admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:41:47 +00:00
parent 4903175cc2
commit 79106560c4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 3646 additions and 3646 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
2001/1xxx/CVE-2001-1410.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1410",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1410",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering."
"lang": "eng",
"value": "Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20011021 Javascript in IE may spoof the whole screen",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/221883"
"name": "20030713 IE chromeless window vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105820229407274&w=2"
},
{
"name" : "http://www.guninski.com/popspoof.html",
"refsource" : "MISC",
"url" : "http://www.guninski.com/popspoof.html"
"name": "ie-javascript-spoof-dialog(7313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7313"
},
{
"name" : "20030713 IE chromeless window vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105820229407274&w=2"
"name": "3469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3469"
},
{
"name" : "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/",
"refsource" : "MISC",
"url" : "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/"
"name": "20030715 Internet Explorer Full-Screen mode threats",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105829174431769&w=2"
},
{
"name" : "20030715 Internet Explorer Full-Screen mode threats",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105829174431769&w=2"
"name": "http://www.systemintegra.com/ie-fullscreen/",
"refsource": "MISC",
"url": "http://www.systemintegra.com/ie-fullscreen/"
},
{
"name" : "http://www.systemintegra.com/ie-fullscreen/",
"refsource" : "MISC",
"url" : "http://www.systemintegra.com/ie-fullscreen/"
"name": "VU#490708",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/490708"
},
{
"name" : "VU#490708",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/490708"
"name": "20011021 Javascript in IE may spoof the whole screen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/221883"
},
{
"name" : "ie-javascript-spoof-dialog(7313)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7313"
"name": "http://www.guninski.com/popspoof.html",
"refsource": "MISC",
"url": "http://www.guninski.com/popspoof.html"
},
{
"name" : "3469",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/3469"
"name": "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/",
"refsource": "MISC",
"url": "http://www.doxdesk.com/personal/posts/bugtraq/20030713-ie/"
}
]
}

146
2006/2xxx/CVE-2006-2378.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2378",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-2378",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption."
"lang": "eng",
"value": "Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060613 Microsoft Internet Explorer ART File Heap Corruption Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407"
"name": "win-art-image-bo(26809)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26809"
},
{
"name" : "MS06-022",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022"
"name": "oval:org.mitre.oval:def:1640",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1640"
},
{
"name" : "TA06-164A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
"name": "26432",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26432"
},
{
"name" : "VU#923236",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/923236"
"name": "oval:org.mitre.oval:def:1756",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1756"
},
{
"name" : "18394",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18394"
"name": "oval:org.mitre.oval:def:1668",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1668"
},
{
"name" : "ADV-2006-2320",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2320"
"name": "TA06-164A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name" : "26432",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26432"
"name": "20605",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20605"
},
{
"name" : "oval:org.mitre.oval:def:1590",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1590"
"name": "MS06-022",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022"
},
{
"name" : "oval:org.mitre.oval:def:1640",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1640"
"name": "VU#923236",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/923236"
},
{
"name" : "oval:org.mitre.oval:def:1668",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1668"
"name": "18394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18394"
},
{
"name" : "oval:org.mitre.oval:def:1756",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1756"
"name": "20060613 Microsoft Internet Explorer ART File Heap Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407"
},
{
"name" : "oval:org.mitre.oval:def:1866",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1866"
"name": "ADV-2006-2320",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2320"
},
{
"name" : "1016292",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016292"
"name": "oval:org.mitre.oval:def:1866",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1866"
},
{
"name" : "20605",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20605"
"name": "1016292",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016292"
},
{
"name" : "win-art-image-bo(26809)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26809"
"name": "oval:org.mitre.oval:def:1590",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1590"
}
]
}

104
2006/2xxx/CVE-2006-2725.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2725",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2725",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060528 Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435284/100/0/threaded"
"name": "20060528 Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435284/100/0/threaded"
},
{
"name" : "20060529 RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435300/100/0/threaded"
"name": "http://www.nukedx.com/?viewdoc=36",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=36"
},
{
"name" : "http://www.nukedx.com/?getxpl=36",
"refsource" : "MISC",
"url" : "http://www.nukedx.com/?getxpl=36"
"name": "http://www.nukedx.com/?getxpl=36",
"refsource": "MISC",
"url": "http://www.nukedx.com/?getxpl=36"
},
{
"name" : "http://www.nukedx.com/?viewdoc=36",
"refsource" : "MISC",
"url" : "http://www.nukedx.com/?viewdoc=36"
"name": "20352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20352"
},
{
"name" : "18140",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18140"
"name": "ADV-2006-2030",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2030"
},
{
"name" : "ADV-2006-2030",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2030"
"name": "eggblog-posts-sql-injection(26832)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26832"
},
{
"name" : "20352",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20352"
"name": "18140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18140"
},
{
"name" : "eggblog-posts-sql-injection(26832)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26832"
"name": "20060529 RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435300/100/0/threaded"
}
]
}

