diff --git a/2007/0xxx/CVE-2007-0018.json b/2007/0xxx/CVE-2007-0018.json index c5e4e3ff79d..c161522d153 100644 --- a/2007/0xxx/CVE-2007-0018.json +++ b/2007/0xxx/CVE-2007-0018.json @@ -1,497 +1,497 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-0018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070124 Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveXControl Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457965/100/200/threaded" - }, - { - "name" : "20070124 Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX ControlBuffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457936/100/200/threaded" - }, - { - "name" : "20070124 Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2ActiveX Control Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457940/100/200/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2007-2/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-2/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-3/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-3/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-4/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-4/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-5/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-5/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-6/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-6/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-7/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-7/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-8/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-8/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-9/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-9/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-10/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-10/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-11/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-11/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-12/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-12/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-13/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-13/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-14/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-14/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-15/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-15/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-16/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-16/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-17/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-17/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-18/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-18/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-19/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-19/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-20/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-20/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-21/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-21/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-22/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-22/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-23/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-23/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-24/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-24/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-25/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-25/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-26/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-26/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-27/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-27/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-28/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-28/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-29/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-29/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-30/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-30/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-31/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-31/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-32/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-32/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-33/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-33/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-34/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-34/advisory/" - }, - { - "name" : "http://secunia.com/blog/6/", - "refsource" : "MISC", - "url" : "http://secunia.com/blog/6/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-50/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-50/advisory/" - }, - { - "name" : "VU#292713", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/292713" - }, - { - "name" : "22196", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22196" - }, - { - "name" : "23892", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23892" - }, - { - "name" : "ADV-2007-0310", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0310" - }, - { - "name" : "23475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23475" - }, - { - "name" : "23493", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23493" - }, - { - "name" : "23532", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23532" - }, - { - "name" : "23543", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23543" - }, - { - "name" : "23551", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23551" - }, - { - "name" : "23552", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23552" - }, - { - "name" : "23553", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23553" - }, - { - "name" : "23557", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23557" - }, - { - "name" : "23568", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23568" - }, - { - "name" : "23485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23485" - }, - { - "name" : "23495", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23495" - }, - { - "name" : "23511", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23511" - }, - { - "name" : "23516", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23516" - }, - { - "name" : "23530", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23530" - }, - { - "name" : "23534", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23534" - }, - { - "name" : "23535", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23535" - }, - { - "name" : "23536", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23536" - }, - { - "name" : "23541", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23541" - }, - { - "name" : "23542", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23542" - }, - { - "name" : "23544", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23544" - }, - { - "name" : "23546", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23546" - }, - { - "name" : "23548", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23548" - }, - { - "name" : "23550", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23550" - }, - { - "name" : "23554", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23554" - }, - { - "name" : "23558", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23558" - }, - { - "name" : "23560", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23560" - }, - { - "name" : "23561", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23561" - }, - { - "name" : "23562", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23562" - }, - { - "name" : "23565", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23565" - }, - { - "name" : "23745", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23745" - }, - { - "name" : "23753", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23753" - }, - { - "name" : "23795", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23795" - }, - { - "name" : "22922", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22922" - }, - { - "name" : "25993", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25993" - }, - { - "name" : "26046", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26046" - }, - { - "name" : "26100", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26100" - }, - { - "name" : "26101", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26101" - }, - { - "name" : "28407", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28407" - }, - { - "name" : "30406", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30406" - }, - { - "name" : "30424", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30424" - }, - { - "name" : "30439", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30439" - }, - { - "name" : "30446", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30446" - }, - { - "name" : "30447", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30447" - }, - { - "name" : "30450", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30450" - }, - { - "name" : "30459", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30459" - }, - { - "name" : "nctaudiofile2-multiple-bo(31707)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31707" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23546", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23546" + }, + { + "name": "23892", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23892" + }, + { + "name": "http://secunia.com/secunia_research/2007-7/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-7/advisory/" + }, + { + "name": "23535", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23535" + }, + { + "name": "nctaudiofile2-multiple-bo(31707)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31707" + }, + { + "name": "http://secunia.com/secunia_research/2007-12/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-12/advisory/" + }, + { + "name": "23562", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23562" + }, + { + "name": "http://secunia.com/secunia_research/2007-27/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-27/advisory/" + }, + { + "name": "23536", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23536" + }, + { + "name": "30459", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30459" + }, + { + "name": "30406", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30406" + }, + { + "name": "http://secunia.com/secunia_research/2007-29/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-29/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-24/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-24/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-8/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-8/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-9/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-9/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-13/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-13/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-20/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-20/advisory/" + }, + { + "name": "23553", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23553" + }, + { + "name": "23551", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23551" + }, + { + "name": "23485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23485" + }, + { + "name": "http://secunia.com/secunia_research/2007-50/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-50/advisory/" + }, + { + "name": "23550", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23550" + }, + { + "name": "http://secunia.com/secunia_research/2007-16/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-16/advisory/" + }, + { + "name": "30447", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30447" + }, + { + "name": "http://secunia.com/secunia_research/2007-28/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-28/advisory/" + }, + { + "name": "23541", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23541" + }, + { + "name": "26046", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26046" + }, + { + "name": "23534", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23534" + }, + { + "name": "http://secunia.com/secunia_research/2007-15/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-15/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-10/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-10/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-4/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-4/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-18/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-18/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-23/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-23/advisory/" + }, + { + "name": "23516", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23516" + }, + { + "name": "http://secunia.com/secunia_research/2007-14/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-14/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-19/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-19/advisory/" + }, + { + "name": "25993", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25993" + }, + { + "name": "http://secunia.com/secunia_research/2007-17/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-17/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-31/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-31/advisory/" + }, + { + "name": "23495", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23495" + }, + { + "name": "http://secunia.com/secunia_research/2007-32/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-32/advisory/" + }, + { + "name": "23558", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23558" + }, + { + "name": "http://secunia.com/secunia_research/2007-33/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-33/advisory/" + }, + { + "name": "23544", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23544" + }, + { + "name": "20070124 Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX ControlBuffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457936/100/200/threaded" + }, + { + "name": "23530", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23530" + }, + { + "name": "23795", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23795" + }, + { + "name": "http://secunia.com/secunia_research/2007-3/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-3/advisory/" + }, + { + "name": "23543", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23543" + }, + { + "name": "23552", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23552" + }, + { + "name": "http://secunia.com/blog/6/", + "refsource": "MISC", + "url": "http://secunia.com/blog/6/" + }, + { + "name": "23475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23475" + }, + { + "name": "23560", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23560" + }, + { + "name": "30439", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30439" + }, + { + "name": "20070124 Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2ActiveX Control Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457940/100/200/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2007-25/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-25/advisory/" + }, + { + "name": "26100", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26100" + }, + { + "name": "http://secunia.com/secunia_research/2007-34/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-34/advisory/" + }, + { + "name": "20070124 Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveXControl Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457965/100/200/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2007-21/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-21/advisory/" + }, + { + "name": "23548", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23548" + }, + { + "name": "30446", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30446" + }, + { + "name": "30424", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30424" + }, + { + "name": "23561", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23561" + }, + { + "name": "23557", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23557" + }, + { + "name": "http://secunia.com/secunia_research/2007-6/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-6/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-30/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-30/advisory/" + }, + { + "name": "23745", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23745" + }, + { + "name": "28407", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28407" + }, + { + "name": "23493", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23493" + }, + { + "name": "23511", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23511" + }, + { + "name": "ADV-2007-0310", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0310" + }, + { + "name": "23565", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23565" + }, + { + "name": "http://secunia.com/secunia_research/2007-5/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-5/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-11/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-11/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-22/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-22/advisory/" + }, + { + "name": "http://secunia.com/secunia_research/2007-26/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-26/advisory/" + }, + { + "name": "22922", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22922" + }, + { + "name": "30450", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30450" + }, + { + "name": "http://secunia.com/secunia_research/2007-2/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-2/advisory/" + }, + { + "name": "23568", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23568" + }, + { + "name": "23532", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23532" + }, + { + "name": "26101", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26101" + }, + { + "name": "23753", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23753" + }, + { + "name": "23542", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23542" + }, + { + "name": "VU#292713", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/292713" + }, + { + "name": "23554", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23554" + }, + { + "name": "22196", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22196" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0513.json b/2007/0xxx/CVE-2007-0513.json index 002e7f73af0..2f627eb5021 100644 --- a/2007/0xxx/CVE-2007-0513.json +++ b/2007/0xxx/CVE-2007-0513.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hitachi HiRDB Datareplicator 7HiRDB, 7(64), 6, 6(64), 5.0, and 5.0(64); and various products that bundle HiRDB Datareplicator; allows attackers to cause a denial of service (CPU consumption) via certain data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-023_e/01-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-023_e/01-e.html" - }, - { - "name" : "22244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22244" - }, - { - "name" : "ADV-2007-0327", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0327" - }, - { - "name" : "32996", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32996" - }, - { - "name" : "23816", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23816" - }, - { - "name" : "hitachi-hirdb-request-dos(31735)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hitachi HiRDB Datareplicator 7HiRDB, 7(64), 6, 6(64), 5.0, and 5.0(64); and various products that bundle HiRDB Datareplicator; allows attackers to cause a denial of service (CPU consumption) via certain data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-023_e/01-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-023_e/01-e.html" + }, + { + "name": "22244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22244" + }, + { + "name": "23816", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23816" + }, + { + "name": "hitachi-hirdb-request-dos(31735)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31735" + }, + { + "name": "32996", + "refsource": "OSVDB", + "url": "http://osvdb.org/32996" + }, + { + "name": "ADV-2007-0327", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0327" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0836.json b/2007/0xxx/CVE-2007-0836.json index a691b9c1219..0dd16003a43 100644 --- a/2007/0xxx/CVE-2007-0836.json +++ b/2007/0xxx/CVE-2007-0836.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the (1) \"Path to custom header include\" and (2) \"Path to custom footer include\" form fields. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22409" - }, - { - "name" : "33094", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33094" - }, - { - "name" : "24019", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24019" - }, - { - "name" : "coppermine-admin-file-include(32233)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32233" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the (1) \"Path to custom header include\" and (2) \"Path to custom footer include\" form fields. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22409" + }, + { + "name": "24019", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24019" + }, + { + "name": "33094", + "refsource": "OSVDB", + "url": "http://osvdb.org/33094" + }, + { + "name": "coppermine-admin-file-include(32233)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32233" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1065.json b/2007/1xxx/CVE-2007-1065.json index 0b1bc639139..bac8f62ba6e 100644 --- a/2007/1xxx/CVE-2007-1065.json +++ b/2007/1xxx/CVE-2007-1065.