admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:55:57 +00:00
parent 32591f5c44
commit 776fc5d487
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 4686 additions and 4686 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
2006/0xxx/CVE-2006-0414.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0414",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0414",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server."
"lang": "eng",
"value": "Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://archives.seul.org/or/announce/Jan-2006/msg00001.html",
"refsource" : "CONFIRM",
"url" : "http://archives.seul.org/or/announce/Jan-2006/msg00001.html"
"name": "19795",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19795"
},
{
"name" : "http://tor.eff.org/cvs/tor/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://tor.eff.org/cvs/tor/ChangeLog"
"name": "18576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18576"
},
{
"name" : "GLSA-200606-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200606-04.xml"
"name": "tor-service-information-disclosure(24285)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24285"
},
{
"name" : "18323",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18323"
"name": "18323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18323"
},
{
"name" : "19795",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19795"
"name": "22689",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22689"
},
{
"name" : "22689",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22689"
"name": "20514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20514"
},
{
"name" : "18576",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18576"
"name": "GLSA-200606-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"
},
{
"name" : "20514",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20514"
"name": "http://tor.eff.org/cvs/tor/ChangeLog",
"refsource": "CONFIRM",
"url": "http://tor.eff.org/cvs/tor/ChangeLog"
},
{
"name" : "tor-service-information-disclosure(24285)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24285"
"name": "http://archives.seul.org/or/announce/Jan-2006/msg00001.html",
"refsource": "CONFIRM",
"url": "http://archives.seul.org/or/announce/Jan-2006/msg00001.html"
}
]
}

22
2006/0xxx/CVE-2006-0595.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0595",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0595",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2006/0xxx/CVE-2006-0685.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0685",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0685",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access."
"lang": "eng",
"value": "The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060211 RS-2006-1: Multiple flaws in VHCS 2.x",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/424816/100/0/threaded"
"name": "18799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18799"
},
{
"name" : "http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt",
"refsource" : "MISC",
"url" : "http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt"
"name": "20060211 RS-2006-1: Multiple flaws in VHCS 2.x",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424816/100/0/threaded"
},
{
"name" : "16600",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16600"
"name": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt",
"refsource": "MISC",
"url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt"
},
{
"name" : "ADV-2006-0534",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0534"
"name": "16600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16600"
},
{
"name" : "18799",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18799"
"name": "vhcs-checklogin-auth-bypass(24666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24666"
},
{
"name" : "vhcs-checklogin-auth-bypass(24666)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24666"
"name": "ADV-2006-0534",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0534"
}
]
}

98
2006/0xxx/CVE-2006-0862.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0862",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0862",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL."
"lang": "eng",
"value": "Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060222 IRM 017: Multiple Vulnerabilities in Infovista Portal SE",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/425779/100/0/threaded"
"name": "16776",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16776"
},
{
"name" : "http://www.irmplc.com/advisory017.htm",
"refsource" : "MISC",
"url" : "http://www.irmplc.com/advisory017.htm"
"name": "vistaportal-parameter-directory-traversal(24893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24893"
},
{
"name" : "16776",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16776"
"name": "1015669",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015669"
},
{
"name" : "ADV-2006-0695",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0695"
"name": "http://www.irmplc.com/advisory017.htm",
"refsource": "MISC",
"url": "http://www.irmplc.com/advisory017.htm"
},
{
"name" : "1015669",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015669"
"name": "ADV-2006-0695",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0695"
},
{
"name" : "18994",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18994"
"name": "20060222 IRM 017: Multiple Vulnerabilities in Infovista Portal SE",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425779/100/0/threaded"
},
{
"name" : "vistaportal-parameter-directory-traversal(24893)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24893"
"name": "18994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18994"
}
]
}

110
2006/1xxx/CVE-2006-1195.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1195",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1195",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet fragment with a large total data size, which triggers an application abort when memory allocation fails."
"lang": "eng",
"value": "The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet fragment with a large total data size, which triggers an application abort when memory allocation fails."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060312 Multiple vulnerabilities in ENet library (Jul 2005)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/427465/100/0/threaded"
"name": "20060312 Multiple vulnerabilities in ENet library (Jul 2005)",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043541.html"
},
{
"name" : "20060312 Multiple vulnerabilities in ENet library (Jul 2005)",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043541.html"
"name": "20060312 Multiple vulnerabilities in ENet library (Jul 2005)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427465/100/0/threaded"
},
{
"name" : "http://aluigi.altervista.org/adv/enetx-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/enetx-adv.txt"
"name": "1015767",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015767"
},
{
"name" : "17087",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17087"
"name": "enet-packet-dos(25158)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25158"
},
{
"name" : "ADV-2006-0940",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0940"
"name": "17087",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17087"
},
{
"name" : "23845",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23845"
"name": "19208",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19208"
},
{
"name" : "1015767",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015767"
"name": "ADV-2006-0940",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0940"
},
{
"name" : "19208",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19208"
"name": "http://aluigi.altervista.org/adv/enetx-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/enetx-adv.txt"
},
{
"name" : "enet-packet-dos(25158)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25158"
"name": "23845",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23845"
}
]
}

98
2006/1xxx/CVE-2006-1419.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1419",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1419",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php."
"lang": "eng",
"value": "SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060326 nuked-klan<=1.7.5 SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428895/100/0/threaded"
"name": "ADV-2006-1134",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1134"
},
{
"name" : "17233",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17233"
"name": "632",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/632"
},
{
"name" : "ADV-2006-1134",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1134"
"name": "19382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19382"
},
{
"name" : "24204",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24204"
"name": "20060326 nuked-klan<=1.7.5 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428895/100/0/threaded"
},
{
"name" : "19382",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19382"
"name": "24204",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24204"
},
{
"name" : "632",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/632"
"name": "17233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17233"
},
{
"name" : "nuked-klan-calendar-sql-injection(25446)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25446"
"name": "nuked-klan-calendar-sql-injection(25446)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25446"
}
]
}