92
2006/2xxx/CVE-2006-2803.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2803",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2803",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060602 PHP ManualMaker v1.0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435717/100/0/threaded"
"name": "20060602 PHP ManualMaker v1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435717/100/0/threaded"
},
{
"name" : "18244",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18244"
"name": "18244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18244"
},
{
"name" : "ADV-2006-2138",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2138"
"name": "phpmanualmaker-multiple-xss(26926)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26926"
},
{
"name" : "20453",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20453"
"name": "1024",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1024"
},
{
"name" : "1024",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1024"
"name": "ADV-2006-2138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2138"
},
{
"name" : "phpmanualmaker-multiple-xss(26926)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26926"
"name": "20453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20453"
}
]
}

86
2006/2xxx/CVE-2006-2855.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2855",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2855",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter."
"lang": "eng",
"value": "SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt",
"refsource" : "MISC",
"url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt"
"name": "18262",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18262"
},
{
"name" : "18262",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18262"
"name": "20511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20511"
},
{
"name" : "ADV-2006-2212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2212"
"name": "xuebook-index-sql-injection(27002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27002"
},
{
"name" : "20511",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20511"
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/xueBook_poc.txt"
},
{
"name" : "xuebook-index-sql-injection(27002)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27002"
"name": "ADV-2006-2212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2212"
}
]
}

80
2006/2xxx/CVE-2006-2974.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2974",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2974",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2006-2213",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2213"
"name": "ADV-2006-2213",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2213"
},
{
"name" : "1016237",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016237"
"name": "1016237",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016237"
},
{
"name" : "20516",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20516"
"name": "emailarchitect-emailserver-xss(27005)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27005"
},
{
"name" : "emailarchitect-emailserver-xss(27005)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27005"
"name": "20516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20516"
}
]
}

86
2006/3xxx/CVE-2006-3351.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3351",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3351",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of \"file:\" specifiers."
"lang": "eng",
"value": "Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of \"file:\" specifiers."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060705 Windows Explorer URL File format overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439153/100/0/threaded"
"name": "1186",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1186"
},
{
"name" : "20060706 Re: Windows Explorer URL File format overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439660/100/200/threaded"
"name": "20060706 Re: Windows Explorer URL File format overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439660/100/200/threaded"
},
{
"name" : "18838",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18838"
"name": "win-explorer-url-dos(27567)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27567"
},
{
"name" : "1186",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1186"
"name": "20060705 Windows Explorer URL File format overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439153/100/0/threaded"
},
{
"name" : "win-explorer-url-dos(27567)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27567"
"name": "18838",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18838"
}
]
}

98
2006/3xxx/CVE-2006-3560.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3560",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3560",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter."
"lang": "eng",
"value": "SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060708 Graffiti Forums v1.0 SQL Injection Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439605/100/0/threaded"
"name": "21017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21017"
},
{
"name" : "http://www.neosecurityteam.net/index.php?action=advisories&id=24",
"refsource" : "MISC",
"url" : "http://www.neosecurityteam.net/index.php?action=advisories&id=24"
"name": "ADV-2006-2738",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2738"
},
{
"name" : "18928",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18928"
"name": "http://www.neosecurityteam.net/index.php?action=advisories&id=24",
"refsource": "MISC",
"url": "http://www.neosecurityteam.net/index.php?action=advisories&id=24"
},
{
"name" : "ADV-2006-2738",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2738"
"name": "18928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18928"
},
{
"name" : "21017",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21017"
"name": "1221",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1221"
},
{
"name" : "1221",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1221"
"name": "graffiti-forum-topics-sql-injection(27634)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27634"
},
{
"name" : "graffiti-forum-topics-sql-injection(27634)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27634"
"name": "20060708 Graffiti Forums v1.0 SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439605/100/0/threaded"
}
]
}

