf" + }, + { + "name": "38346", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38346/" + }, + { + "name": "http://packetstormsecurity.com/files/132498/Watchguard-XCS-10.0-SQL-Injection-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132498/Watchguard-XCS-10.0-SQL-Injection-Command-Execution.html" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/freebsd/http/watchguard_cmd_exec", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/freebsd/http/watchguard_cmd_exec" + }, + { + "name": "http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf", + "refsource": "MISC", + "url": "http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf" + }, + { + "name": "http://packetstormsecurity.com/files/133721/Watchguard-XCS-Remote-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133721/Watchguard-XCS-Remote-Command-Execution.html" + }, + { + "name": "75516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75516" + }, + { + "name": "http://www.watchguard.com/support/release-notes/xcs/10/en-US/EN_Release_Notes_XCS_v10_0_Security_Hotfix/EN_Release_Notes_XCS_v10_0_Security_Hotfix.pdf", + "refsource": "CONFIRM", + "url": "http://www.watchguard.com/support/release-notes/xcs/10/en-US/EN_Release_Notes_XCS_v10_0_Security_Hotfix/EN_Release_Notes_XCS_v10_0_Security_Hotfix.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5663.json b/2015/5xxx/CVE-2015-5663.json index 8987d9ae546..4a6f74c0c85 100644 --- a/2015/5xxx/CVE-2015-5663.json +++ b/2015/5xxx/CVE-2015-5663.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5663", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-5663", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#64636058", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN64636058/index.html" - }, - { - "name" : "JVNDB-2015-000199", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000199" - }, - { - "name" : "79666", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79666" - }, - { - "name" : "1034881", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034881" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79666", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79666" + }, + { + "name": "JVN#64636058", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN64636058/index.html" + }, + { + "name": "1034881", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034881" + }, + { + "name": "JVNDB-2015-000199", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000199" + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3240.json b/2018/3xxx/CVE-2018-3240.json index f6227cc97fe..57746ef550c 100644 --- a/2018/3xxx/CVE-2018-3240.json +++ b/2018/3xxx/CVE-2018-3240.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3240", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3240", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3263.json b/2018/3xxx/CVE-2018-3263.json index d87debb6186..d31b0800ac7 100644 --- a/2018/3xxx/CVE-2018-3263.json +++ b/2018/3xxx/CVE-2018-3263.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-3263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Solaris Operating System", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "11.3" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Sudo). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-3263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Solaris Operating System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.3" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "105604", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105604" - }, - { - "name" : "1041895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Sudo). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1041895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041895" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "105604", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105604" + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3636.json b/2018/3xxx/CVE-2018-3636.json index 0023f6a2637..b47a632cbaa 100644 --- a/2018/3xxx/CVE-2018-3636.json +++ b/2018/3xxx/CVE-2018-3636.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3636", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3636", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6064.json b/2018/6xxx/CVE-2018-6064.json index e1408a2b6ea..e0f49f2e740 100644 --- a/2018/6xxx/CVE-2018-6064.json +++ b/2018/6xxx/CVE-2018-6064.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2018-6064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "65.0.3325.146" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Type Confusion" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2018-6064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "65.0.3325.146" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44394", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44394/" - }, - { - "name" : "https://crbug.com/798644", - "refsource" : "MISC", - "url" : "https://crbug.com/798644" - }, - { - "name" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html" - }, - { - "name" : "DSA-4182", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4182" - }, - { - "name" : "RHSA-2018:0484", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0484" - }, - { - "name" : "103297", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103297" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Type Confusion" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html" + }, + { + "name": "44394", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44394/" + }, + { + "name": "103297", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103297" + }, + { + "name": "RHSA-2018:0484", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0484" + }, + { + "name": "DSA-4182", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4182" + }, + { + "name": "https://crbug.com/798644", + "refsource": "MISC", + "url": "https://crbug.com/798644" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6557.json b/2018/6xxx/CVE-2018-6557.json index 064f696e5be..7d6aba13369 100644 --- a/2018/6xxx/CVE-2018-6557.json +++ b/2018/6xxx/CVE-2018-6557.