92
2006/1xxx/CVE-2006-1601.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1601",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1601",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors."
"lang": "eng",
"value": "Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "102278",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102278-1"
"name": "17313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17313"
},
{
"name" : "17313",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17313"
"name": "1015849",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015849"
},
{
"name" : "ADV-2006-1175",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1175"
"name": "102278",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102278-1"
},
{
"name" : "1015849",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015849"
"name": "suncluster-sunplex-information-disclosure(25543)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25543"
},
{
"name" : "19444",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19444"
"name": "19444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19444"
},
{
"name" : "suncluster-sunplex-information-disclosure(25543)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25543"
"name": "ADV-2006-1175",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1175"
}
]
}

92
2006/5xxx/CVE-2006-5317.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5317",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5317",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in eboli allows remote attackers to execute arbitrary PHP code via a URL in the contentSpecial parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in eboli allows remote attackers to execute arbitrary PHP code via a URL in the contentSpecial parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061007 7 php scripts File Inclusion / Source disclosure Vuln",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448096/100/0/threaded"
"name": "1734",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1734"
},
{
"name" : "http://acid-root.new.fr/poc/13061007.txt",
"refsource" : "MISC",
"url" : "http://acid-root.new.fr/poc/13061007.txt"
"name": "http://acid-root.new.fr/poc/13061007.txt",
"refsource": "MISC",
"url": "http://acid-root.new.fr/poc/13061007.txt"
},
{
"name" : "2504",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2504"
"name": "20429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20429"
},
{
"name" : "20429",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20429"
"name": "eboli-index-file-inclide(29442)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29442"
},
{
"name" : "1734",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1734"
"name": "20061007 7 php scripts File Inclusion / Source disclosure Vuln",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448096/100/0/threaded"
},
{
"name" : "eboli-index-file-inclide(29442)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29442"
"name": "2504",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2504"
}
]
}

110
2006/5xxx/CVE-2006-5361.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5361",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5361",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
"name": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
"name": "20588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20588"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
},
{
"name" : "TA06-291A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
},
{
"name" : "20588",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20588"
"name": "ADV-2006-4065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4065"
},
{
"name" : "ADV-2006-4065",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4065"
"name": "22396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22396"
},
{
"name" : "1017077",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017077"
"name": "1017077",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017077"
},
{
"name" : "22396",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22396"
"name": "TA06-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
}
]
}

104
2006/5xxx/CVE-2006-5425.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5425",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5425",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field."
"lang": "eng",
"value": "XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061018 [MU-200610-01] Denial of Service in XORP OSPFv2",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=116115975806681&w=2"
"name": "22462",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22462"
},
{
"name" : "http://labs.musecurity.com/advisories/MU-200610-01.txt",
"refsource" : "MISC",
"url" : "http://labs.musecurity.com/advisories/MU-200610-01.txt"
"name": "http://www.xorp.org/advisories/XORP_SA_06:01.ospf.txt",
"refsource": "CONFIRM",
"url": "http://www.xorp.org/advisories/XORP_SA_06:01.ospf.txt"
},
{
"name" : "http://www.xorp.org/advisories/XORP_SA_06:01.ospf.txt",
"refsource" : "CONFIRM",
"url" : "http://www.xorp.org/advisories/XORP_SA_06:01.ospf.txt"
"name": "20597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20597"
},
{
"name" : "20597",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20597"
"name": "20061018 [MU-200610-01] Denial of Service in XORP OSPFv2",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=116115975806681&w=2"
},
{
"name" : "ADV-2006-4107",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4107"
"name": "http://labs.musecurity.com/advisories/MU-200610-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200610-01.txt"
},
{
"name" : "1017079",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017079"
"name": "xorp-lsa-dos(29658)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29658"
},
{
"name" : "22462",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22462"
"name": "1017079",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017079"
},
{
"name" : "xorp-lsa-dos(29658)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29658"
"name": "ADV-2006-4107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4107"
}
]
}

22
2006/5xxx/CVE-2006-5691.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5691",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-5691",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

68
2006/5xxx/CVE-2006-5913.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5913",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5913",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 allows remote attackers to (1) cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid, or (2) trigger a \"The webpage no longer exists\" report via a link to res://ieframe.dll/http_410.htm, a variant of CVE-2006-5805."
"lang": "eng",
"value": "Microsoft Internet Explorer 7 allows remote attackers to (1) cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid, or (2) trigger a \"The webpage no longer exists\" report via a link to res://ieframe.dll/http_410.htm, a variant of CVE-2006-5805."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061107 Re: IE7 website security certificate discrediting exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/450825/100/0/threaded"
"name": "20061107 Re: IE7 website security certificate discrediting exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450825/100/0/threaded"
},
{
"name" : "http://www.blogger.com/comment.g?blogID=15069726&postID=116257593427394541",
"refsource" : "MISC",
"url" : "http://www.blogger.com/comment.g?blogID=15069726&postID=116257593427394541"
"name": "http://www.blogger.com/comment.g?blogID=15069726&postID=116257593427394541",
"refsource": "MISC",
"url": "http://www.blogger.com/comment.g?blogID=15069726&postID=116257593427394541"
}
]
}

110
2007/2xxx/CVE-2007-2127.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2127",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2127",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application Object Library (APPS04), iStore (2) APPS05 and (3) APPS06, (4) iSupport (APPS07), (5) Trade Management (APPS09), (6) Applications Manager (APPS10), and (7) Oracle Report Manager (APPS03)."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application Object Library (APPS04), iStore (2) APPS05 and (3) APPS06, (4) iSupport (APPS07), (5) Trade Management (APPS09), (6) Applications Manager (APPS10), and (7) Oracle Report Manager (APPS03)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf",
"refsource" : "MISC",
"url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf"
"name": "TA07-108A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-108A.html"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html"
"name": "23532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23532"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
"name": "1017927",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017927"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
},
{
"name" : "TA07-108A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-108A.html"
"name": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html"
},
{
"name" : "23532",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23532"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
},
{
"name" : "ADV-2007-1426",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1426"
"name": "ADV-2007-1426",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1426"
},
{
"name" : "1017927",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017927"
"name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf",
"refsource": "MISC",
"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf"
}
]
}

