From 79106560c4295b48a44c80ed3b527c75f2947cfe Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:41:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2001/1xxx/CVE-2001-1410.json | 200 ++++++++--------- 2006/2xxx/CVE-2006-2378.json | 260 +++++++++++----------- 2006/2xxx/CVE-2006-2725.json | 190 ++++++++-------- 2006/2xxx/CVE-2006-2803.json | 170 +++++++-------- 2006/2xxx/CVE-2006-2855.json | 160 +++++++------- 2006/2xxx/CVE-2006-2974.json | 150 ++++++------- 2006/3xxx/CVE-2006-3351.json | 160 +++++++------- 2006/3xxx/CVE-2006-3560.json | 180 +++++++-------- 2006/3xxx/CVE-2006-3680.json | 190 ++++++++-------- 2006/3xxx/CVE-2006-3863.json | 34 +-- 2006/6xxx/CVE-2006-6196.json | 170 +++++++-------- 2006/6xxx/CVE-2006-6309.json | 150 ++++++------- 2006/6xxx/CVE-2006-6810.json | 200 ++++++++--------- 2006/7xxx/CVE-2006-7203.json | 340 ++++++++++++++--------------- 2006/7xxx/CVE-2006-7211.json | 150 ++++++------- 2011/0xxx/CVE-2011-0430.json | 180 +++++++-------- 2011/0xxx/CVE-2011-0756.json | 130 +++++------ 2011/0xxx/CVE-2011-0879.json | 130 +++++------ 2011/0xxx/CVE-2011-0904.json | 340 ++++++++++++++--------------- 2011/2xxx/CVE-2011-2424.json | 200 ++++++++--------- 2011/2xxx/CVE-2011-2517.json | 170 +++++++-------- 2011/3xxx/CVE-2011-3825.json | 140 ++++++------ 2011/3xxx/CVE-2011-3837.json | 150 ++++++------- 2011/3xxx/CVE-2011-3911.json | 140 ++++++------ 2011/4xxx/CVE-2011-4018.json | 34 +-- 2011/4xxx/CVE-2011-4245.json | 120 +++++----- 2011/4xxx/CVE-2011-4724.json | 34 +-- 2011/4xxx/CVE-2011-4990.json | 34 +-- 2011/4xxx/CVE-2011-4996.json | 34 +-- 2013/1xxx/CVE-2013-1085.json | 140 ++++++------ 2013/1xxx/CVE-2013-1374.json | 170 +++++++-------- 2013/5xxx/CVE-2013-5281.json | 34 +-- 2013/5xxx/CVE-2013-5368.json | 34 +-- 2013/5xxx/CVE-2013-5440.json | 140 ++++++------ 2014/2xxx/CVE-2014-2501.json | 34 +-- 2014/2xxx/CVE-2014-2589.json | 180 +++++++-------- 2014/2xxx/CVE-2014-2713.json | 130 +++++------ 2014/2xxx/CVE-2014-2831.json | 34 +-- 2014/6xxx/CVE-2014-6039.json | 34 +-- 2014/6xxx/CVE-2014-6307.json | 34 +-- 2014/6xxx/CVE-2014-6308.json | 160 +++++++------- 2014/6xxx/CVE-2014-6525.json | 130 +++++------ 2014/6xxx/CVE-2014-6915.json | 34 +-- 2017/0xxx/CVE-2017-0013.json | 34 +-- 2017/0xxx/CVE-2017-0262.json | 130 +++++------ 2017/0xxx/CVE-2017-0970.json | 34 +-- 2017/0xxx/CVE-2017-0994.json | 34 +-- 2017/1000xxx/CVE-2017-1000167.json | 34 +-- 2017/1000xxx/CVE-2017-1000508.json | 134 ++++++------ 2017/18xxx/CVE-2017-18000.json | 34 +-- 2017/18xxx/CVE-2017-18127.json | 132 +++++------ 2017/1xxx/CVE-2017-1295.json | 232 ++++++++++---------- 2017/1xxx/CVE-2017-1457.json | 142 ++++++------ 2017/1xxx/CVE-2017-1521.json | 140 ++++++------ 2017/1xxx/CVE-2017-1589.json | 34 +-- 2017/1xxx/CVE-2017-1987.json | 34 +-- 2017/4xxx/CVE-2017-4164.json | 34 +-- 2017/4xxx/CVE-2017-4795.json | 34 +-- 2017/4xxx/CVE-2017-4904.json | 214 +++++++++--------- 2017/5xxx/CVE-2017-5864.json | 34 +-- 60 files changed, 3646 insertions(+), 3646 deletions(-) diff --git a/2001/1xxx/CVE-2001-1410.json b/2001/1xxx/CVE-2001-1410.json index 2f453caaec7..21bbf4aca76 100644 --- a/2001/1xxx/CVE-2001-1410.json +++ b/2001/1xxx/CVE-2001-1410.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011021 Javascript in IE may spoof the whole screen", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/221883" - }, - { - "name" : "http://www.guninski.com/popspoof.html", - "refsource" : "MISC", - "url" : "http://www.guninski.com/popspoof.html" - }, - { - "name" : "20030713 IE chromeless window vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105820229407274&w=2" - }, - { - "name" : "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/", - "refsource" : "MISC", - "url" : "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/" - }, - { - "name" : "20030715 Internet Explorer Full-Screen mode threats", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105829174431769&w=2" - }, - { - "name" : "http://www.systemintegra.com/ie-fullscreen/", - "refsource" : "MISC", - "url" : "http://www.systemintegra.com/ie-fullscreen/" - }, - { - "name" : "VU#490708", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/490708" - }, - { - "name" : "ie-javascript-spoof-dialog(7313)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7313" - }, - { - "name" : "3469", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3469" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20030713 IE chromeless window vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105820229407274&w=2" + }, + { + "name": "ie-javascript-spoof-dialog(7313)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7313" + }, + { + "name": "3469", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3469" + }, + { + "name": "20030715 Internet Explorer Full-Screen mode threats", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105829174431769&w=2" + }, + { + "name": "http://www.systemintegra.com/ie-fullscreen/", + "refsource": "MISC", + "url": "http://www.systemintegra.com/ie-fullscreen/" + }, + { + "name": "VU#490708", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/490708" + }, + { + "name": "20011021 Javascript in IE may spoof the whole screen", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/221883" + }, + { + "name": "http://www.guninski.com/popspoof.html", + "refsource": "MISC", + "url": "http://www.guninski.com/popspoof.html" + }, + { + "name": "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/", + "refsource": "MISC", + "url": "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2378.json b/2006/2xxx/CVE-2006-2378.json index 8cef6366459..fbdde6f1b5e 100644 --- a/2006/2xxx/CVE-2006-2378.json +++ b/2006/2xxx/CVE-2006-2378.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2378", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2006-2378", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060613 Microsoft Internet Explorer ART File Heap Corruption Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407" - }, - { - "name" : "MS06-022", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022" - }, - { - "name" : "TA06-164A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" - }, - { - "name" : "VU#923236", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/923236" - }, - { - "name" : "18394", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18394" - }, - { - "name" : "ADV-2006-2320", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2320" - }, - { - "name" : "26432", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26432" - }, - { - "name" : "oval:org.mitre.oval:def:1590", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1590" - }, - { - "name" : "oval:org.mitre.oval:def:1640", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1640" - }, - { - "name" : "oval:org.mitre.oval:def:1668", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1668" - }, - { - "name" : "oval:org.mitre.oval:def:1756", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1756" - }, - { - "name" : "oval:org.mitre.oval:def:1866", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1866" - }, - { - "name" : "1016292", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016292" - }, - { - "name" : "20605", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20605" - }, - { - "name" : "win-art-image-bo(26809)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26809" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "win-art-image-bo(26809)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26809" + }, + { + "name": "oval:org.mitre.oval:def:1640", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1640" + }, + { + "name": "26432", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26432" + }, + { + "name": "oval:org.mitre.oval:def:1756", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1756" + }, + { + "name": "oval:org.mitre.oval:def:1668", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1668" + }, + { + "name": "TA06-164A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" + }, + { + "name": "20605", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20605" + }, + { + "name": "MS06-022", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022" + }, + { + "name": "VU#923236", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/923236" + }, + { + "name": "18394", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18394" + }, + { + "name": "20060613 Microsoft Internet Explorer ART File Heap Corruption Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407" + }, + { + "name": "ADV-2006-2320", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2320" + }, + { + "name": "oval:org.mitre.oval:def:1866", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1866" + }, + { + "name": "1016292", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016292" + }, + { + "name": "oval:org.mitre.oval:def:1590", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1590" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2725.json b/2006/2xxx/CVE-2006-2725.json index b3ce3ea9bf7..fc72b971054 100644 --- a/2006/2xxx/CVE-2006-2725.json +++ b/2006/2xxx/CVE-2006-2725.