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070221 Multiple Vulnerabilities in 802.1X Supplicant", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml" - }, - { - "name" : "22648", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22648" - }, - { - "name" : "ADV-2007-0690", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0690" - }, - { - "name" : "33048", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33048" - }, - { - "name" : "1017683", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017683" - }, - { - "name" : "1017684", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017684" - }, - { - "name" : "24258", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24258" - }, - { - "name" : "cisco-cssc-privilege-escalation(32622)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24258", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24258" + }, + { + "name": "cisco-cssc-privilege-escalation(32622)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622" + }, + { + "name": "ADV-2007-0690", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0690" + }, + { + "name": "33048", + "refsource": "OSVDB", + "url": "http://osvdb.org/33048" + }, + { + "name": "22648", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22648" + }, + { + "name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml" + }, + { + "name": "1017683", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017683" + }, + { + "name": "1017684", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017684" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1275.json b/2007/1xxx/CVE-2007-1275.json index 286c7321347..d8da4f6ab4d 100644 --- a/2007/1xxx/CVE-2007-1275.json +++ b/2007/1xxx/CVE-2007-1275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1275", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1275", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1851.json b/2007/1xxx/CVE-2007-1851.json index 0dfdb9ef806..4b5498230f2 100644 --- a/2007/1xxx/CVE-2007-1851.json +++ b/2007/1xxx/CVE-2007-1851.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1851", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the __class parameter to (1) Controller_v4.php or (2) Controller_v5.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1851", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3641", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3641" - }, - { - "name" : "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6", - "refsource" : "MISC", - "url" : "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6" - }, - { - "name" : "ADV-2007-1190", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1190" - }, - { - "name" : "24671", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24671" - }, - { - "name" : "rspa-class-file-include(33357)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33357" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the __class parameter to (1) Controller_v4.php or (2) Controller_v5.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24671", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24671" + }, + { + "name": "rspa-class-file-include(33357)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33357" + }, + { + "name": "ADV-2007-1190", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1190" + }, + { + "name": "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6", + "refsource": "MISC", + "url": "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6" + }, + { + "name": "3641", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3641" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3970.json b/2007/3xxx/CVE-2007-3970.json index 125e576f7cd..0283516218d 100644 --- a/2007/3xxx/CVE-2007-3970.json +++ b/2007/3xxx/CVE-2007-3970.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3970", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3970", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474244/100/0/threaded" - }, - { - "name" : "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf", - "refsource" : "MISC", - "url" : "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf" - }, - { - "name" : "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt", - "refsource" : "MISC", - "url" : "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt" - }, - { - "name" : "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26", - "refsource" : "CONFIRM", - "url" : "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26" - }, - { - "name" : "24988", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24988" - }, - { - "name" : "ADV-2007-2602", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2602" - }, - { - "name" : "37976", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37976" - }, - { - "name" : "26124", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26124" - }, - { - "name" : "2922", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2922" - }, - { - "name" : "nod32-cab-code-execution(35526)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded" + }, + { + "name": "2922", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2922" + }, + { + "name": "26124", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26124" + }, + { + "name": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt", + "refsource": "MISC", + "url": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt" + }, + { + "name": "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26", + "refsource": "CONFIRM", + "url": "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26" + }, + { + "name": "24988", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24988" + }, + { + "name": "37976", + "refsource": "OSVDB", + "url": "http://osvdb.org/37976" + }, + { + "name": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf", + "refsource": "MISC", + "url": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf" + }, + { + "name": "nod32-cab-code-execution(35526)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526" + }, + { + "name": "ADV-2007-2602", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2602" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4915.json b/2007/4xxx/CVE-2007-4915.json index 0c11c4cb92e..b5f926f64d6 100644 --- a/2007/4xxx/CVE-2007-4915.json +++ b/2007/4xxx/CVE-2007-4915.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4915", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4915", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070913 Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479434/100/0/threaded" - }, - { - "name" : "20080301 The Router Hacking Challenge is Over!", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/489009/100/0/threaded" - }, - { - "name" : "4542", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4542" - }, - { - "name" : "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-02.txt", - "refsource" : "MISC", - "url" : "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-02.txt" - }, - { - "name" : "http://www.gnucitizen.org/projects/router-hacking-challenge/", - "refsource" : "MISC", - "url" : "http://www.gnucitizen.org/projects/router-hacking-challenge/" - }, - { - "name" : "http://www.ikkisoft.com/stuff/SN-2007-02.txt", - "refsource" : "MISC", - "url" : "http://www.ikkisoft.com/stuff/SN-2007-02.txt" - }, - { - "name" : "25676", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25676" - }, - { - "name" : "3151", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3151" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-02.txt", + "refsource": "MISC", + "url": "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-02.txt" + }, + { + "name": "20080301 The Router Hacking Challenge is Over!", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded" + }, + { + "name": "http://www.gnucitizen.org/projects/router-hacking-challenge/", + "refsource": "MISC", + "url": "http://www.gnucitizen.org/projects/router-hacking-challenge/" + }, + { + "name": "3151", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3151" + }, + { + "name": "http://www.ikkisoft.com/stuff/SN-2007-02.txt", + "refsource": "MISC", + "url": "http://www.ikkisoft.com/stuff/SN-2007-02.txt" + }, + { + "name": "4542", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4542" + }, + { + "name": "25676", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25676" + }, + { + "name": "20070913 Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479434/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4992.json b/2007/4xxx/CVE-2007-4992.json index 47f8baf96da..51dd8093994 100644 --- a/2007/4xxx/CVE-2007-4992.json +++ b/2007/4xxx/CVE-2007-4992.