266
2007/2xxx/CVE-2007-2444.json
View File

@ -1,231 +1,231 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2444",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2444",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user."
"lang": "eng",
"value": "Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070513 [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/468548/100/0/threaded"
"name": "GLSA-200705-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-15.xml"
},
{
"name" : "20070515 FLEA-2007-0017-1: samba",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/468670/100/0/threaded"
"name": "25289",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25289"
},
{
"name" : "http://www.samba.org/samba/security/CVE-2007-2444.html",
"refsource" : "CONFIRM",
"url" : "http://www.samba.org/samba/security/CVE-2007-2444.html"
"name": "ADV-2007-1805",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1805"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1366",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1366"
"name": "25772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25772"
},
{
"name" : "DSA-1291",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1291"
"name": "OpenPKG-SA-2007.012",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"
},
{
"name" : "GLSA-200705-15",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200705-15.xml"
"name": "SUSE-SA:2007:031",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"
},
{
"name" : "HPSBTU02218",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"
"name": "25270",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25270"
},
{
"name" : "SSRT071424",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"
"name": "20070515 FLEA-2007-0017-1: samba",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468670/100/0/threaded"
},
{
"name" : "MDKSA-2007:104",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"
"name": "ADV-2007-2281",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2281"
},
{
"name" : "OpenPKG-SA-2007.012",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"
"name": "ADV-2007-2210",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2210"
},
{
"name" : "SSA:2007-134-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"
"name": "HPSBTU02218",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"
},
{
"name" : "102964",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"
"name": "2007-0017",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0017/"
},
{
"name" : "200588",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"
"name": "1018049",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018049"
},
{
"name" : "SUSE-SA:2007:031",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html"
"name": "USN-460-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-460-1"
},
{
"name" : "2007-0017",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0017/"
"name": "2701",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2701"
},
{
"name" : "USN-460-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-460-1"
"name": "25241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25241"
},
{
"name" : "USN-460-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-460-2"
"name": "MDKSA-2007:104",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:104"
},
{
"name" : "23974",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23974"
"name": "25256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25256"
},
{
"name" : "34698",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34698"
"name": "https://issues.rpath.com/browse/RPL-1366",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1366"
},
{
"name" : "ADV-2007-1805",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1805"
"name": "25259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25259"
},
{
"name" : "ADV-2007-2210",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2210"
"name": "SSA:2007-134-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906"
},
{
"name" : "ADV-2007-2281",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2281"
"name": "102964",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1"
},
{
"name" : "1018049",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018049"
"name": "DSA-1291",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1291"
},
{
"name" : "25241",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25241"
"name": "20070513 [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468548/100/0/threaded"
},
{
"name" : "25246",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25246"
"name": "SSRT071424",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980"
},
{
"name" : "25256",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25256"
"name": "25232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25232"
},
{
"name" : "25232",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25232"
"name": "25251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25251"
},
{
"name" : "25251",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25251"
"name": "200588",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1"
},
{
"name" : "25270",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25270"
"name": "USN-460-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-460-2"
},
{
"name" : "25259",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25259"
"name": "25246",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25246"
},
{
"name" : "25255",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25255"
"name": "34698",
"refsource": "OSVDB",
"url": "http://osvdb.org/34698"
},
{
"name" : "25289",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25289"
"name": "25255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25255"
},
{
"name" : "25675",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25675"
"name": "http://www.samba.org/samba/security/CVE-2007-2444.html",
"refsource": "CONFIRM",
"url": "http://www.samba.org/samba/security/CVE-2007-2444.html"
},
{
"name" : "25772",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25772"
"name": "23974",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23974"
},
{
"name" : "2701",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2701"
"name": "25675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25675"
}
]
}

74
2010/0xxx/CVE-2010-0016.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0016",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-0016",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted response, aka \"SMB Client Pool Corruption Vulnerability.\""
"lang": "eng",
"value": "The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted response, aka \"SMB Client Pool Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-006",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-006"
"name": "oval:org.mitre.oval:def:8278",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8278"
},
{
"name" : "TA10-040A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
"name": "TA10-040A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name" : "oval:org.mitre.oval:def:8278",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8278"
"name": "MS10-006",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-006"
}
]
}

68
2010/0xxx/CVE-2010-0109.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0109",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0109",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request."
"lang": "eng",
"value": "DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20100420_00",
"refsource" : "CONFIRM",
"url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20100420_00"
"name": "38410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38410"
},
{
"name" : "38410",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38410"
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20100420_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20100420_00"
}
]
}

164
2010/0xxx/CVE-2010-0212.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0212",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2010-0212",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite."
"lang": "eng",
"value": "OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
"name": "1024221",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024221"
},
{
"name" : "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570",
"refsource" : "CONFIRM",
"url" : "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570"
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name" : "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4435"
"name": "GLSA-201406-36",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-36.xml"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0001.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
"name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570",
"refsource": "CONFIRM",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
"name": "ADV-2010-1858",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1858"
},
{
"name" : "APPLE-SA-2010-11-10-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name" : "GLSA-201406-36",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-36.xml"
"name": "ADV-2010-1849",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1849"
},
{
"name" : "RHSA-2010:0542",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0542.html"
"name": "41770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41770"
},
{
"name" : "SUSE-SR:2010:014",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
"name": "RHSA-2010:0542",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0542.html"
},
{
"name" : "41770",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41770"
"name": "40687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40687"
},
{
"name" : "1024221",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024221"
"name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"name" : "40639",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40639"
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name" : "40687",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40687"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
},
{
"name" : "42787",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42787"
"name": "40639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40639"
},
{
"name" : "ADV-2010-1849",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1849"
"name": "42787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42787"
},
{
"name" : "ADV-2010-1858",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1858"
"name": "ADV-2011-0025",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"name" : "ADV-2011-0025",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0025"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735"
}
]
}