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060528 Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435284/100/0/threaded" - }, - { - "name" : "20060529 RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435300/100/0/threaded" - }, - { - "name" : "http://www.nukedx.com/?getxpl=36", - "refsource" : "MISC", - "url" : "http://www.nukedx.com/?getxpl=36" - }, - { - "name" : "http://www.nukedx.com/?viewdoc=36", - "refsource" : "MISC", - "url" : "http://www.nukedx.com/?viewdoc=36" - }, - { - "name" : "18140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18140" - }, - { - "name" : "ADV-2006-2030", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2030" - }, - { - "name" : "20352", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20352" - }, - { - "name" : "eggblog-posts-sql-injection(26832)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26832" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060528 Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435284/100/0/threaded" + }, + { + "name": "http://www.nukedx.com/?viewdoc=36", + "refsource": "MISC", + "url": "http://www.nukedx.com/?viewdoc=36" + }, + { + "name": "http://www.nukedx.com/?getxpl=36", + "refsource": "MISC", + "url": "http://www.nukedx.com/?getxpl=36" + }, + { + "name": "20352", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20352" + }, + { + "name": "ADV-2006-2030", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2030" + }, + { + "name": "eggblog-posts-sql-injection(26832)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26832" + }, + { + "name": "18140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18140" + }, + { + "name": "20060529 RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435300/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2803.json b/2006/2xxx/CVE-2006-2803.json index 8b442ef0de4..24544fc5b4f 100644 --- a/2006/2xxx/CVE-2006-2803.json +++ b/2006/2xxx/CVE-2006-2803.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2803", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2803", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060602 PHP ManualMaker v1.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435717/100/0/threaded" - }, - { - "name" : "18244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18244" - }, - { - "name" : "ADV-2006-2138", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2138" - }, - { - "name" : "20453", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20453" - }, - { - "name" : "1024", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1024" - }, - { - "name" : "phpmanualmaker-multiple-xss(26926)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060602 PHP ManualMaker v1.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435717/100/0/threaded" + }, + { + "name": "18244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18244" + }, + { + "name": "phpmanualmaker-multiple-xss(26926)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26926" + }, + { + "name": "1024", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1024" + }, + { + "name": "ADV-2006-2138", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2138" + }, + { + "name": "20453", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20453" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2855.json b/2006/2xxx/CVE-2006-2855.json index b7780e37e61..2d3855d056f 100644 --- a/2006/2xxx/CVE-2006-2855.json +++ b/2006/2xxx/CVE-2006-2855.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2855", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2855", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt", - "refsource" : "MISC", - "url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt" - }, - { - "name" : "18262", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18262" - }, - { - "name" : "ADV-2006-2212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2212" - }, - { - "name" : "20511", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20511" - }, - { - "name" : "xuebook-index-sql-injection(27002)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27002" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18262", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18262" + }, + { + "name": "20511", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20511" + }, + { + "name": "xuebook-index-sql-injection(27002)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27002" + }, + { + "name": "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt", + "refsource": "MISC", + "url": "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt" + }, + { + "name": "ADV-2006-2212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2212" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2974.json b/2006/2xxx/CVE-2006-2974.json index 477cd965b27..38345078b84 100644 --- a/2006/2xxx/CVE-2006-2974.json +++ b/2006/2xxx/CVE-2006-2974.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2974", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2974", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2006-2213", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2213" - }, - { - "name" : "1016237", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016237" - }, - { - "name" : "20516", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20516" - }, - { - "name" : "emailarchitect-emailserver-xss(27005)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-2213", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2213" + }, + { + "name": "1016237", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016237" + }, + { + "name": "emailarchitect-emailserver-xss(27005)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27005" + }, + { + "name": "20516", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20516" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3351.json b/2006/3xxx/CVE-2006-3351.json index 512de2da2bb..1f3db55bbde 100644 --- a/2006/3xxx/CVE-2006-3351.json +++ b/2006/3xxx/CVE-2006-3351.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3351", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of \"file:\" specifiers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3351", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060705 Windows Explorer URL File format overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/439153/100/0/threaded" - }, - { - "name" : "20060706 Re: Windows Explorer URL File format overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/439660/100/200/threaded" - }, - { - "name" : "18838", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18838" - }, - { - "name" : "1186", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1186" - }, - { - "name" : "win-explorer-url-dos(27567)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27567" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of \"file:\" specifiers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1186", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1186" + }, + { + "name": "20060706 Re: Windows Explorer URL File format overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/439660/100/200/threaded" + }, + { + "name": "win-explorer-url-dos(27567)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27567" + }, + { + "name": "20060705 Windows Explorer URL File format overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/439153/100/0/threaded" + }, + { + "name": "18838", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18838" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3560.json b/2006/3xxx/CVE-2006-3560.json index 460288a1116..ca0d8c2e099 100644 --- a/2006/3xxx/CVE-2006-3560.json +++ b/2006/3xxx/CVE-2006-3560.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3560", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3560", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060708 Graffiti Forums v1.0 SQL Injection Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/439605/100/0/threaded" - }, - { - "name" : "http://www.neosecurityteam.net/index.php?action=advisories&id=24", - "refsource" : "MISC", - "url" : "http://www.neosecurityteam.net/index.php?action=advisories&id=24" - }, - { - "name" : "18928", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18928" - }, - { - "name" : "ADV-2006-2738", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2738" - }, - { - "name" : "21017", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21017" - }, - { - "name" : "1221", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1221" - }, - { - "name" : "graffiti-forum-topics-sql-injection(27634)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27634" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21017", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21017" + }, + { + "name": "ADV-2006-2738", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2738" + }, + { + "name": "http://www.neosecurityteam.net/index.php?action=advisories&id=24", + "refsource": "MISC", + "url": "http://www.neosecurityteam.net/index.php?action=advisories&id=24" + }, + { + "name": "18928", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18928" + }, + { + "name": "1221", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1221" + }, + { + "name": "graffiti-forum-topics-sql-injection(27634)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27634" + }, + { + "name": "20060708 Graffiti Forums v1.0 SQL Injection Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/439605/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3680.json b/2006/3xxx/CVE-2006-3680.json index c92b3beb9be..fa71afeaa45 100644 --- a/2006/3xxx/CVE-2006-3680.json +++ b/2006/3xxx/CVE-2006-3680.