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 ZDI-07-057: Firebird process_packet() Remote Stack Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482025/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-057.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-057.html" - }, - { - "name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=195569", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=195569" - }, - { - "name" : "GLSA-200712-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-06.xml" - }, - { - "name" : "26011", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26011" - }, - { - "name" : "1018802", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018802" - }, - { - "name" : "27982", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27982" - }, - { - "name" : "firebirdsql-processpacket-bo(37079)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37079" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "firebirdsql-processpacket-bo(37079)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37079" + }, + { + "name": "1018802", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018802" + }, + { + "name": "26011", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26011" + }, + { + "name": "GLSA-200712-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-06.xml" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=195569", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=195569" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-057.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-057.html" + }, + { + "name": "27982", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27982" + }, + { + "name": "20071010 ZDI-07-057: Firebird process_packet() Remote Stack Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482025/100/0/threaded" + }, + { + "name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5193.json b/2014/5xxx/CVE-2014-5193.json index e9ea5a4e224..a42fd4e34a2 100644 --- a/2014/5xxx/CVE-2014-5193.json +++ b/2014/5xxx/CVE-2014-5193.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5193", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector is already covered by CVE-2014-5082." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5193", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "34189", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34189" - }, - { - "name" : "109799", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/109799" - }, - { - "name" : "109800", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/109800" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector is already covered by CVE-2014-5082." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "109800", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/109800" + }, + { + "name": "109799", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/109799" + }, + { + "name": "34189", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34189" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2262.json b/2015/2xxx/CVE-2015-2262.json index 56a05caa1c8..a063757bfee 100644 --- a/2015/2xxx/CVE-2015-2262.json +++ b/2015/2xxx/CVE-2015-2262.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2262", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2262", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2531.json b/2015/2xxx/CVE-2015-2531.json index 84efe130478..974eb3d5ba8 100644 --- a/2015/2xxx/CVE-2015-2531.json +++ b/2015/2xxx/CVE-2015-2531.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2531", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka \"Skype for Business Server and Lync Server XSS Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2531", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-104", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-104" - }, - { - "name" : "1033497", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka \"Skype for Business Server and Lync Server XSS Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-104", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-104" + }, + { + "name": "1033497", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033497" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2768.json b/2015/2xxx/CVE-2015-2768.json index 4637f1a819a..0065fe21178 100644 --- a/2015/2xxx/CVE-2015-2768.json +++ b/2015/2xxx/CVE-2015-2768.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", - "refsource" : "CONFIRM", - "url" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" - }, - { - "name" : "73429", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73429" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", + "refsource": "CONFIRM", + "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" + }, + { + "name": "73429", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73429" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2938.json b/2015/2xxx/CVE-2015-2938.json index 5c22af62ee4..8b9bd9319c6 100644 --- a/2015/2xxx/CVE-2015-2938.json +++ b/2015/2xxx/CVE-2015-2938.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2938", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2938", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20150331 MediaWiki Security and Maintenance Releases: 1.19.24, 1.23.9, and 1.24.2", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html" - }, - { - "name" : "[oss-security] 20150331 CVE request: MediaWiki 1.24.2/1.23.9/1.19.24", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/01/1" - }, - { - "name" : "[oss-security] 20150407 Re: CVE request: MediaWiki 1.24.2/1.23.9/1.19.24", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/07/3" - }, - { - "name" : "https://phabricator.wikimedia.org/T85855", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T85855" - }, - { - "name" : "GLSA-201510-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-05" - }, - { - "name" : "MDVSA-2015:200", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:200" - }, - { - "name" : "73477", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73477" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201510-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-05" + }, + { + "name": "MDVSA-2015:200", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:200" + }, + { + "name": "73477", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73477" + }, + { + "name": "[oss-security] 20150407 Re: CVE request: MediaWiki 1.24.2/1.23.9/1.19.24", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/07/3" + }, + { + "name": "[oss-security] 20150331 CVE request: MediaWiki 1.24.2/1.23.9/1.19.24", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/01/1" + }, + { + "name": "[MediaWiki-announce] 20150331 MediaWiki Security and Maintenance Releases: 1.19.24, 1.23.9, and 1.24.2", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html" + }, + { + "name": "https://phabricator.wikimedia.org/T85855", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T85855" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6379.json b/2015/6xxx/CVE-2015-6379.json index 250d92bcdde..3ee773857d1 100644 --- a/2015/6xxx/CVE-2015-6379.json +++ b/2015/6xxx/CVE-2015-6379.