128
2010/0xxx/CVE-2010-0556.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0556",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0556",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element."
"lang": "eng",
"value": "browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100216 Chrome Password Manager Cross Origin Weakness (CVE-2010-0556)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/509543/100/0/threaded"
"name": "38177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38177"
},
{
"name" : "http://www.vsecurity.com/advisory/20100215-1.txt",
"refsource" : "MISC",
"url" : "http://www.vsecurity.com/advisory/20100215-1.txt"
"name": "62319",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/62319"
},
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=32718",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=32718"
"name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource": "CONFIRM",
"url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
"name": "1023583",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023583"
},
{
"name" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource" : "CONFIRM",
"url" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
"name": "ADV-2010-0361",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0361"
},
{
"name" : "38177",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38177"
"name": "http://code.google.com/p/chromium/issues/detail?id=32718",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=32718"
},
{
"name" : "62319",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/62319"
"name": "oval:org.mitre.oval:def:14407",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14407"
},
{
"name" : "oval:org.mitre.oval:def:14407",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14407"
"name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
},
{
"name" : "1023583",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023583"
"name": "http://www.vsecurity.com/advisory/20100215-1.txt",
"refsource": "MISC",
"url": "http://www.vsecurity.com/advisory/20100215-1.txt"
},
{
"name" : "38545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38545"
"name": "googlechrome-dialogs-phishing(56216)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56216"
},
{
"name" : "ADV-2010-0361",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0361"
"name": "38545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38545"
},
{
"name" : "googlechrome-dialogs-phishing(56216)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56216"
"name": "20100216 Chrome Password Manager Cross Origin Weakness (CVE-2010-0556)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509543/100/0/threaded"
}
]
}

98
2010/0xxx/CVE-2010-0986.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0986",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-0986",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file."
"lang": "eng",
"value": "Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100512 Secunia Research: Adobe Shockwave Player Asset Entry Parsing Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/511264/100/0/threaded"
"name": "38751",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38751"
},
{
"name" : "http://secunia.com/secunia_research/2010-34/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2010-34/"
"name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
"name": "http://secunia.com/secunia_research/2010-34/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-34/"
},
{
"name" : "40086",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40086"
"name": "ADV-2010-1128",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1128"
},
{
"name" : "oval:org.mitre.oval:def:6967",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6967"
"name": "20100512 Secunia Research: Adobe Shockwave Player Asset Entry Parsing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511264/100/0/threaded"
},
{
"name" : "38751",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38751"
"name": "40086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40086"
},
{
"name" : "ADV-2010-1128",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1128"
"name": "oval:org.mitre.oval:def:6967",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6967"
}
]
}

62
2010/1xxx/CVE-2010-1355.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1355",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1355",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20(X5).pdf",
"refsource" : "CONFIRM",
"url" : "http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20(X5).pdf"
"name": "http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20(X5).pdf",
"refsource": "CONFIRM",
"url": "http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20(X5).pdf"
}
]
}

22
2010/3xxx/CVE-2010-3051.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3051",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3051",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2010/3xxx/CVE-2010-3121.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3121",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3121",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote attackers to execute arbitrary code via unspecified vectors."
"lang": "eng",
"value": "Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "VU#278785",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/278785"
"name": "VU#278785",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/278785"
}
]
}

188
2010/3xxx/CVE-2010-3652.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3652",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-3652",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650."
"lang": "eng",
"value": "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
"name": "ADV-2011-0192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name" : "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4435"
"name": "42183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42183"
},
{
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
"refsource" : "CONFIRM",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name" : "APPLE-SA-2010-11-10-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"name" : "GLSA-201101-09",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml"
"name": "43026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43026"
},
{
"name" : "HPSBMA02663",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
"name": "GLSA-201101-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name" : "SSRT100428",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
"name": "ADV-2010-2918",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"name" : "RHSA-2010:0829",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name" : "RHSA-2010:0834",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
"name": "44687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44687"
},
{
"name" : "RHSA-2010:0867",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
"name": "RHSA-2010:0834",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
},
{
"name" : "SUSE-SA:2010:055",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
"name": "SUSE-SA:2010:055",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"name" : "44687",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44687"
"name": "42926",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42926"
},
{
"name" : "oval:org.mitre.oval:def:11965",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11965"
"name": "SSRT100428",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
},
{
"name" : "oval:org.mitre.oval:def:15284",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15284"
"name": "ADV-2010-2903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"name" : "42183",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42183"
"name": "HPSBMA02663",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
},
{
"name" : "42926",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42926"
"name": "ADV-2011-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"name" : "43026",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43026"
"name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"name" : "ADV-2010-2903",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2903"
"name": "oval:org.mitre.oval:def:11965",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11965"
},
{
"name" : "ADV-2010-2906",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2906"
"name": "ADV-2010-2906",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name" : "ADV-2010-2918",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2918"
"name": "RHSA-2010:0867",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name" : "ADV-2011-0173",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0173"
"name": "oval:org.mitre.oval:def:15284",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15284"
},
{
"name" : "ADV-2011-0192",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0192"
"name": "RHSA-2010:0829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
}
]
}