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3680", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3680", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060713 Photocycle v1.0 - XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/439968/100/0/threaded" - }, - { - "name" : "20060714 Re: Photocycle v1.0 - XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440078/100/100/threaded" - }, - { - "name" : "18964", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18964" - }, - { - "name" : "ADV-2006-2805", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2805" - }, - { - "name" : "27093", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27093" - }, - { - "name" : "1016492", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016492" - }, - { - "name" : "21054", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21054" - }, - { - "name" : "photocycle-unspecified-xss(27715)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060713 Photocycle v1.0 - XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/439968/100/0/threaded" + }, + { + "name": "27093", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27093" + }, + { + "name": "ADV-2006-2805", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2805" + }, + { + "name": "20060714 Re: Photocycle v1.0 - XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440078/100/100/threaded" + }, + { + "name": "18964", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18964" + }, + { + "name": "1016492", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016492" + }, + { + "name": "photocycle-unspecified-xss(27715)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27715" + }, + { + "name": "21054", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21054" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3863.json b/2006/3xxx/CVE-2006-3863.json index e90946802b1..bd27134f8f4 100644 --- a/2006/3xxx/CVE-2006-3863.json +++ b/2006/3xxx/CVE-2006-3863.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3863", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-3863", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6196.json b/2006/6xxx/CVE-2006-6196.json index 04425ce400d..b0f4a98650c 100644 --- a/2006/6xxx/CVE-2006-6196.json +++ b/2006/6xxx/CVE-2006-6196.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field (txtsearchtext parameter)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061124 [Aria-Security Team] Fixit iDMS Pro Image Gallery SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/452567/100/0/threaded" - }, - { - "name" : "http://www.aria-security.com/forum/showthread.php?t=39", - "refsource" : "MISC", - "url" : "http://www.aria-security.com/forum/showthread.php?t=39" - }, - { - "name" : "21282", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21282" - }, - { - "name" : "1017281", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017281" - }, - { - "name" : "1941", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1941" - }, - { - "name" : "fixit-idms-search-xss(30514)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field (txtsearchtext parameter)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061124 [Aria-Security Team] Fixit iDMS Pro Image Gallery SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/452567/100/0/threaded" + }, + { + "name": "1941", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1941" + }, + { + "name": "http://www.aria-security.com/forum/showthread.php?t=39", + "refsource": "MISC", + "url": "http://www.aria-security.com/forum/showthread.php?t=39" + }, + { + "name": "fixit-idms-search-xss(30514)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30514" + }, + { + "name": "21282", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21282" + }, + { + "name": "1017281", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017281" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6309.json b/2006/6xxx/CVE-2006-6309.json index 73b0452f56b..0e8fc123050 100644 --- a/2006/6xxx/CVE-2006-6309.json +++ b/2006/6xxx/CVE-2006-6309.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/453544/100/0/threaded" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21250261", - "refsource" : "MISC", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21250261" - }, - { - "name" : "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html", - "refsource" : "MISC", - "url" : "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html" - }, - { - "name" : "1979", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1979" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html", + "refsource": "MISC", + "url": "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html" + }, + { + "name": "1979", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1979" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21250261", + "refsource": "MISC", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21250261" + }, + { + "name": "20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/453544/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6810.json b/2006/6xxx/CVE-2006-6810.json index 5452e4c7971..1810a5a6419 100644 --- a/2006/6xxx/CVE-2006-6810.json +++ b/2006/6xxx/CVE-2006-6810.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6810", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote attackers to cause a denial of service (application crash) via crafted network traffic, which triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6810", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070103 Provable vendor ACK for CVE-2006-6810 (DB Hub DoS)", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-January/001204.html" - }, - { - "name" : "http://www.critical.lt/?vuln/548", - "refsource" : "MISC", - "url" : "http://www.critical.lt/?vuln/548" - }, - { - "name" : "http://www.critical.lt/research/crit_dbhub.pl", - "refsource" : "MISC", - "url" : "http://www.critical.lt/research/crit_dbhub.pl" - }, - { - "name" : "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22", - "refsource" : "CONFIRM", - "url" : "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22" - }, - { - "name" : "http://dbhub.ir.pl/", - "refsource" : "CONFIRM", - "url" : "http://dbhub.ir.pl/" - }, - { - "name" : "21791", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21791" - }, - { - "name" : "ADV-2006-5198", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/5198" - }, - { - "name" : "23489", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23489" - }, - { - "name" : "dbhub-clearuserlist-dos(31172)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31172" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote attackers to cause a denial of service (application crash) via crafted network traffic, which triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dbhub.ir.pl/", + "refsource": "CONFIRM", + "url": "http://dbhub.ir.pl/" + }, + { + "name": "http://www.critical.lt/?vuln/548", + "refsource": "MISC", + "url": "http://www.critical.lt/?vuln/548" + }, + { + "name": "20070103 Provable vendor ACK for CVE-2006-6810 (DB Hub DoS)", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-January/001204.html" + }, + { + "name": "dbhub-clearuserlist-dos(31172)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31172" + }, + { + "name": "21791", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21791" + }, + { + "name": "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22", + "refsource": "CONFIRM", + "url": "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22" + }, + { + "name": "ADV-2006-5198", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/5198" + }, + { + "name": "http://www.critical.lt/research/crit_dbhub.pl", + "refsource": "MISC", + "url": "http://www.critical.lt/research/crit_dbhub.pl" + }, + { + "name": "23489", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23489" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7203.json b/2006/7xxx/CVE-2006-7203.json index 5a739dca71b..c3fdc3d84b8 100644 --- a/2006/7xxx/CVE-2006-7203.json +++ b/2006/7xxx/CVE-2006-7203.