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6379", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6379", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151124 Cisco ASA Management Interface XML Parser Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-asa" - }, - { - "name" : "1034251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151124 Cisco ASA Management Interface XML Parser Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-asa" + }, + { + "name": "1034251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034251" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6409.json b/2015/6xxx/CVE-2015-6409.json index 2123f1c35a5..84f0b46e7d2 100644 --- a/2015/6xxx/CVE-2015-6409.json +++ b/2015/6xxx/CVE-2015-6409.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6409", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf", - "refsource" : "MISC", - "url" : "http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf" - }, - { - "name" : "20151224 Cisco Jabber for Windows STARTTLS Downgrade Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab" - }, - { - "name" : "79678", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79678" - }, - { - "name" : "1034540", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79678", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79678" + }, + { + "name": "http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf", + "refsource": "MISC", + "url": "http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf" + }, + { + "name": "1034540", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034540" + }, + { + "name": "20151224 Cisco Jabber for Windows STARTTLS Downgrade Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6618.json b/2015/6xxx/CVE-2015-6618.json index 5e66ef3a224..ea65c7d8732 100644 --- a/2015/6xxx/CVE-2015-6618.json +++ b/2015/6xxx/CVE-2015-6618.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6618", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to execute arbitrary code by leveraging access to the local physical environment, aka internal bug 24595992." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6618", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2015-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2015-12-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to execute arbitrary code by leveraging access to the local physical environment, aka internal bug 24595992." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2015-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2015-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7068.json b/2015/7xxx/CVE-2015-7068.json index 72ee3a99a9d..872d7a526dc 100644 --- a/2015/7xxx/CVE-2015-7068.json +++ b/2015/7xxx/CVE-2015-7068.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7068", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7068", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/HT205641", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205641" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-12-08-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" - }, - { - "name" : "78719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78719" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "78719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78719" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205641", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205641" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7173.json b/2015/7xxx/CVE-2015-7173.json index 219edeffffb..2d6e32b1bc4 100644 --- a/2015/7xxx/CVE-2015-7173.json +++ b/2015/7xxx/CVE-2015-7173.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7173", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7173", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7189.json b/2015/7xxx/CVE-2015-7189.json index 5d1f3870a40..10854209b2a 100644 --- a/2015/7xxx/CVE-2015-7189.json +++ b/2015/7xxx/CVE-2015-7189.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-123.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-123.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1205900", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1205900" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3410", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3410" - }, - { - "name" : "DSA-3393", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3393" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:2519", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2519.html" - }, - { - "name" : "RHSA-2015:1982", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1982.html" - }, - { - "name" : "openSUSE-SU-2015:2229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" - }, - { - "name" : "openSUSE-SU-2015:2245", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" - }, - { - "name" : "SUSE-SU-2015:1926", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:1942", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:1978", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" - }, - { - "name" : "SUSE-SU-2015:1981", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" - }, - { - "name" : "USN-2819-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2819-1" - }, - { - "name" : "USN-2785-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2785-1" - }, - { - "name" : "77411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77411" - }, - { - "name" : "1034069", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034069", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034069" + }, + { + "name": "DSA-3410", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3410" + }, + { + "name": "SUSE-SU-2015:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-123.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-123.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "77411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77411" + }, + { + "name": "SUSE-SU-2015:1981", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" + }, + { + "name": "openSUSE-SU-2015:2229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" + }, + { + "name": "RHSA-2015:2519", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2519.html" + }, + { + "name": "USN-2785-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2785-1" + }, + { + "name": "SUSE-SU-2015:1926", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "RHSA-2015:1982", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1982.html" + }, + { + "name": "USN-2819-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2819-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1205900", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1205900" + }, + { + "name": "openSUSE-SU-2015:1942", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" + }, + { + "name": "DSA-3393", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3393" + }, + { + "name": "openSUSE-SU-2015:2245", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" + }, + { + "name": "SUSE-SU-2015:1978", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7272.json b/2015/7xxx/CVE-2015-7272.json index 467107c4edb..02bcb99f11c 100644 --- a/2015/7xxx/CVE-2015-7272.json +++ b/2015/7xxx/CVE-2015-7272.