224
2010/3xxx/CVE-2010-3709.json
View File

@ -1,196 +1,196 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3709",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3709",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive."
"lang": "eng",
"value": "The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference",
"refsource" : "SREASONRES",
"url" : "http://securityreason.com/achievement_securityalert/90"
"name": "ADV-2011-0077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0077"
},
{
"name" : "15431",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15431"
"name": "FEDORA-2010-19011",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html"
},
{
"name" : "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log",
"refsource" : "CONFIRM",
"url" : "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log"
"name": "42812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42812"
},
{
"name" : "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log",
"refsource" : "CONFIRM",
"url" : "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log"
"name": "HPSBOV02763",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
},
{
"name" : "http://www.php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php"
"name": "HPSBMA02662",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
},
{
"name" : "http://www.php.net/archive/2010.php#id2010-12-10-1",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/archive/2010.php#id2010-12-10-1"
"name": "MDVSA-2010:218",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218"
},
{
"name" : "http://www.php.net/releases/5_2_15.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_15.php"
"name": "20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/90"
},
{
"name" : "http://www.php.net/releases/5_3_4.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_3_4.php"
"name": "RHSA-2011:0195",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
},
{
"name" : "http://support.apple.com/kb/HT4581",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4581"
"name": "1024690",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024690"
},
{
"name" : "APPLE-SA-2011-03-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"name": "http://www.php.net/releases/5_3_4.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_3_4.php"
},
{
"name" : "FEDORA-2010-18976",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html"
"name": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log",
"refsource": "CONFIRM",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log"
},
{
"name" : "FEDORA-2010-19011",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html"
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name" : "HPSBMA02662",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
"name": "USN-1042-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1042-1"
},
{
"name" : "SSRT100409",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
"name": "15431",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15431"
},
{
"name" : "HPSBOV02763",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
"name": "ADV-2011-0021",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0021"
},
{
"name" : "SSRT100826",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name" : "MDVSA-2010:218",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218"
"name": "SSRT100826",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
},
{
"name" : "RHSA-2011:0195",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
"name": "SSA:2010-357-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619"
},
{
"name" : "SSA:2010-357-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619"
"name": "ADV-2010-3313",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3313"
},
{
"name" : "USN-1042-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1042-1"
"name": "http://www.php.net/archive/2010.php#id2010-12-10-1",
"refsource": "CONFIRM",
"url": "http://www.php.net/archive/2010.php#id2010-12-10-1"
},
{
"name" : "44718",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44718"
"name": "http://www.php.net/releases/5_2_15.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_15.php"
},
{
"name" : "1024690",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024690"
"name": "SSRT100409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
},
{
"name" : "42729",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42729"
"name": "FEDORA-2010-18976",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html"
},
{
"name" : "42812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42812"
"name": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log",
"refsource": "CONFIRM",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log"
},
{
"name" : "ADV-2010-3313",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3313"
"name": "ADV-2011-0020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0020"
},
{
"name" : "ADV-2011-0020",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0020"
"name": "42729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42729"
},
{
"name" : "ADV-2011-0021",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0021"
"name": "44718",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44718"
},
{
"name" : "ADV-2011-0077",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0077"
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}

80
2010/3xxx/CVE-2010-3742.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3742",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3742",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14672",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14672/"
"name": "14672",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14672/"
},
{
"name" : "http://packetstormsecurity.org/1008-exploits/freesimplesoftware-rfi.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1008-exploits/freesimplesoftware-rfi.txt"
"name": "41001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41001"
},
{
"name" : "67239",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/67239"
"name": "http://packetstormsecurity.org/1008-exploits/freesimplesoftware-rfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1008-exploits/freesimplesoftware-rfi.txt"
},
{
"name" : "41001",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41001"
"name": "67239",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67239"
}
]
}

98
2010/3xxx/CVE-2010-3842.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3842",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3842",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \\ (backslash) as a separator of path components within the Content-disposition HTTP header."
"lang": "eng",
"value": "Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \\ (backslash) as a separator of path components within the Content-disposition HTTP header."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20101013 CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/10/13/1"
"name": "http://curl.haxx.se/docs/adv_20101013.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20101013.html"
},
{
"name" : "[oss-security] 20101013 Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/10/13/5"
"name": "[oss-security] 20101013 Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/13/4"
},
{
"name" : "[oss-security] 20101013 Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/10/13/4"
"name": "[oss-security] 20101013 Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/13/5"
},
{
"name" : "http://curl.haxx.se/docs/adv_20101013.html",
"refsource" : "CONFIRM",
"url" : "http://curl.haxx.se/docs/adv_20101013.html"
"name": "1024583",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024583"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=642642",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=642642"
"name": "39532",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39532"
},
{
"name" : "1024583",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024583"
"name": "[oss-security] 20101013 CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/13/1"
},
{
"name" : "39532",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39532"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=642642",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642642"
}
]
}

22
2010/4xxx/CVE-2010-4004.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4004",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4004",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2010/4xxx/CVE-2010-4299.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4299",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4299",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400."
"lang": "eng",
"value": "Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20101107 ZDI-10-230: Novell ZENworks Handheld Management ZfHIPCND.exe Remote Code Execution Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=128916914213292&w=2"
"name": "20101107 ZDI-10-230: Novell ZENworks Handheld Management ZfHIPCND.exe Remote Code Execution Vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=128916914213292&w=2"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-230/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-230/"
"name": "http://www.novell.com/support/viewContent.do?externalId=7007135",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7007135"
},
{
"name" : "http://www.novell.com/support/viewContent.do?externalId=7007135",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7007135"
"name": "1024691",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024691"
},
{
"name" : "1024691",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024691"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-230/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-230/"
},
{
"name" : "42130",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42130"
"name": "42130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42130"
}
]
}

62
2010/4xxx/CVE-2010-4938.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4938",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4938",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42455",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42455"
"name": "42455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42455"
}
]
}

128
2014/0xxx/CVE-2014-0101.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0101",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0101",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
"lang": "eng",
"value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/03/04/6"
"name": "65943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65943"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec0223ec48a90cb605244b45f7c62de856403729",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec0223ec48a90cb605244b45f7c62de856403729"
"name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html",
"refsource": "CONFIRM",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1070705",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
"name": "RHSA-2014:0328",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
},
{
"name" : "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
"name": "USN-2173-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2173-1"
},
{
"name" : "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html",
"refsource" : "CONFIRM",
"url" : "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec0223ec48a90cb605244b45f7c62de856403729",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"name" : "RHSA-2014:0328",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
"name": "RHSA-2014:0432",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
},
{
"name" : "RHSA-2014:0419",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
"name": "USN-2174-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2174-1"
},
{
"name" : "RHSA-2014:0432",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
"name": "RHSA-2014:0419",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
},
{
"name" : "USN-2173-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2173-1"
"name": "59216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59216"
},
{
"name" : "USN-2174-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2174-1"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
},
{
"name" : "65943",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65943"
"name": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"name" : "59216",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59216"
"name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
}
]
}