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7203", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode (\"mount -t smbfs\")." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-7203", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm" - }, - { - "name" : "DSA-1504", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1504" - }, - { - "name" : "MDKSA-2007:171", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171" - }, - { - "name" : "MDKSA-2007:196", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196" - }, - { - "name" : "RHSA-2007:0376", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2007-0376.html" - }, - { - "name" : "RHSA-2007:0488", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0488.html" - }, - { - "name" : "SUSE-SA:2007:035", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" - }, - { - "name" : "SUSE-SA:2007:043", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" - }, - { - "name" : "USN-486-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-486-1" - }, - { - "name" : "USN-489-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-489-1" - }, - { - "name" : "oval:org.mitre.oval:def:10941", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10941" - }, - { - "name" : "ADV-2007-2209", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2209" - }, - { - "name" : "25682", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25682" - }, - { - "name" : "25700", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25700" - }, - { - "name" : "25683", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25683" - }, - { - "name" : "25838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25838" - }, - { - "name" : "25961", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25961" - }, - { - "name" : "26133", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26133" - }, - { - "name" : "26139", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26139" - }, - { - "name" : "26289", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26289" - }, - { - "name" : "26620", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26620" - }, - { - "name" : "29058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode (\"mount -t smbfs\")." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SA:2007:043", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" + }, + { + "name": "26289", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26289" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab" + }, + { + "name": "25838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25838" + }, + { + "name": "MDKSA-2007:171", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171" + }, + { + "name": "DSA-1504", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1504" + }, + { + "name": "oval:org.mitre.oval:def:10941", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10941" + }, + { + "name": "25683", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25683" + }, + { + "name": "26620", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26620" + }, + { + "name": "USN-489-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-489-1" + }, + { + "name": "MDKSA-2007:196", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196" + }, + { + "name": "25961", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25961" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm" + }, + { + "name": "ADV-2007-2209", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2209" + }, + { + "name": "29058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29058" + }, + { + "name": "25682", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25682" + }, + { + "name": "RHSA-2007:0376", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2007-0376.html" + }, + { + "name": "USN-486-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-486-1" + }, + { + "name": "SUSE-SA:2007:035", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" + }, + { + "name": "25700", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25700" + }, + { + "name": "26139", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26139" + }, + { + "name": "RHSA-2007:0488", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0488.html" + }, + { + "name": "26133", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26133" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7211.json b/2006/7xxx/CVE-2006-7211.json index 7fd713a4b4a..9101eeafa69 100644 --- a/2006/7xxx/CVE-2006-7211.json +++ b/2006/7xxx/CVE-2006-7211.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-7211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf" - }, - { - "name" : "DSA-1529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1529" - }, - { - "name" : "28474", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28474" - }, - { - "name" : "29501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29501" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf" + }, + { + "name": "28474", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28474" + }, + { + "name": "29501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29501" + }, + { + "name": "DSA-1529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1529" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0430.json b/2011/0xxx/CVE-2011-0430.json index f11aed8ec93..89b99edc30c 100644 --- a/2011/0xxx/CVE-2011-0430.json +++ b/2011/0xxx/CVE-2011-0430.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0430", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-2168", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2168" - }, - { - "name" : "46428", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46428" - }, - { - "name" : "1025095", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025095" - }, - { - "name" : "43371", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43371" - }, - { - "name" : "43407", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43407" - }, - { - "name" : "ADV-2011-0410", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0410" - }, - { - "name" : "ADV-2011-0411", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0411" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46428", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46428" + }, + { + "name": "DSA-2168", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2168" + }, + { + "name": "ADV-2011-0410", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0410" + }, + { + "name": "43371", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43371" + }, + { + "name": "1025095", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025095" + }, + { + "name": "ADV-2011-0411", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0411" + }, + { + "name": "43407", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43407" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0756.json b/2011/0xxx/CVE-2011-0756.json index 7d28636ae37..6ffc37eb973 100644 --- a/2011/0xxx/CVE-2011-0756.json +++ b/2011/0xxx/CVE-2011-0756.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0756", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0756", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt", - "refsource" : "CONFIRM", - "url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt" - }, - { - "name" : "1025447", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1025447" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt", + "refsource": "CONFIRM", + "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt" + }, + { + "name": "1025447", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1025447" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0879.json b/2011/0xxx/CVE-2011-0879.json index 15d0c1a889a..4203e3fc2c3 100644 --- a/2011/0xxx/CVE-2011-0879.json +++ b/2011/0xxx/CVE-2011-0879.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0879", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2011-0879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" - }, - { - "name" : "TA11-201A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA11-201A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0904.json b/2011/0xxx/CVE-2011-0904.json index 99b3b2dca99..122f01685f1 100644 --- a/2011/0xxx/CVE-2011-0904.json +++ b/2011/0xxx/CVE-2011-0904.