104
2006/3xxx/CVE-2006-3680.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3680",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3680",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060713 Photocycle v1.0 - XSS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439968/100/0/threaded"
"name": "20060713 Photocycle v1.0 - XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439968/100/0/threaded"
},
{
"name" : "20060714 Re: Photocycle v1.0 - XSS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440078/100/100/threaded"
"name": "27093",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27093"
},
{
"name" : "18964",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18964"
"name": "ADV-2006-2805",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2805"
},
{
"name" : "ADV-2006-2805",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2805"
"name": "20060714 Re: Photocycle v1.0 - XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440078/100/100/threaded"
},
{
"name" : "27093",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27093"
"name": "18964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18964"
},
{
"name" : "1016492",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016492"
"name": "1016492",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016492"
},
{
"name" : "21054",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21054"
"name": "photocycle-unspecified-xss(27715)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27715"
},
{
"name" : "photocycle-unspecified-xss(27715)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27715"
"name": "21054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21054"
}
]
}

22
2006/3xxx/CVE-2006-3863.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3863",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-3863",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

92
2006/6xxx/CVE-2006-6196.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6196",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6196",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field (txtsearchtext parameter)."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field (txtsearchtext parameter)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061124 [Aria-Security Team] Fixit iDMS Pro Image Gallery SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452567/100/0/threaded"
"name": "20061124 [Aria-Security Team] Fixit iDMS Pro Image Gallery SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452567/100/0/threaded"
},
{
"name" : "http://www.aria-security.com/forum/showthread.php?t=39",
"refsource" : "MISC",
"url" : "http://www.aria-security.com/forum/showthread.php?t=39"
"name": "1941",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1941"
},
{
"name" : "21282",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21282"
"name": "http://www.aria-security.com/forum/showthread.php?t=39",
"refsource": "MISC",
"url": "http://www.aria-security.com/forum/showthread.php?t=39"
},
{
"name" : "1017281",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017281"
"name": "fixit-idms-search-xss(30514)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30514"
},
{
"name" : "1941",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1941"
"name": "21282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21282"
},
{
"name" : "fixit-idms-search-xss(30514)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30514"
"name": "1017281",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017281"
}
]
}

80
2006/6xxx/CVE-2006-6309.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6309",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6309",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855."
"lang": "eng",
"value": "Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453544/100/0/threaded"
"name": "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html",
"refsource": "MISC",
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21250261",
"refsource" : "MISC",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21250261"
"name": "1979",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1979"
},
{
"name" : "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html",
"refsource" : "MISC",
"url" : "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21250261",
"refsource": "MISC",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21250261"
},
{
"name" : "1979",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1979"
"name": "20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453544/100/0/threaded"
}
]
}

110
2006/6xxx/CVE-2006-6810.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6810",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6810",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote attackers to cause a denial of service (application crash) via crafted network traffic, which triggers memory corruption."
"lang": "eng",
"value": "Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote attackers to cause a denial of service (application crash) via crafted network traffic, which triggers memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070103 Provable vendor ACK for CVE-2006-6810 (DB Hub DoS)",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2007-January/001204.html"
"name": "http://dbhub.ir.pl/",
"refsource": "CONFIRM",
"url": "http://dbhub.ir.pl/"
},
{
"name" : "http://www.critical.lt/?vuln/548",
"refsource" : "MISC",
"url" : "http://www.critical.lt/?vuln/548"
"name": "http://www.critical.lt/?vuln/548",
"refsource": "MISC",
"url": "http://www.critical.lt/?vuln/548"
},
{
"name" : "http://www.critical.lt/research/crit_dbhub.pl",
"refsource" : "MISC",
"url" : "http://www.critical.lt/research/crit_dbhub.pl"
"name": "20070103 Provable vendor ACK for CVE-2006-6810 (DB Hub DoS)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-January/001204.html"
},
{
"name" : "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22",
"refsource" : "CONFIRM",
"url" : "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22"
"name": "dbhub-clearuserlist-dos(31172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31172"
},
{
"name" : "http://dbhub.ir.pl/",
"refsource" : "CONFIRM",
"url" : "http://dbhub.ir.pl/"
"name": "21791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21791"
},
{
"name" : "21791",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21791"
"name": "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22",
"refsource": "CONFIRM",
"url": "http://mieszkancy.ds.pg.gda.pl/~centurion/darkbot/stat/click.php?id=22"
},
{
"name" : "ADV-2006-5198",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5198"
"name": "ADV-2006-5198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5198"
},
{
"name" : "23489",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23489"
"name": "http://www.critical.lt/research/crit_dbhub.pl",
"refsource": "MISC",
"url": "http://www.critical.lt/research/crit_dbhub.pl"
},
{
"name" : "dbhub-clearuserlist-dos(31172)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31172"
"name": "23489",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23489"
}
]
}