122
2014/0xxx/CVE-2014-0203.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0203",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0203",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call."
"lang": "eng",
"value": "The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=86acdca1b63e6890540fa19495cfc708beff3d8b",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=86acdca1b63e6890540fa19495cfc708beff3d8b"
"name": "59262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59262"
},
{
"name" : "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33",
"refsource" : "CONFIRM",
"url" : "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33"
"name": "68125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68125"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094363",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094363"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=86acdca1b63e6890540fa19495cfc708beff3d8b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=86acdca1b63e6890540fa19495cfc708beff3d8b"
},
{
"name" : "https://github.com/torvalds/linux/commit/86acdca1b63e6890540fa19495cfc708beff3d8b",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/86acdca1b63e6890540fa19495cfc708beff3d8b"
"name": "59309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59309"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-0771.html"
"name": "59406",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59406"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-3043.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-3043.html"
"name": "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33",
"refsource": "CONFIRM",
"url": "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33"
},
{
"name" : "68125",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68125"
"name": "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"name" : "59309",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59309"
"name": "59560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59560"
},
{
"name" : "59262",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59262"
"name": "http://linux.oracle.com/errata/ELSA-2014-3043.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3043.html"
},
{
"name" : "59406",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59406"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094363",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094363"
},
{
"name" : "59560",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59560"
"name": "https://github.com/torvalds/linux/commit/86acdca1b63e6890540fa19495cfc708beff3d8b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/86acdca1b63e6890540fa19495cfc708beff3d8b"
}
]
}

22
2014/0xxx/CVE-2014-0799.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0799",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0799",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

110
2014/4xxx/CVE-2014-4236.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4236",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4236",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
"name": "56910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56910"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689484",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689484"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689484",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689484"
"name": "68633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68633"
},
{
"name" : "68633",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68633"
"name": "1030576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030576"
},
{
"name" : "1030576",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030576"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "56910",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56910"
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "62196",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62196"
"name": "62196",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62196"
}
]
}

22
2014/4xxx/CVE-2014-4500.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4500",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4500",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

122
2014/8xxx/CVE-2014-8096.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8096",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8096",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value."
"lang": "eng",
"value": "The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/",
"refsource" : "CONFIRM",
"url" : "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
"name": "DSA-3095",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3095"
},
{
"name" : "http://advisories.mageia.org/MGASA-2014-0532.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2014-0532.html"
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
"name": "http://advisories.mageia.org/MGASA-2014-0532.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0532.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
"name": "GLSA-201504-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-06"
},
{
"name" : "DSA-3095",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3095"
"name": "62292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62292"
},
{
"name" : "GLSA-201504-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-06"
"name": "71598",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71598"
},
{
"name" : "MDVSA-2015:119",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:119"
"name": "MDVSA-2015:119",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:119"
},
{
"name" : "71598",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71598"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"name" : "62292",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62292"
"name": "61947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61947"
},
{
"name" : "61947",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61947"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}

22
2014/8xxx/CVE-2014-8182.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8182",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8182",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2014/8xxx/CVE-2014-8705.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8705",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8705",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote attackers to execute arbitrary PHP code via a URL in the hook parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote attackers to execute arbitrary PHP code via a URL in the hook parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://rossmarks.uk/portfolio.php",
"refsource" : "MISC",
"url" : "http://rossmarks.uk/portfolio.php"
"name": "http://rossmarks.uk/portfolio.php",
"refsource": "MISC",
"url": "http://rossmarks.uk/portfolio.php"
},
{
"name" : "http://rossmarks.uk/whitepapers/wonder_cms_2014.txt",
"refsource" : "MISC",
"url" : "http://rossmarks.uk/whitepapers/wonder_cms_2014.txt"
"name": "http://rossmarks.uk/whitepapers/wonder_cms_2014.txt",
"refsource": "MISC",
"url": "http://rossmarks.uk/whitepapers/wonder_cms_2014.txt"
}
]
}

212
2014/9xxx/CVE-2014-9420.json
View File

@ -1,186 +1,186 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9420",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9420",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image."
"lang": "eng",
"value": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20141225 Re: CVE Request Linux kernel: fs: isofs: infinite loop in CE records",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/12/25/4"
"name": "FEDORA-2015-0517",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f54e18f1b831c92f6512d2eedb224cd63d607d3d"
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1175235",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1175235"
"name": "USN-2515-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2515-1"
},
{
"name" : "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d"
"name": "USN-2491-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2491-1"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name": "SUSE-SU-2015:0736",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
},
{
"name" : "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
"name": "USN-2490-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2490-1"
},
{
"name" : "FEDORA-2015-0515",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html"
"name": "USN-2492-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2492-1"
},
{
"name" : "FEDORA-2015-0517",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html"
"name": "SUSE-SU-2015:0652",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
},
{
"name" : "MDVSA-2015:058",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f54e18f1b831c92f6512d2eedb224cd63d607d3d"
},
{
"name" : "RHSA-2015:1081",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1081.html"
"name": "62801",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62801"
},
{
"name" : "RHSA-2015:1137",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1137.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name" : "RHSA-2015:1138",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1138.html"
"name": "SUSE-SU-2015:0178",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
},
{
"name" : "SUSE-SU-2015:0178",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
"name": "RHSA-2015:1138",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1138.html"
},
{
"name" : "SUSE-SU-2015:0652",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
"name": "USN-2518-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2518-1"
},
{
"name" : "SUSE-SU-2015:0812",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
"name": "MDVSA-2015:058",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
},
{
"name" : "SUSE-SU-2015:0736",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
"name": "FEDORA-2015-0515",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html"
},
{
"name" : "openSUSE-SU-2015:0714",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
"name": "USN-2493-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2493-1"
},
{
"name" : "USN-2490-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2490-1"
"name": "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d"
},
{
"name" : "USN-2492-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2492-1"
"name": "USN-2517-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2517-1"
},
{
"name" : "USN-2493-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2493-1"
"name": "openSUSE-SU-2015:0714",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
},
{
"name" : "USN-2515-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2515-1"
"name": "USN-2516-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2516-1"
},
{
"name" : "USN-2516-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2516-1"
"name": "RHSA-2015:1137",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1137.html"
},
{
"name" : "USN-2517-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2517-1"
"name": "[oss-security] 20141225 Re: CVE Request Linux kernel: fs: isofs: infinite loop in CE records",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/25/4"
},
{
"name" : "USN-2518-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2518-1"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235"
},
{
"name" : "USN-2491-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2491-1"
"name": "RHSA-2015:1081",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1081.html"
},
{
"name" : "62801",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62801"
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
}
]
}