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news" - }, - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news" - }, - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news" - }, - { - "name" : "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0" - }, - { - "name" : "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f" - }, - { - "name" : "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279" - }, - { - "name" : "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a" - }, - { - "name" : "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4" - }, - { - "name" : "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d" - }, - { - "name" : "http://git.gnome.org/browse/vino/log/?h=gnome-2-30", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/log/?h=gnome-2-30" - }, - { - "name" : "http://git.gnome.org/browse/vino/tree/NEWS", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/vino/tree/NEWS" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=641802", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=641802" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=694455", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=694455" - }, - { - "name" : "DSA-2238", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2238" - }, - { - "name" : "MDVSA-2011:087", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087" - }, - { - "name" : "RHSA-2013:0169", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0169.html" - }, - { - "name" : "SUSE-SR:2011:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" - }, - { - "name" : "USN-1128-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-1128-1/" - }, - { - "name" : "47681", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47681" - }, - { - "name" : "44410", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44410" - }, - { - "name" : "44463", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44463" - }, - { - "name" : "ADV-2011-1144", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/1144" - }, - { - "name" : "vino-input-dos(67243)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vino-input-dos(67243)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67243" + }, + { + "name": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0" + }, + { + "name": "USN-1128-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-1128-1/" + }, + { + "name": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a" + }, + { + "name": "SUSE-SR:2011:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" + }, + { + "name": "MDVSA-2011:087", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087" + }, + { + "name": "RHSA-2013:0169", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0169.html" + }, + { + "name": "44410", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44410" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news" + }, + { + "name": "ADV-2011-1144", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/1144" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news" + }, + { + "name": "47681", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47681" + }, + { + "name": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f" + }, + { + "name": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30" + }, + { + "name": "DSA-2238", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2238" + }, + { + "name": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=641802", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=641802" + }, + { + "name": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=694455", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=694455" + }, + { + "name": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279" + }, + { + "name": "44463", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44463" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news" + }, + { + "name": "http://git.gnome.org/browse/vino/tree/NEWS", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/vino/tree/NEWS" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2424.json b/2011/2xxx/CVE-2011-2424.json index 29fe3776b6a..cbf68e3a4a6 100644 --- a/2011/2xxx/CVE-2011-2424.json +++ b/2011/2xxx/CVE-2011-2424.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2424", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2011-2424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html", - "refsource" : "MISC", - "url" : "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html" - }, - { - "name" : "http://twitter.com/taviso/statuses/101046246277521409", - "refsource" : "MISC", - "url" : "http://twitter.com/taviso/statuses/101046246277521409" - }, - { - "name" : "http://twitter.com/taviso/statuses/101046396790128640", - "refsource" : "MISC", - "url" : "http://twitter.com/taviso/statuses/101046396790128640" - }, - { - "name" : "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html", - "refsource" : "CONFIRM", - "url" : "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb11-21.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb11-21.html" - }, - { - "name" : "RHSA-2011:1144", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1144.html" - }, - { - "name" : "TA11-222A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-222A.html" - }, - { - "name" : "oval:org.mitre.oval:def:14199", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14199" - }, - { - "name" : "oval:org.mitre.oval:def:15869", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15869" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html", + "refsource": "CONFIRM", + "url": "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html" + }, + { + "name": "http://twitter.com/taviso/statuses/101046246277521409", + "refsource": "MISC", + "url": "http://twitter.com/taviso/statuses/101046246277521409" + }, + { + "name": "TA11-222A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-222A.html" + }, + { + "name": "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html", + "refsource": "MISC", + "url": "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html" + }, + { + "name": "oval:org.mitre.oval:def:14199", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14199" + }, + { + "name": "http://twitter.com/taviso/statuses/101046396790128640", + "refsource": "MISC", + "url": "http://twitter.com/taviso/statuses/101046396790128640" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb11-21.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html" + }, + { + "name": "oval:org.mitre.oval:def:15869", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15869" + }, + { + "name": "RHSA-2011:1144", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1144.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2517.json b/2011/2xxx/CVE-2011-2517.json index 3e968f1259e..1a9f24287fb 100644 --- a/2011/2xxx/CVE-2011-2517.json +++ b/2011/2xxx/CVE-2011-2517.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-2517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/07/01/4" - }, - { - "name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2", - "refsource" : "CONFIRM", - "url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=718152", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=718152" - }, - { - "name" : "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03" - }, - { - "name" : "RHSA-2011:1212", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2011-1212.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2011:1212", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03" + }, + { + "name": "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03" + }, + { + "name": "[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/07/01/4" + }, + { + "name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2", + "refsource": "CONFIRM", + "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=718152", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=718152" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3825.json b/2011/3xxx/CVE-2011-3825.json index 9858a1bd86c..bbf60d527c5 100644 --- a/2011/3xxx/CVE-2011-3825.json +++ b/2011/3xxx/CVE-2011-3825.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3825", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3825", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend" + }, + { + "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3837.json b/2011/3xxx/CVE-2011-3837.json index dcac1294a6d..1062c4768eb 100644 --- a/2011/3xxx/CVE-2011-3837.json +++ b/2011/3xxx/CVE-2011-3837.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2011-3837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2011-87/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2011-87/" - }, - { - "name" : "77912", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/77912" - }, - { - "name" : "46163", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/46163" - }, - { - "name" : "wuzly-index-file-include(71903)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71903" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wuzly-index-file-include(71903)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71903" + }, + { + "name": "46163", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/46163" + }, + { + "name": "77912", + "refsource": "OSVDB", + "url": "http://osvdb.org/77912" + }, + { + "name": "http://secunia.com/secunia_research/2011-87/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2011-87/" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3911.json b/2011/3xxx/CVE-2011-3911.json index 8c9abb615ff..31995db4f81 100644 --- a/2011/3xxx/CVE-2011-3911.json +++ b/2011/3xxx/CVE-2011-3911.