194
2006/7xxx/CVE-2006-7203.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7203",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7203",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode (\"mount -t smbfs\")."
"lang": "eng",
"value": "The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode (\"mount -t smbfs\")."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab"
"name": "SUSE-SA:2007:043",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm"
"name": "26289",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26289"
},
{
"name" : "DSA-1504",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1504"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab"
},
{
"name" : "MDKSA-2007:171",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
"name": "25838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25838"
},
{
"name" : "MDKSA-2007:196",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
"name": "MDKSA-2007:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name" : "RHSA-2007:0376",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2007-0376.html"
"name": "DSA-1504",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1504"
},
{
"name" : "RHSA-2007:0488",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0488.html"
"name": "oval:org.mitre.oval:def:10941",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10941"
},
{
"name" : "SUSE-SA:2007:035",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
"name": "25683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25683"
},
{
"name" : "SUSE-SA:2007:043",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
"name": "26620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26620"
},
{
"name" : "USN-486-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-486-1"
"name": "USN-489-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name" : "USN-489-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-489-1"
"name": "MDKSA-2007:196",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name" : "oval:org.mitre.oval:def:10941",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10941"
"name": "25961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25961"
},
{
"name" : "ADV-2007-2209",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2209"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm"
},
{
"name" : "25682",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25682"
"name": "ADV-2007-2209",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2209"
},
{
"name" : "25700",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25700"
"name": "29058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29058"
},
{
"name" : "25683",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25683"
"name": "25682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25682"
},
{
"name" : "25838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25838"
"name": "RHSA-2007:0376",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2007-0376.html"
},
{
"name" : "25961",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25961"
"name": "USN-486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name" : "26133",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26133"
"name": "SUSE-SA:2007:035",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
},
{
"name" : "26139",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26139"
"name": "25700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25700"
},
{
"name" : "26289",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26289"
"name": "26139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26139"
},
{
"name" : "26620",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26620"
"name": "RHSA-2007:0488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0488.html"
},
{
"name" : "29058",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29058"
"name": "26133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26133"
}
]
}

80
2006/7xxx/CVE-2006-7211.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7211",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7211",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores."
"lang": "eng",
"value": "fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf"
"name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf",
"refsource": "CONFIRM",
"url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf"
},
{
"name" : "DSA-1529",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1529"
"name": "28474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28474"
},
{
"name" : "28474",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28474"
"name": "29501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29501"
},
{
"name" : "29501",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29501"
"name": "DSA-1529",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1529"
}
]
}

98
2011/0xxx/CVE-2011-0430.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0430",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0430",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "DSA-2168",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2168"
"name": "46428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46428"
},
{
"name" : "46428",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46428"
"name": "DSA-2168",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2168"
},
{
"name" : "1025095",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025095"
"name": "ADV-2011-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0410"
},
{
"name" : "43371",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43371"
"name": "43371",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43371"
},
{
"name" : "43407",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43407"
"name": "1025095",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025095"
},
{
"name" : "ADV-2011-0410",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0410"
"name": "ADV-2011-0411",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0411"
},
{
"name" : "ADV-2011-0411",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0411"
"name": "43407",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43407"
}
]
}

68
2011/0xxx/CVE-2011-0756.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0756",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0756",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port."
"lang": "eng",
"value": "The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt",
"refsource" : "CONFIRM",
"url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt"
"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt",
"refsource": "CONFIRM",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt"
},
{
"name" : "1025447",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1025447"
"name": "1025447",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025447"
}
]
}

68
2011/0xxx/CVE-2011-0879.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0879",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-0879",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
"name": "TA11-201A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
},
{
"name" : "TA11-201A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
}
]
}