122
2014/9xxx/CVE-2014-9495.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9495",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9495",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
"lang": "eng",
"value": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/04/3"
"name": "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
},
{
"name" : "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
"refsource" : "MLIST",
"url" : "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
"name": "71820",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71820"
},
{
"name" : "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/10/1"
"name": "APPLE-SA-2016-03-21-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name" : "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/10/3"
"name": "https://support.apple.com/HT206167",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206167"
},
{
"name" : "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
"refsource" : "MLIST",
"url" : "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
"name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
"refsource": "MLIST",
"url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
},
{
"name" : "https://support.apple.com/HT206167",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206167"
"name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name" : "APPLE-SA-2016-03-21-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
"name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
},
{
"name" : "71820",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71820"
"name": "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
"refsource": "MLIST",
"url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
},
{
"name" : "1031444",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031444"
"name": "1031444",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031444"
},
{
"name" : "62725",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62725"
"name": "62725",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62725"
}
]
}

74
2014/9xxx/CVE-2014-9515.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9515",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9515",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object."
"lang": "eng",
"value": "Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/pentestingforfunandprofit/research/tree/master/dozer-rce",
"refsource" : "MISC",
"url" : "https://github.com/pentestingforfunandprofit/research/tree/master/dozer-rce"
"name": "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf",
"refsource": "MISC",
"url": "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf"
},
{
"name" : "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf",
"refsource" : "MISC",
"url" : "https://infocon.org/cons/SyScan/SyScan%202015%20Singapore/SyScan%202015%20Singapore%20presentations/SyScan15%20David%20Jorm%20-%20Finding%20and%20exploiting%20novel%20flaws%20in%20Java%20software.pdf"
"name": "https://github.com/DozerMapper/dozer/issues/217",
"refsource": "CONFIRM",
"url": "https://github.com/DozerMapper/dozer/issues/217"
},
{
"name" : "https://github.com/DozerMapper/dozer/issues/217",
"refsource" : "CONFIRM",
"url" : "https://github.com/DozerMapper/dozer/issues/217"
"name": "https://github.com/pentestingforfunandprofit/research/tree/master/dozer-rce",
"refsource": "MISC",
"url": "https://github.com/pentestingforfunandprofit/research/tree/master/dozer-rce"
}
]
}

86
2014/9xxx/CVE-2014-9747.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9747",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-9747",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font."
"lang": "eng",
"value": "The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/09/11/4"
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"name" : "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/09/25/4"
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name" : "https://savannah.nongnu.org/bugs/?41309",
"refsource" : "MISC",
"url" : "https://savannah.nongnu.org/bugs/?41309"
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"name" : "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1",
"refsource" : "CONFIRM",
"url" : "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
"name": "https://savannah.nongnu.org/bugs/?41309",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name" : "DSA-3370",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3370"
"name": "DSA-3370",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3370"
}
]
}

92
2014/9xxx/CVE-2014-9852.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9852",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9852",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors."
"lang": "eng",
"value": "distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13"
"name": "openSUSE-SU-2016:1833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
},
{
"name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563",
"refsource" : "CONFIRM",
"url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343512",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343512"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343512",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343512"
"name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
},
{
"name" : "SUSE-SU-2016:1784",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
"name": "openSUSE-SU-2016:1748",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
},
{
"name" : "openSUSE-SU-2016:1748",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
"name": "SUSE-SU-2016:1784",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
},
{
"name" : "openSUSE-SU-2016:1833",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
"name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563",
"refsource": "CONFIRM",
"url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563"
}
]
}

80
2016/2xxx/CVE-2016-2327.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2327",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2327",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions."
"lang": "eng",
"value": "libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971"
},
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589"
},
{
"name" : "GLSA-201606-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-09"
"name": "1035010",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035010"
},
{
"name" : "1035010",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035010"
"name": "GLSA-201606-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-09"
}
]
}

104
2016/2xxx/CVE-2016-2858.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2858",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-2858",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption."
"lang": "eng",
"value": "QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160304 CVE request Qemu: rng-random: arbitrary stack based allocation leading to corruption",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/03/04/1"
"name": "[oss-security] 20160306 Re: CVE request Qemu: rng-random: arbitrary stack based allocation leading to corruption",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/4"
},
{
"name" : "[oss-security] 20160306 Re: CVE request Qemu: rng-random: arbitrary stack based allocation leading to corruption",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/03/07/4"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1314676",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314676"
},
{
"name" : "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
"name": "http://git.qemu.org/?p=qemu.git;a=commit;h=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956"
},
{
"name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956",
"refsource" : "CONFIRM",
"url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956"
"name": "GLSA-201604-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-01"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1314676",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1314676"
"name": "84134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84134"
},
{
"name" : "GLSA-201604-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-01"
"name": "USN-2974-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"name" : "USN-2974-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2974-1"
"name": "[oss-security] 20160304 CVE request Qemu: rng-random: arbitrary stack based allocation leading to corruption",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/04/1"
},
{
"name" : "84134",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84134"
"name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
}
]
}

68
2016/3xxx/CVE-2016-3124.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3124",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3124",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors."
"lang": "eng",
"value": "The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://simplesamlphp.org/security/201603-01",
"refsource" : "CONFIRM",
"url" : "https://simplesamlphp.org/security/201603-01"
"name": "96134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96134"
},
{
"name" : "96134",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96134"
"name": "https://simplesamlphp.org/security/201603-01",
"refsource": "CONFIRM",
"url": "https://simplesamlphp.org/security/201603-01"
}
]
}

80
2016/3xxx/CVE-2016-3451.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3451",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3451",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web."
"lang": "eng",
"value": "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name": "1036408",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036408"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "92022",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92022"
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name" : "1036408",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036408"
"name": "92022",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92022"
}
]
}

80
2016/3xxx/CVE-2016-3556.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3556",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3556",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to EM Integration."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to EM Integration."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
"name": "91941",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91941"
},
{
"name" : "91941",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91941"
"name": "1036402",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036402"
},
{
"name" : "1036402",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036402"
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}

68
2016/3xxx/CVE-2016-3694.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3694",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3694",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to api/easybill/easybillcsv.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to api/easybill/easybillcsv.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "39710",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39710/"
"name": "http://packetstormsecurity.com/files/136734/modified-eCommerce-2.0.0.0-Rev-9678-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136734/modified-eCommerce-2.0.0.0-Rev-9678-SQL-Injection.html"
},
{
"name" : "http://packetstormsecurity.com/files/136734/modified-eCommerce-2.0.0.0-Rev-9678-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/136734/modified-eCommerce-2.0.0.0-Rev-9678-SQL-Injection.html"
"name": "39710",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39710/"
}
]
}