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@ubuntu.com", - "DATE_PUBLIC" : "2018-08-21T00:00:00.000Z", - "ID" : "CVE-2018-6557", - "STATE" : "PUBLIC", - "TITLE" : "Insecure temporary file use in base-files" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "base-files", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "10.1ubuntu2.2" - } - ] - } - } - ] - }, - "vendor_name" : "Ubuntu" - } - ] - } - }, - "credit" : [ - { - "lang" : "eng", - "value" : "Sander Bos" - } - ], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Insecure Temporary File" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "DATE_PUBLIC": "2018-08-21T00:00:00.000Z", + "ID": "CVE-2018-6557", + "STATE": "PUBLIC", + "TITLE": "Insecure temporary file use in base-files" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "base-files", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "10.1ubuntu2.2" + } + ] + } + } + ] + }, + "vendor_name": "Ubuntu" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "USN-3748-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3748-1/" - }, - { - "name" : "105148", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105148" - }, - { - "name" : "1041530", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041530" - } - ] - }, - "source" : { - "discovery" : "EXTERNAL" - } -} + } + }, + "credit": [ + { + "lang": "eng", + "value": "Sander Bos" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insecure Temporary File" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3748-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3748-1/" + }, + { + "name": "1041530", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041530" + }, + { + "name": "105148", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105148" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6976.json b/2018/6xxx/CVE-2018-6976.json index c4ce59879ca..2d83c9e2728 100644 --- a/2018/6xxx/CVE-2018-6976.json +++ b/2018/6xxx/CVE-2018-6976.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@vmware.com", - "DATE_PUBLIC" : "2018-09-05T00:00:00", - "ID" : "CVE-2018-6976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Content Locker for iOS", - "version" : { - "version_data" : [ - { - "version_value" : "prior to 4.14" - } - ] - } - } - ] - }, - "vendor_name" : "VMware" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. This vulnerability relates to unencrypted filenames and associated metadata in SQLite database for the Content Locker." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Data protection vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security@vmware.com", + "DATE_PUBLIC": "2018-09-05T00:00:00", + "ID": "CVE-2018-6976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Content Locker for iOS", + "version": { + "version_data": [ + { + "version_value": "prior to 4.14" + } + ] + } + } + ] + }, + "vendor_name": "VMware" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vmware.com/security/advisories/VMSA-2018-0023.html", - "refsource" : "CONFIRM", - "url" : "https://www.vmware.com/security/advisories/VMSA-2018-0023.html" - }, - { - "name" : "105367", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105367" - }, - { - "name" : "1041604", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. This vulnerability relates to unencrypted filenames and associated metadata in SQLite database for the Content Locker." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Data protection vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.vmware.com/security/advisories/VMSA-2018-0023.html", + "refsource": "CONFIRM", + "url": "https://www.vmware.com/security/advisories/VMSA-2018-0023.html" + }, + { + "name": "105367", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105367" + }, + { + "name": "1041604", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041604" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7132.json b/2018/7xxx/CVE-2018-7132.json index 977449cda58..c04825f53eb 100644 --- a/2018/7xxx/CVE-2018-7132.json +++ b/2018/7xxx/CVE-2018-7132.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7132", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7132", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7541.json b/2018/7xxx/CVE-2018-7541.json index 93c3529368f..10995615fc1 100644 --- a/2018/7xxx/CVE-2018-7541.json +++ b/2018/7xxx/CVE-2018-7541.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180306 [SECURITY] [DLA 1300-1] xen security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/03/msg00003.html" - }, - { - "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html" - }, - { - "name" : "https://xenbits.xen.org/xsa/advisory-255.html", - "refsource" : "CONFIRM", - "url" : "https://xenbits.xen.org/xsa/advisory-255.html" - }, - { - "name" : "https://support.citrix.com/article/CTX232655", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX232655" - }, - { - "name" : "https://support.citrix.com/article/CTX232096", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX232096" - }, - { - "name" : "DSA-4131", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4131" - }, - { - "name" : "GLSA-201810-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201810-06" - }, - { - "name" : "103177", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103177" - }, - { - "name" : "1040775", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040775" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103177", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103177" + }, + { + "name": "GLSA-201810-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201810-06" + }, + { + "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html" + }, + { + "name": "https://xenbits.xen.org/xsa/advisory-255.html", + "refsource": "CONFIRM", + "url": "https://xenbits.xen.org/xsa/advisory-255.html" + }, + { + "name": "[debian-lts-announce] 