194
2011/0xxx/CVE-2011-0904.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0904",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0904",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions."
"lang": "eng",
"value": "The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news",
"refsource" : "CONFIRM",
"url" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news"
"name": "vino-input-dos(67243)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67243"
},
{
"name" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news",
"refsource" : "CONFIRM",
"url" : "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news"
"name": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0"
},
{
"name" : "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news",
"refsource" : "CONFIRM",
"url" : "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news"
"name": "USN-1128-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1128-1/"
},
{
"name" : "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0"
"name": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a"
},
{
"name" : "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f"
"name": "SUSE-SR:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name" : "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279"
"name": "MDVSA-2011:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087"
},
{
"name" : "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a"
"name": "RHSA-2013:0169",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0169.html"
},
{
"name" : "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4"
"name": "44410",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44410"
},
{
"name" : "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d"
"name": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news",
"refsource": "CONFIRM",
"url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news"
},
{
"name" : "http://git.gnome.org/browse/vino/log/?h=gnome-2-30",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/log/?h=gnome-2-30"
"name": "ADV-2011-1144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1144"
},
{
"name" : "http://git.gnome.org/browse/vino/tree/NEWS",
"refsource" : "CONFIRM",
"url" : "http://git.gnome.org/browse/vino/tree/NEWS"
"name": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news",
"refsource": "CONFIRM",
"url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news"
},
{
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=641802",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=641802"
"name": "47681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47681"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=694455",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=694455"
"name": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f"
},
{
"name" : "DSA-2238",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2238"
"name": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30"
},
{
"name" : "MDVSA-2011:087",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087"
"name": "DSA-2238",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2238"
},
{
"name" : "RHSA-2013:0169",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0169.html"
"name": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d"
},
{
"name" : "SUSE-SR:2011:009",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=641802",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=641802"
},
{
"name" : "USN-1128-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-1128-1/"
"name": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4"
},
{
"name" : "47681",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47681"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=694455",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=694455"
},
{
"name" : "44410",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44410"
"name": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279"
},
{
"name" : "44463",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44463"
"name": "44463",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44463"
},
{
"name" : "ADV-2011-1144",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/1144"
"name": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news",
"refsource": "CONFIRM",
"url": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news"
},
{
"name" : "vino-input-dos(67243)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67243"
"name": "http://git.gnome.org/browse/vino/tree/NEWS",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/vino/tree/NEWS"
}
]
}

110
2011/2xxx/CVE-2011-2424.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2424",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2424",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\""
"lang": "eng",
"value": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html",
"refsource" : "MISC",
"url" : "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html"
"name": "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html",
"refsource": "CONFIRM",
"url": "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html"
},
{
"name" : "http://twitter.com/taviso/statuses/101046246277521409",
"refsource" : "MISC",
"url" : "http://twitter.com/taviso/statuses/101046246277521409"
"name": "http://twitter.com/taviso/statuses/101046246277521409",
"refsource": "MISC",
"url": "http://twitter.com/taviso/statuses/101046246277521409"
},
{
"name" : "http://twitter.com/taviso/statuses/101046396790128640",
"refsource" : "MISC",
"url" : "http://twitter.com/taviso/statuses/101046396790128640"
"name": "TA11-222A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-222A.html"
},
{
"name" : "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html",
"refsource" : "CONFIRM",
"url" : "http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html"
"name": "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html",
"refsource": "MISC",
"url": "http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
"name": "oval:org.mitre.oval:def:14199",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14199"
},
{
"name" : "RHSA-2011:1144",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1144.html"
"name": "http://twitter.com/taviso/statuses/101046396790128640",
"refsource": "MISC",
"url": "http://twitter.com/taviso/statuses/101046396790128640"
},
{
"name" : "TA11-222A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-222A.html"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"name" : "oval:org.mitre.oval:def:14199",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14199"
"name": "oval:org.mitre.oval:def:15869",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15869"
},
{
"name" : "oval:org.mitre.oval:def:15869",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15869"
"name": "RHSA-2011:1144",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1144.html"
}
]
}

92
2011/2xxx/CVE-2011-2517.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2517",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2517",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value."
"lang": "eng",
"value": "Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/07/01/4"
"name": "RHSA-2011:1212",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2",
"refsource" : "CONFIRM",
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
"name": "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=718152",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=718152"
"name": "[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/01/4"
},
{
"name" : "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2"
},
{
"name" : "RHSA-2011:1212",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=718152",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718152"
}
]
}

74
2011/3xxx/CVE-2011-3825.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3825",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3825",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files."
"lang": "eng",
"value": "Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6"
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Zend"
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}