74
2016/3xxx/CVE-2016-3865.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3865",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3865",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389."
"lang": "eng",
"value": "The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-09-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-09-01.html"
"name": "http://source.android.com/security/bulletin/2016-09-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-09-01.html"
},
{
"name" : "92871",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92871"
"name": "1036763",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036763"
},
{
"name" : "1036763",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036763"
"name": "92871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92871"
}
]
}

84
2016/6xxx/CVE-2016-6018.json
View File

@ -1,84 +1,84 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-07-17T00:00:00",
"ID" : "CVE-2016-6018",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-07-17T00:00:00",
"ID": "CVE-2016-6018",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Emptoris Contract Management",
"version" : {
"version_data" : [
"product_name": "Emptoris Contract Management",
"version": {
"version_data": [
{
"version_value" : "10.0.0.0"
"version_value": "10.0.0.0"
},
{
"version_value" : "10.0.1.0"
"version_value": "10.0.1.0"
},
{
"version_value" : "10.0.2.0"
"version_value": "10.0.2.0"
},
{
"version_value" : "10.0.4.0"
"version_value": "10.0.4.0"
},
{
"version_value" : "10.1.0"
"version_value": "10.1.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738."
"lang": "eng",
"value": "IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/116738",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/116738"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116738",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116738"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22005664",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22005664"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005664",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005664"
},
{
"name" : "99624",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99624"
"name": "99624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99624"
}
]
}

22
2016/6xxx/CVE-2016-6221.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6221",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6221",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/6xxx/CVE-2016-6437.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"ID" : "CVE-2016-6437",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6437",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cisco Wide Area Application Services (WAAS) before 5.3(5g)1 and 6.x before 6.2(2.32)",
"version" : {
"version_data" : [
"product_name": "Cisco Wide Area Application Services (WAAS) before 5.3(5g)1 and 6.x before 6.2(2.32)",
"version": {
"version_data": [
{
"version_value" : "Cisco Wide Area Application Services (WAAS) before 5.3(5g)1 and 6.x before 6.2(2.32)"
"version_value": "Cisco Wide Area Application Services (WAAS) before 5.3(5g)1 and 6.x before 6.2(2.32)"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32)."
"lang": "eng",
"value": "A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "unspecified"
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas",
"refsource" : "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas"
"name": "1037002",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037002"
},
{
"name" : "93524",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93524"
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas"
},
{
"name" : "1037002",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037002"
"name": "93524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93524"
}
]
}

86
2016/6xxx/CVE-2016-6906.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6906",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6906",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer."
"lang": "eng",
"value": "The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md",
"refsource" : "CONFIRM",
"url" : "https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md"
"name": "https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md"
},
{
"name" : "https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558",
"refsource" : "CONFIRM",
"url" : "https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558"
"name": "https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558",
"refsource": "CONFIRM",
"url": "https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558"
},
{
"name" : "https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415",
"refsource" : "CONFIRM",
"url" : "https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415"
"name": "DSA-3777",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3777"
},
{
"name" : "DSA-3777",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3777"
"name": "https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415",
"refsource": "CONFIRM",
"url": "https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415"
},
{
"name" : "96503",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96503"
"name": "96503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96503"
}
]
}

80
2016/7xxx/CVE-2016-7148.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7148",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7148",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "MoinMoin 1.9.8 allows remote attackers to conduct \"JavaScript injection\" attacks by using the \"page creation\" approach, related to a \"Cross Site Scripting (XSS)\" issue affecting the action=AttachFile (via page name) component."
"lang": "eng",
"value": "MoinMoin 1.9.8 allows remote attackers to conduct \"JavaScript injection\" attacks by using the \"page creation\" approach, related to a \"Cross Site Scripting (XSS)\" issue affecting the action=AttachFile (via page name) component."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html",
"refsource" : "MISC",
"url" : "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html"
"name": "USN-3137-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3137-1"
},
{
"name" : "DSA-3715",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3715"
"name": "94259",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94259"
},
{
"name" : "USN-3137-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3137-1"
"name": "DSA-3715",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3715"
},
{
"name" : "94259",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94259"
"name": "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html",
"refsource": "MISC",
"url": "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html"
}
]
}

80
2016/7xxx/CVE-2016-7227.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2016-7227",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-7227",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka \"Microsoft Browser Information Disclosure Vulnerability.\""
"lang": "eng",
"value": "The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka \"Microsoft Browser Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-129",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129"
"name": "MS16-129",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129"
},
{
"name" : "MS16-142",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142"
"name": "MS16-142",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142"
},
{
"name" : "94065",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94065"
"name": "94065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94065"
},
{
"name" : "1037245",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037245"
"name": "1037245",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037245"
}
]
}

116
2016/7xxx/CVE-2016-7418.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7418",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7418",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call."
"lang": "eng",
"value": "The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/15/10"
"name": "https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1",
"refsource": "CONFIRM",
"url": "https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1"
},
{
"name" : "http://www.php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php"
"name": "http://www.php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"name" : "http://www.php.net/ChangeLog-7.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-7.php"
"name": "GLSA-201611-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name" : "https://bugs.php.net/bug.php?id=73065",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=73065"
"name": "1036836",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"name" : "https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1",
"refsource" : "CONFIRM",
"url" : "https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1"
"name": "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"name" : "https://www.tenable.com/security/tns-2016-19",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2016-19"
"name": "RHSA-2018:1296",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"name" : "GLSA-201611-22",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-22"
"name": "93011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93011"
},
{
"name" : "RHSA-2018:1296",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1296"
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name" : "93011",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93011"
"name": "https://www.tenable.com/security/tns-2016-19",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-19"
},
{
"name" : "1036836",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036836"
"name": "https://bugs.php.net/bug.php?id=73065",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=73065"
}
]
}

22
2016/7xxx/CVE-2016-7920.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7920",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7920",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}