20180306 [SECURITY] [DLA 1300-1] xen security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00003.html" + }, + { + "name": "1040775", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040775" + }, + { + "name": "DSA-4131", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4131" + }, + { + "name": "https://support.citrix.com/article/CTX232655", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX232655" + }, + { + "name": "https://support.citrix.com/article/CTX232096", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX232096" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7679.json b/2018/7xxx/CVE-2018-7679.json index 116554eca4c..08587ada114 100644 --- a/2018/7xxx/CVE-2018-7679.json +++ b/2018/7xxx/CVE-2018-7679.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@microfocus.com", - "DATE_PUBLIC" : "2018-06-20T00:00:00", - "ID" : "CVE-2018-7679", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Solutions Business Manager 11.4", - "version" : { - "version_data" : [ - { - "version_value" : "Solutions Business Manager 11.4 prior to 11.4" - } - ] - } - } - ] - }, - "vendor_name" : "Micro Focus" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Client-side remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "DATE_PUBLIC": "2018-06-20T00:00:00", + "ID": "CVE-2018-7679", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Solutions Business Manager 11.4", + "version": { + "version_data": [ + { + "version_value": "Solutions Business Manager 11.4 prior to 11.4" + } + ] + } + } + ] + }, + "vendor_name": "Micro Focus" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm", - "refsource" : "CONFIRM", - "url" : "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Client-side remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm", + "refsource": "CONFIRM", + "url": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm" + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8245.json b/2018/8xxx/CVE-2018-8245.json index 8ff497a64cb..fad53e869a5 100644 --- a/2018/8xxx/CVE-2018-8245.json +++ b/2018/8xxx/CVE-2018-8245.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2018-8245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Publisher", - "version" : { - "version_data" : [ - { - "version_value" : "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value" : "2010 Service Pack 2 (64-bit editions)" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka \"Microsoft Publisher Remote Code Execution Vulnerability.\" This affects Microsoft Publisher." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2018-8245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Publisher", + "version": { + "version_data": [ + { + "version_value": "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value": "2010 Service Pack 2 (64-bit editions)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245" - }, - { - "name" : "104405", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104405" - }, - { - "name" : "1041105", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka \"Microsoft Publisher Remote Code Execution Vulnerability.\" This affects Microsoft Publisher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245" + }, + { + "name": "104405", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104405" + }, + { + "name": "1041105", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041105" + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8386.json b/2018/8xxx/CVE-2018-8386.json index 9a4b52b1157..4f08f3c33df 100644 --- a/2018/8xxx/CVE-2018-8386.json +++ b/2018/8xxx/CVE-2018-8386.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8386", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8386", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8548.json b/2018/8xxx/CVE-2018-8548.json index 9d529dbdff5..68853c3e1fb 100644 --- a/2018/8xxx/CVE-2018-8548.json +++ b/2018/8xxx/CVE-2018-8548.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8548", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8548", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8718.json b/2018/8xxx/CVE-2018-8718.json index f38111164a0..af72bbe1806 100644 --- a/2018/8xxx/CVE-2018-8718.json +++ b/2018/8xxx/CVE-2018-8718.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44843", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44843/" - }, - { - "name" : "[oss-security] 20180326 Multiple vulnerabilities in Jenkins plugins", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2018/03/26/3" - }, - { - "name" : "https://jenkins.io/security/advisory/2018-03-26/", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2018-03-26/" - }, - { - "name" : "103691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103691" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2018-03-26/", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2018-03-26/" + }, + { + "name": "[oss-security] 20180326 Multiple vulnerabilities in Jenkins plugins", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2018/03/26/3" + }, + { + "name": "44843", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44843/" + }, + { + "name": "103691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103691" + } + ] + } +} \ No newline at end of file