80
2011/3xxx/CVE-2011-3837.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3837",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2011-3837",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php."
"lang": "eng",
"value": "Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://secunia.com/secunia_research/2011-87/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2011-87/"
"name": "wuzly-index-file-include(71903)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71903"
},
{
"name" : "77912",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77912"
"name": "46163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46163"
},
{
"name" : "46163",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46163"
"name": "77912",
"refsource": "OSVDB",
"url": "http://osvdb.org/77912"
},
{
"name" : "wuzly-index-file-include(71903)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71903"
"name": "http://secunia.com/secunia_research/2011-87/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2011-87/"
}
]
}

74
2011/3xxx/CVE-2011-3911.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3911",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-3911",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
"lang": "eng",
"value": "Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=101779",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=101779"
"name": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html"
},
{
"name" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html"
"name": "http://code.google.com/p/chromium/issues/detail?id=101779",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=101779"
},
{
"name" : "oval:org.mitre.oval:def:14683",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14683"
"name": "oval:org.mitre.oval:def:14683",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14683"
}
]
}

22
2011/4xxx/CVE-2011-4018.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4018",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4018",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2011/4xxx/CVE-2011-4245.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4245",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4245",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
"lang": "eng",
"value": "The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://service.real.com/realplayer/security/11182011_player/en/",
"refsource" : "CONFIRM",
"url" : "http://service.real.com/realplayer/security/11182011_player/en/"
"name": "http://service.real.com/realplayer/security/11182011_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/11182011_player/en/"
}
]
}

22
2011/4xxx/CVE-2011-4724.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4724",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4724",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2011/4xxx/CVE-2011-4990.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4990",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4990",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

22
2011/4xxx/CVE-2011-4996.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4996",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4996",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

74
2013/1xxx/CVE-2013-1085.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1085",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1085",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter."
"lang": "eng",
"value": "Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-13-036/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-13-036/"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-13-036/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-036/"
},
{
"name" : "http://www.novell.com/support/kb/doc.php?id=7011935",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/kb/doc.php?id=7011935"
"name": "http://www.novell.com/support/kb/doc.php?id=7011935",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7011935"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=777352",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=777352"
"name": "https://bugzilla.novell.com/show_bug.cgi?id=777352",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=777352"
}
]
}

92
2013/1xxx/CVE-2013-1374.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1374",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2013-1374",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb13-05.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
"name": "SUSE-SU-2013:0296",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"name" : "RHSA-2013:0254",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0254.html"
"name": "RHSA-2013:0254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"
},
{
"name" : "SUSE-SU-2013:0296",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
"name": "openSUSE-SU-2013:0295",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"name" : "openSUSE-SU-2013:0295",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
"name": "openSUSE-SU-2013:0298",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"name" : "openSUSE-SU-2013:0298",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
"name": "TA13-043A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"
},
{
"name" : "TA13-043A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"
"name": "http://www.adobe.com/support/security/bulletins/apsb13-05.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
}
]
}

22
2013/5xxx/CVE-2013-5281.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5281",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5281",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2013/5xxx/CVE-2013-5368.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5368",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5368",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2013/5xxx/CVE-2013-5440.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5440",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5440",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation."
"lang": "eng",
"value": "IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21659957",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21659957"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21659957",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659957"
},
{
"name" : "JR48095",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR48095"
"name": "JR48095",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR48095"
},
{
"name" : "ibm-infosphere-cve20135440-info-disc(87816)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87816"
"name": "ibm-infosphere-cve20135440-info-disc(87816)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87816"
}
]
}

22
2014/2xxx/CVE-2014-2501.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2501",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2501",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2014/2xxx/CVE-2014-2589.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2589",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2589",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140306 SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/531364/100/0/threaded"
"name": "1029884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029884"
},
{
"name" : "http://www.vulnerability-lab.com/get_content.php?id=1100",
"refsource" : "MISC",
"url" : "http://www.vulnerability-lab.com/get_content.php?id=1100"
"name": "sonicwall-nsa-dashboard-xss(91766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91766"
},
{
"name" : "66042",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66042"
"name": "20140306 SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531364/100/0/threaded"
},
{
"name" : "104089",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/104089"
"name": "57275",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57275"
},
{
"name" : "1029884",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029884"
"name": "66042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66042"
},
{
"name" : "57275",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57275"
"name": "http://www.vulnerability-lab.com/get_content.php?id=1100",
"refsource": "MISC",
"url": "http://www.vulnerability-lab.com/get_content.php?id=1100"
},
{
"name" : "sonicwall-nsa-dashboard-xss(91766)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91766"
"name": "104089",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/104089"
}
]
}