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3911", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-3911", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=101779", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=101779" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html" - }, - { - "name" : "oval:org.mitre.oval:def:14683", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14683" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=101779", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=101779" + }, + { + "name": "oval:org.mitre.oval:def:14683", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14683" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4018.json b/2011/4xxx/CVE-2011-4018.json index d95a5bde712..71120fd7a98 100644 --- a/2011/4xxx/CVE-2011-4018.json +++ b/2011/4xxx/CVE-2011-4018.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4018", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4018", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4245.json b/2011/4xxx/CVE-2011-4245.json index fd8e7c2b4a4..5466ca3c257 100644 --- a/2011/4xxx/CVE-2011-4245.json +++ b/2011/4xxx/CVE-2011-4245.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://service.real.com/realplayer/security/11182011_player/en/", - "refsource" : "CONFIRM", - "url" : "http://service.real.com/realplayer/security/11182011_player/en/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://service.real.com/realplayer/security/11182011_player/en/", + "refsource": "CONFIRM", + "url": "http://service.real.com/realplayer/security/11182011_player/en/" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4724.json b/2011/4xxx/CVE-2011-4724.json index 02afdf5af0b..2c305ecf671 100644 --- a/2011/4xxx/CVE-2011-4724.json +++ b/2011/4xxx/CVE-2011-4724.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4724", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4724", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4990.json b/2011/4xxx/CVE-2011-4990.json index b4ff1a1d695..bb68282a141 100644 --- a/2011/4xxx/CVE-2011-4990.json +++ b/2011/4xxx/CVE-2011-4990.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4990", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2011-4990", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4996.json b/2011/4xxx/CVE-2011-4996.json index 5ed4301d525..3c7fdbc67fe 100644 --- a/2011/4xxx/CVE-2011-4996.json +++ b/2011/4xxx/CVE-2011-4996.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4996", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2011-4996", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1085.json b/2013/1xxx/CVE-2013-1085.json index f6bc16506a8..8ec6bdd70a2 100644 --- a/2013/1xxx/CVE-2013-1085.json +++ b/2013/1xxx/CVE-2013-1085.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-1085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-13-036/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-13-036/" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7011935", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7011935" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=777352", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=777352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-13-036/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-036/" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7011935", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7011935" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=777352", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=777352" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1374.json b/2013/1xxx/CVE-2013-1374.json index 73f16ec34e6..2a5772bcb19 100644 --- a/2013/1xxx/CVE-2013-1374.json +++ b/2013/1xxx/CVE-2013-1374.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1374", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2013-1374", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb13-05.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb13-05.html" - }, - { - "name" : "RHSA-2013:0254", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0254.html" - }, - { - "name" : "SUSE-SU-2013:0296", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html" - }, - { - "name" : "openSUSE-SU-2013:0295", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html" - }, - { - "name" : "openSUSE-SU-2013:0298", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html" - }, - { - "name" : "TA13-043A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA13-043A.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2013:0296", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html" + }, + { + "name": "RHSA-2013:0254", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html" + }, + { + "name": "openSUSE-SU-2013:0295", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html" + }, + { + "name": "openSUSE-SU-2013:0298", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html" + }, + { + "name": "TA13-043A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb13-05.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5281.json b/2013/5xxx/CVE-2013-5281.json index fd3a4213a17..5122caf2a57 100644 --- a/2013/5xxx/CVE-2013-5281.json +++ b/2013/5xxx/CVE-2013-5281.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5281", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5281", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5368.json b/2013/5xxx/CVE-2013-5368.json index 84194a8378a..06a1f573570 100644 --- a/2013/5xxx/CVE-2013-5368.json +++ b/2013/5xxx/CVE-2013-5368.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5368", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5368", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5440.json b/2013/5xxx/CVE-2013-5440.json index d73f35e1ddc..f58cd1425ba 100644 --- a/2013/5xxx/CVE-2013-5440.json +++ b/2013/5xxx/CVE-2013-5440.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5440", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-5440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21659957", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21659957" - }, - { - "name" : "JR48095", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR48095" - }, - { - "name" : "ibm-infosphere-cve20135440-info-disc(87816)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21659957", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659957" + }, + { + "name": "JR48095", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR48095" + }, + { + "name": "ibm-infosphere-cve20135440-info-disc(87816)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87816" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2501.json b/2014/2xxx/CVE-2014-2501.json index b18e39a0bd7..6549387ed73 100644 --- a/2014/2xxx/CVE-2014-2501.json +++ b/2014/2xxx/CVE-2014-2501.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2501", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2501", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2589.json b/2014/2xxx/CVE-2014-2589.json index f7c43025132..cb6218873f8 100644 --- a/2014/2xxx/CVE-2014-2589.json +++ b/2014/2xxx/CVE-2014-2589.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140306 SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/531364/100/0/threaded" - }, - { - "name" : "http://www.vulnerability-lab.com/get_content.php?id=1100", - "refsource" : "MISC", - "url" : "http://www.vulnerability-lab.com/get_content.php?id=1100" - }, - { - "name" : "66042", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66042" - }, - { - "name" : "104089", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/104089" - }, - { - "name" : "1029884", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029884" - }, - { - "name" : "57275", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57275" - }, - { - "name" : "sonicwall-nsa-dashboard-xss(91766)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91766" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1029884", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029884" + }, + { + "name": "sonicwall-nsa-dashboard-xss(91766)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91766" + }, + { + "name": "20140306 SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/531364/100/0/threaded" + }, + { + "name": "57275", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57275" + }, + { + "name": "66042", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66042" + }, + { + "name": "http://www.vulnerability-lab.com/get_content.php?id=1100", + "refsource": "MISC", + "url": "http://www.vulnerability-lab.com/get_content.php?id=1100" + }, + { + "name": "104089", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/104089" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2713.json b/2014/2xxx/CVE-2014-2713.json index a921ffa954e..79a6ba84c2c 100644 --- a/2014/2xxx/CVE-2014-2713.json +++ b/2014/2xxx/CVE-2014-2713.