68
2014/2xxx/CVE-2014-2713.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2713",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2713",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers, allows remote attackers to cause a denial of service (PFE restart) via a crafted IP packet to certain (1) Trio or (2) Cassis-based Packet Forwarding Engine (PFE) modules."
"lang": "eng",
"value": "Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers, allows remote attackers to cause a denial of service (PFE restart) via a crafted IP packet to certain (1) Trio or (2) Cassis-based Packet Forwarding Engine (PFE) modules."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10621"
},
{
"name" : "66764",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66764"
"name": "66764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66764"
}
]
}

22
2014/2xxx/CVE-2014-2831.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2831",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2831",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/6xxx/CVE-2014-6039.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6039",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6039",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/6xxx/CVE-2014-6307.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6307",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6307",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2014/6xxx/CVE-2014-6308.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6308",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6308",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php."
"lang": "eng",
"value": "Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140916 Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/533456/100/0/threaded"
"name": "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/",
"refsource": "CONFIRM",
"url": "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/"
},
{
"name" : "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html"
"name": "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html"
},
{
"name" : "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435",
"refsource" : "MISC",
"url" : "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435"
"name": "https://www.netsparker.com/lfi-vulnerability-in-osclass/",
"refsource": "MISC",
"url": "https://www.netsparker.com/lfi-vulnerability-in-osclass/"
},
{
"name" : "https://www.netsparker.com/lfi-vulnerability-in-osclass/",
"refsource" : "MISC",
"url" : "https://www.netsparker.com/lfi-vulnerability-in-osclass/"
"name": "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435",
"refsource": "MISC",
"url": "https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435"
},
{
"name" : "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/",
"refsource" : "CONFIRM",
"url" : "http://blog.osclass.org/2014/09/15/osclass-3-4-2-ready-download/"
"name": "20140916 Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533456/100/0/threaded"
}
]
}

68
2014/6xxx/CVE-2014-6525.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6525",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6525",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "1031579",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031579"
"name": "1031579",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031579"
}
]
}

22
2014/6xxx/CVE-2014-6915.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6915",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-6915",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7046, CVE-2014-7047. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-7046 and CVE-2014-7047 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7046, CVE-2014-7047. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-7046 and CVE-2014-7047 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

22
2017/0xxx/CVE-2017-0013.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0013",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0013",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/0xxx/CVE-2017-0262.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0262",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0262",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Office",
"version" : {
"version_data" : [
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value" : "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016"
"version_value": "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka \"Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281."
"lang": "eng",
"value": "Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka \"Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262"
"name": "98279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98279"
},
{
"name" : "98279",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98279"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262"
}
]
}

22
2017/0xxx/CVE-2017-0970.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0970",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0970",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/0xxx/CVE-2017-0994.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0994",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0994",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1000xxx/CVE-2017-1000167.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1000167",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1000167",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the Primary CNA. Further investigation showed that it was not a security issue. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the Primary CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

72
2017/1000xxx/CVE-2017-1000508.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "12/29/2017 15:45:04",
"ID" : "CVE-2017-1000508",
"REQUESTER" : "sajeeb.lohani@bulletproof.sh",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "12/29/2017 15:45:04",
"ID": "CVE-2017-1000508",
"REQUESTER": "sajeeb.lohani@bulletproof.sh",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Invoice Plane",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "1.5.4 and earlier"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Invoice Plane"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later."
"lang": "eng",
"value": "Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/InvoicePlane/InvoicePlane/pull/557",
"refsource" : "CONFIRM",
"url" : "https://github.com/InvoicePlane/InvoicePlane/pull/557"
"name": "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2",
"refsource": "CONFIRM",
"url": "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2"
},
{
"name" : "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2",
"refsource" : "CONFIRM",
"url" : "https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2"
"name": "https://github.com/InvoicePlane/InvoicePlane/pull/557",
"refsource": "CONFIRM",
"url": "https://github.com/InvoicePlane/InvoicePlane/pull/557"
}
]
}

22
2017/18xxx/CVE-2017-18000.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18000",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18000",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2017/18xxx/CVE-2017-18127.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2017-18127",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2017-18127",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845"
"version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy()."
"lang": "eng",
"value": "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy()."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Improper Input Validation in APSS"
"lang": "eng",
"value": "Improper Input Validation in APSS"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

106
2017/1xxx/CVE-2017-1295.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-10-20T00:00:00",
"ID" : "CVE-2017-1295",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-10-20T00:00:00",
"ID": "CVE-2017-1295",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value" : "4.0"
"version_value": "4.0"
},
{
"version_value" : "4.0.1"
"version_value": "4.0.1"
},
{
"version_value" : "4.0.2"
"version_value": "4.0.2"
},
{
"version_value" : "4.0.3"
"version_value": "4.0.3"
},
{
"version_value" : "4.0.4"
"version_value": "4.0.4"
},
{
"version_value" : "4.0.5"
"version_value": "4.0.5"
},
{
"version_value" : "4.0.6"
"version_value": "4.0.6"
},
{
"version_value" : "5.0"
"version_value": "5.0"
},
{
"version_value" : "4.0.7"
"version_value": "4.0.7"
},
{
"version_value" : "5.0.1"
"version_value": "5.0.1"
},
{
"version_value" : "5.0.2"
"version_value": "5.0.2"
},
{
"version_value" : "6.0"
"version_value": "6.0"
},
{
"version_value" : "6.0.1"
"version_value": "6.0.1"
},
{
"version_value" : "6.0.2"
"version_value": "6.0.2"
},
{
"version_value" : "6.0.3"
"version_value": "6.0.3"
},
{
"version_value" : "6.0.4"
"version_value": "6.0.4"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157."
"lang": "eng",
"value": "IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157"
"name": "101616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101616"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22009296",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22009296"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125157"
},
{
"name" : "101616",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101616"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22009296",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009296"
}
]
}

76
2017/1xxx/CVE-2017-1457.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-31T00:00:00",
"ID" : "CVE-2017-1457",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-31T00:00:00",
"ID": "CVE-2017-1457",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "QRadar Network Security",
"version" : {
"version_data" : [
"product_name": "QRadar Network Security",
"version": {
"version_data": [
{
"version_value" : "5.4"
"version_value": "5.4"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128376."
"lang": "eng",
"value": "IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128376."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376"
"name": "100636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100636"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22007550",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22007550"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22007550",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22007550"
},
{
"name" : "100636",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100636"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128376"
}
]
}

74
2017/1xxx/CVE-2017-1521.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1521",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1521",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129831."
"lang": "eng",
"value": "IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129831."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831"
"name": "101571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101571"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22009673",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22009673"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22009673",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009673"
},
{
"name" : "101571",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101571"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129831"
}
]
}

22
2017/1xxx/CVE-2017-1589.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1589",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1589",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1987.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1987",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1987",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4164.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4164",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4164",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4795.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4795",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4795",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

104
2017/4xxx/CVE-2017-4904.json
View File

@ -1,108 +1,108 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@vmware.com",
"ID" : "CVE-2017-4904",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2017-4904",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "ESXi",
"version" : {
"version_data" : [
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value" : "6.5 without patch ESXi650-201703410-SG"
"version_value": "6.5 without patch ESXi650-201703410-SG"
},
{
"version_value" : "6.0 U3 without patch ESXi600-201703401-SG"
"version_value": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"version_value" : "6.0 U2 without patch ESXi600-201703403-SG"
"version_value": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"version_value" : "6.0 U1 without patch ESXi600-201703402-SG"
"version_value": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"version_value" : "5.5 without patch ESXi550-201703401-SG"
"version_value": "5.5 without patch ESXi550-201703401-SG"
}
]
}
},
{
"product_name" : "Workstation Pro / Player",
"version" : {
"version_data" : [
"product_name": "Workstation Pro / Player",
"version": {
"version_data": [
{
"version_value" : "12.x prior to 12.5.5"
"version_value": "12.x prior to 12.5.5"
}
]
}
},
{
"product_name" : "Fusion Pro / Fusion",
"version" : {
"version_data" : [
"product_name": "Fusion Pro / Fusion",
"version": {
"version_data": [
{
"version_value" : "8.x prior to 8.5.6"
"version_value": "8.x prior to 8.5.6"
}
]
}
}
]
},
"vendor_name" : "VMware"
"vendor_name": "VMware"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5."
"lang": "eng",
"value": "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution / DoS"
"lang": "eng",
"value": "Remote Code Execution / DoS"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
"name": "97165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97165"
},
{
"name" : "97165",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97165"
"name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name" : "1038148",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038148"
"name": "1038148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name" : "1038149",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038149"
"name": "1038149",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038149"
}
]
}

22
2017/5xxx/CVE-2017-5864.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5864",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5864",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}