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers, allows remote attackers to cause a denial of service (PFE restart) via a crafted IP packet to certain (1) Trio or (2) Cassis-based Packet Forwarding Engine (PFE) modules." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621" - }, - { - "name" : "66764", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66764" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers, allows remote attackers to cause a denial of service (PFE restart) via a crafted IP packet to certain (1) Trio or (2) Cassis-based Packet Forwarding Engine (PFE) modules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621" + }, + { + "name": "66764", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66764" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2831.json b/2014/2xxx/CVE-2014-2831.json index d1713dd8d4e..ac9b915bdc4 100644 --- a/2014/2xxx/CVE-2014-2831.json +++ b/2014/2xxx/CVE-2014-2831.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2831", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2831", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6039.json b/2014/6xxx/CVE-2014-6039.json index 39168d5736f..6ea6d6c2df5 100644 --- a/2014/6xxx/CVE-2014-6039.json +++ b/2014/6xxx/CVE-2014-6039.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6039", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-6039", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6307.json b/2014/6xxx/CVE-2014-6307.json index 7cce7459554..7ef04238bd3 100644 --- a/2014/6xxx/CVE-2014-6307.json +++ b/2014/6xxx/CVE-2014-6307.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6307", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-6307", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6308.json b/2014/6xxx/CVE-2014-6308.json index 4527066fd83..bde469b2962 100644 --- a/2014/6xxx/CVE-2014-6308.json +++ b/2014/6xxx/CVE-2014-6308.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6308", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-6308", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140916 Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/533456/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html" - }, - { - "name" : "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435", - "refsource" : "MISC", - "url" : "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435" - }, - { - "name" : "https://www.netsparker.com/lfi-vulnerability-in-osclass/", - "refsource" : "MISC", - "url" : "https://www.netsparker.com/lfi-vulnerability-in-osclass/" - }, - { - "name" : "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/", - "refsource" : "CONFIRM", - "url" : "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/", + "refsource": "CONFIRM", + "url": "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/" + }, + { + "name": "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html" + }, + { + "name": "https://www.netsparker.com/lfi-vulnerability-in-osclass/", + "refsource": "MISC", + "url": "https://www.netsparker.com/lfi-vulnerability-in-osclass/" + }, + { + "name": "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435", + "refsource": "MISC", + "url": "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435" + }, + { + "name": "20140916 Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/533456/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6525.json b/2014/6xxx/CVE-2014-6525.json index 99f7d3e1609..ac53564ab7e 100644 --- a/2014/6xxx/CVE-2014-6525.json +++ b/2014/6xxx/CVE-2014-6525.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6525", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-6525", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "1031579", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031579" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "1031579", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031579" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6915.json b/2014/6xxx/CVE-2014-6915.json index 925daa33ef0..ce88e6a14d6 100644 --- a/2014/6xxx/CVE-2014-6915.json +++ b/2014/6xxx/CVE-2014-6915.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6915", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7046, CVE-2014-7047. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-7046 and CVE-2014-7047 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-6915", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7046, CVE-2014-7047. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-7046 and CVE-2014-7047 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0013.json b/2017/0xxx/CVE-2017-0013.json index 2f71175b99e..460190a12b2 100644 --- a/2017/0xxx/CVE-2017-0013.json +++ b/2017/0xxx/CVE-2017-0013.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-0013", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-0013", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0262.json b/2017/0xxx/CVE-2017-0262.json index 213254cc3b4..8db3230ecee 100644 --- a/2017/0xxx/CVE-2017-0262.json +++ b/2017/0xxx/CVE-2017-0262.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-0262", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Office", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka \"Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-0262", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262" - }, - { - "name" : "98279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98279" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka \"Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98279" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0970.json b/2017/0xxx/CVE-2017-0970.json index ac63bbe48ee..b8eb2fee178 100644 --- a/2017/0xxx/CVE-2017-0970.json +++ b/2017/0xxx/CVE-2017-0970.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-0970", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-0970", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0994.json b/2017/0xxx/CVE-2017-0994.json index 527382754fb..72d585e8b20 100644 --- a/2017/0xxx/CVE-2017-0994.json +++ b/2017/0xxx/CVE-2017-0994.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-0994", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-0994", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000167.json b/2017/1000xxx/CVE-2017-1000167.json index ebcfa0dd931..a06db249ff6 100644 --- a/2017/1000xxx/CVE-2017-1000167.json +++ b/2017/1000xxx/CVE-2017-1000167.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1000167", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the Primary CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1000167", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the Primary CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000508.json b/2017/1000xxx/CVE-2017-1000508.json index 1e18655de31..a53f88fa338 100644 --- a/2017/1000xxx/CVE-2017-1000508.json +++ b/2017/1000xxx/CVE-2017-1000508.json @@ -1,69 +1,69 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "12/29/2017 15:45:04", - "ID" : "CVE-2017-1000508", - "REQUESTER" : "sajeeb.lohani@bulletproof.sh", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Invoice Plane", - "version" : { - "version_data" : [ - { - "version_value" : "1.5.4 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Invoice Plane" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross Site Scripting (XSS)" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "12/29/2017 15:45:04", + "ID": "CVE-2017-1000508", + "REQUESTER": "sajeeb.lohani@bulletproof.sh", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/InvoicePlane/InvoicePlane/pull/557", - "refsource" : "CONFIRM", - "url" : "https://github.com/InvoicePlane/InvoicePlane/pull/557" - }, - { - "name" : "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2", - "refsource" : "CONFIRM", - "url" : "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2", + "refsource": "CONFIRM", + "url": "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2" + }, + { + "name": "https://github.com/InvoicePlane/InvoicePlane/pull/557", + "refsource": "CONFIRM", + "url": "https://github.com/InvoicePlane/InvoicePlane/pull/557" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18000.json b/2017/18xxx/CVE-2017-18000.json index 7d496c14953..7630b0f8667 100644 --- a/2017/18xxx/CVE-2017-18000.json +++ b/2017/18xxx/CVE-2017-18000.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18000", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18000", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18127.json b/2017/18xxx/CVE-2017-18127.json index 2b1bda3c9ae..d4eb069c1da 100644 --- a/2017/18xxx/CVE-2017-18127.json +++ b/2017/18xxx/CVE-2017-18127.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2017-18127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy()." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Input Validation in APSS" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2017-18127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy()." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation in APSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1295.json b/2017/1xxx/CVE-2017-1295.json index 7c07a3b1667..58cd759a11b 100644 --- a/2017/1xxx/CVE-2017-1295.json +++ b/2017/1xxx/CVE-2017-1295.json @@ -1,118 +1,118 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-10-20T00:00:00", - "ID" : "CVE-2017-1295", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Rational Collaborative Lifecycle Management", - "version" : { - "version_data" : [ - { - "version_value" : "4.0" - }, - { - "version_value" : "4.0.1" - }, - { - "version_value" : "4.0.2" - }, - { - "version_value" : "4.0.3" - }, - { - "version_value" : "4.0.4" - }, - { - "version_value" : "4.0.5" - }, - { - "version_value" : "4.0.6" - }, - { - "version_value" : "5.0" - }, - { - "version_value" : "4.0.7" - }, - { - "version_value" : "5.0.1" - }, - { - "version_value" : "5.0.2" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.0.2" - }, - { - "version_value" : "6.0.3" - }, - { - "version_value" : "6.0.4" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-10-20T00:00:00", + "ID": "CVE-2017-1295", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Rational Collaborative Lifecycle Management", + "version": { + "version_data": [ + { + "version_value": "4.0" + }, + { + "version_value": "4.0.1" + }, + { + "version_value": "4.0.2" + }, + { + "version_value": "4.0.3" + }, + { + "version_value": "4.0.4" + }, + { + "version_value": "4.0.5" + }, + { + "version_value": "4.0.6" + }, + { + "version_value": "5.0" + }, + { + "version_value": "4.0.7" + }, + { + "version_value": "5.0.1" + }, + { + "version_value": "5.0.2" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.0.2" + }, + { + "version_value": "6.0.3" + }, + { + "version_value": "6.0.4" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22009296", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22009296" - }, - { - "name" : "101616", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101616" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101616", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101616" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22009296", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22009296" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1457.json b/2017/1xxx/CVE-2017-1457.json index d5526dcc558..fb1b43214f2 100644 --- a/2017/1xxx/CVE-2017-1457.json +++ b/2017/1xxx/CVE-2017-1457.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-08-31T00:00:00", - "ID" : "CVE-2017-1457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "QRadar Network Security", - "version" : { - "version_data" : [ - { - "version_value" : "5.4" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128376." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-08-31T00:00:00", + "ID": "CVE-2017-1457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "QRadar Network Security", + "version": { + "version_data": [ + { + "version_value": "5.4" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22007550", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22007550" - }, - { - "name" : "100636", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100636" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128376." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "100636", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100636" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22007550", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22007550" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1521.json b/2017/1xxx/CVE-2017-1521.json index b140ae07dd0..ae9e1fa9a9e 100644 --- a/2017/1xxx/CVE-2017-1521.json +++ b/2017/1xxx/CVE-2017-1521.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2017-1521", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129831." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2017-1521", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22009673", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22009673" - }, - { - "name" : "101571", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101571" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129831." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101571", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101571" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22009673", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22009673" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1589.json b/2017/1xxx/CVE-2017-1589.json index fe6f0dfb0d4..f8d2eeb0241 100644 --- a/2017/1xxx/CVE-2017-1589.json +++ b/2017/1xxx/CVE-2017-1589.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1589", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1589", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1987.json b/2017/1xxx/CVE-2017-1987.json index 03de1460358..c113e8fc112 100644 --- a/2017/1xxx/CVE-2017-1987.json +++ b/2017/1xxx/CVE-2017-1987.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1987", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1987", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4164.json b/2017/4xxx/CVE-2017-4164.json index ab70441057e..32ccbf1c167 100644 --- a/2017/4xxx/CVE-2017-4164.json +++ b/2017/4xxx/CVE-2017-4164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4164", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4164", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4795.json b/2017/4xxx/CVE-2017-4795.json index e66a988700e..c73e039d431 100644 --- a/2017/4xxx/CVE-2017-4795.json +++ b/2017/4xxx/CVE-2017-4795.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4795", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4795", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4904.json b/2017/4xxx/CVE-2017-4904.json index 66e963fa729..6d2d9ffe304 100644 --- a/2017/4xxx/CVE-2017-4904.json +++ b/2017/4xxx/CVE-2017-4904.json @@ -1,109 +1,109 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@vmware.com", - "ID" : "CVE-2017-4904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ESXi", - "version" : { - "version_data" : [ - { - "version_value" : "6.5 without patch ESXi650-201703410-SG" - }, - { - "version_value" : "6.0 U3 without patch ESXi600-201703401-SG" - }, - { - "version_value" : "6.0 U2 without patch ESXi600-201703403-SG" - }, - { - "version_value" : "6.0 U1 without patch ESXi600-201703402-SG" - }, - { - "version_value" : "5.5 without patch ESXi550-201703401-SG" - } - ] - } - }, - { - "product_name" : "Workstation Pro / Player", - "version" : { - "version_data" : [ - { - "version_value" : "12.x prior to 12.5.5" - } - ] - } - }, - { - "product_name" : "Fusion Pro / Fusion", - "version" : { - "version_data" : [ - { - "version_value" : "8.x prior to 8.5.6" - } - ] - } - } - ] - }, - "vendor_name" : "VMware" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution / DoS" - } + "CVE_data_meta": { + "ASSIGNER": "security@vmware.com", + "ID": "CVE-2017-4904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ESXi", + "version": { + "version_data": [ + { + "version_value": "6.5 without patch ESXi650-201703410-SG" + }, + { + "version_value": "6.0 U3 without patch ESXi600-201703401-SG" + }, + { + "version_value": "6.0 U2 without patch ESXi600-201703403-SG" + }, + { + "version_value": "6.0 U1 without patch ESXi600-201703402-SG" + }, + { + "version_value": "5.5 without patch ESXi550-201703401-SG" + } + ] + } + }, + { + "product_name": "Workstation Pro / Player", + "version": { + "version_data": [ + { + "version_value": "12.x prior to 12.5.5" + } + ] + } + }, + { + "product_name": "Fusion Pro / Fusion", + "version": { + "version_data": [ + { + "version_value": "8.x prior to 8.5.6" + } + ] + } + } + ] + }, + "vendor_name": "VMware" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2017-0006.html" - }, - { - "name" : "97165", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97165" - }, - { - "name" : "1038148", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038148" - }, - { - "name" : "1038149", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution / DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97165", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97165" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html" + }, + { + "name": "1038148", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038148" + }, + { + "name": "1038149", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038149" + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5864.json b/2017/5xxx/CVE-2017-5864.json index 94b114fffa4..82d25739f73 100644 --- a/2017/5xxx/CVE-2017-5864.json +++ b/2017/5xxx/CVE-2017-5864.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5864", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5864", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file