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2015-7272", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Dell Integrated Remote Access Controller (iDRAC)", - "version" : { - "version_data" : [ - { - "version_value" : "Dell Integrated Remote Access Controller (iDRAC)" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "DoS" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7272", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Dell Integrated Remote Access Controller (iDRAC)", + "version": { + "version_data": [ + { + "version_value": "Dell Integrated Remote Access Controller (iDRAC)" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859", - "refsource" : "MISC", - "url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859" - }, - { - "name" : "97532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97532" + }, + { + "name": "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859", + "refsource": "MISC", + "url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7456.json b/2015/7xxx/CVE-2015-7456.json index ba36ad8b74b..49e6ffa4f5a 100644 --- a/2015/7xxx/CVE-2015-7456.json +++ b/2015/7xxx/CVE-2015-7456.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005476", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005476" - }, - { - "name" : "IV79381", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV79381" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IV79381", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV79381" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005476", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005476" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0020.json b/2016/0xxx/CVE-2016-0020.json index e084ff5da0e..4e96d830f90 100644 --- a/2016/0xxx/CVE-2016-0020.json +++ b/2016/0xxx/CVE-2016-0020.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0020", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"MAPI DLL Loading Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0020", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-018", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-018" - }, - { - "name" : "MS16-007", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" - }, - { - "name" : "1034661", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"MAPI DLL Loading Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-018", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-018" + }, + { + "name": "MS16-007", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" + }, + { + "name": "1034661", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034661" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0138.json b/2016/0xxx/CVE-2016-0138.json index 4038f4788a6..2bb8c71703d 100644 --- a/2016/0xxx/CVE-2016-0138.json +++ b/2016/0xxx/CVE-2016-0138.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application information by leveraging the Send As right, aka \"Microsoft Exchange Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-108", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-108" - }, - { - "name" : "92806", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92806" - }, - { - "name" : "1036778", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036778" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application information by leveraging the Send As right, aka \"Microsoft Exchange Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-108", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-108" + }, + { + "name": "1036778", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036778" + }, + { + "name": "92806", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92806" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0543.json b/2016/0xxx/CVE-2016-0543.json index 9afd92a59d0..8fe7f31362e 100644 --- a/2016/0xxx/CVE-2016-0543.json +++ b/2016/0xxx/CVE-2016-0543.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Preview." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Preview." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0608.json b/2016/0xxx/CVE-2016-0608.json index 15d69e8193a..3e9a5582e7b 100644 --- a/2016/0xxx/CVE-2016-0608.json +++ b/2016/0xxx/CVE-2016-0608.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mdb-10023-rn/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mdb-10023-rn/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3453", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3453" - }, - { - "name" : "DSA-3459", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3459" - }, - { - "name" : "RHSA-2016:0534", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "openSUSE-SU-2016:0367", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:1686", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:1619", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" - }, - { - "name" : "SUSE-SU-2016:1620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" - }, - { - "name" : "openSUSE-SU-2016:1664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" - }, - { - "name" : "openSUSE-SU-2016:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" - }, - { - "name" : "USN-2881-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2881-1" - }, - { - "name" : "81226", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81226" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "81226", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81226" + }, + { + "name": "SUSE-SU-2016:1620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "openSUSE-SU-2016:0367", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "DSA-3459", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3459" + }, + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "RHSA-2016:0534", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1619", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "openSUSE-SU-2016:1664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://mariadb.com/kb/en/mdb-10023-rn/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mdb-10023-rn/" + }, + { + "name": "USN-2881-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2881-1" + }, + { + "name": "openSUSE-SU-2016:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" + }, + { + "name": "DSA-3453", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3453" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/" + }, + { + "name": "openSUSE-SU-2016:1686", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0674.json b/2016/0xxx/CVE-2016-0674.json index e17bc6895a0..319f5f19288 100644 --- a/2016/0xxx/CVE-2016-0674.json +++ b/2016/0xxx/CVE-2016-0674.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0674", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality and integrity via vectors related to Email." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0674", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035598", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035598" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality and integrity via vectors related to Email." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035598", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035598" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0744.json b/2016/0xxx/CVE-2016-0744.json index 09ac609904a..1b16042b6d8 100644 --- a/2016/0xxx/CVE-2016-0744.json +++ b/2016/0xxx/CVE-2016-0744.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0744", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-0744", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000018.json b/2016/1000xxx/CVE-2016-1000018.json index 8aaaf02bf69..bae990c76a3 100644 --- a/2016/1000xxx/CVE-2016-1000018.json +++ b/2016/1000xxx/CVE-2016-1000018.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000018", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000018", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1600.json b/2016/1xxx/CVE-2016-1600.json index 8cac3fbbcae..844e5037454 100644 --- a/2016/1xxx/CVE-2016-1600.json +++ b/2016/1xxx/CVE-2016-1600.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1600", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1600", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1797.json b/2016/1xxx/CVE-2016-1797.json index 18d0b269a61..2620824fe2e 100644 --- a/2016/1xxx/CVE-2016-1797.json +++ b/2016/1xxx/CVE-2016-1797.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-360", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-360" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90696" - }, - { - "name" : "1035895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "90696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90696" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-360", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-360" + }, + { + "name": "1035895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035895" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4261.json b/2016/4xxx/CVE-2016-4261.json index 8b8eb2568be..aa1ff705417 100644 --- a/2016/4xxx/CVE-2016-4261.json +++ b/2016/4xxx/CVE-2016-4261.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4261", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4262." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4261", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" - }, - { - "name" : "92928", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92928" - }, - { - "name" : "1036793", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4262." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036793", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036793" + }, + { + "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" + }, + { + "name": "92928", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92928" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4501.json b/2016/4xxx/CVE-2016-4501.json index 72d66e26467..ce9da0b18f8 100644 --- a/2016/4xxx/CVE-2016-4501.json +++ b/2016/4xxx/CVE-2016-4501.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4501", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-4501", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4823.json b/2016/4xxx/CVE-2016-4823.json index 7090671a6f9..1bcb51549c7 100644 --- a/2016/4xxx/CVE-2016-4823.json +++ b/2016/4xxx/CVE-2016-4823.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Corega CG-WLBARAGM devices allow remote attackers to cause a denial of service (reboot) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://corega.jp/support/security/20160622_wlbaragm.htm", - "refsource" : "CONFIRM", - "url" : "http://corega.jp/support/security/20160622_wlbaragm.htm" - }, - { - "name" : "JVN#24409899", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN24409899/index.html" - }, - { - "name" : "JVNDB-2016-000108", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000108" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Corega CG-WLBARAGM devices allow remote attackers to cause a denial of service (reboot) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000108", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000108" + }, + { + "name": "http://corega.jp/support/security/20160622_wlbaragm.htm", + "refsource": "CONFIRM", + "url": "http://corega.jp/support/security/20160622_wlbaragm.htm" + }, + { + "name": "JVN#24409899", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN24409899/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4997.json b/2016/4xxx/CVE-2016-4997.json index 36e1eededfa..ac247140fbe 100644 --- a/2016/4xxx/CVE-2016-4997.json +++ b/2016/4xxx/CVE-2016-4997.json @@ -1,272 +1,272 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40435", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40435/" - }, - { - "name" : "40489", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40489/" - }, - { - "name" : "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/24/5" - }, - { - "name" : "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/29/10" - }, - { - "name" : "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt", - "refsource" : "MISC", - "url" : "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1349722", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1349722" - }, - { - "name" : "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "RHSA-2016:1847", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1847.html" - }, - { - "name" : "RHSA-2016:1875", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1875.html" - }, - { - "name" : "RHSA-2016:1883", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1883.html" - }, - { - "name" : "SUSE-SU-2016:1709", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html" - }, - { - "name" : "SUSE-SU-2016:1710", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html" - }, - { - "name" : "SUSE-SU-2016:1937", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" - }, - { - "name" : "SUSE-SU-2016:2018", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html" - }, - { - "name" : "SUSE-SU-2016:1985", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" - }, - { - "name" : "SUSE-SU-2016:2105", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" - }, - { - "name" : "SUSE-SU-2016:2174", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html" - }, - { - "name" : "SUSE-SU-2016:2177", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html" - }, - { - "name" : "SUSE-SU-2016:2178", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html" - }, - { - "name" : "SUSE-SU-2016:2179", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html" - }, - { - "name" : "SUSE-SU-2016:2180", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:2181", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html" - }, - { - "name" : "openSUSE-SU-2016:2184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" - }, - { - "name" : "USN-3016-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-1" - }, - { - "name" : "USN-3016-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-2" - }, - { - "name" : "USN-3016-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-3" - }, - { - "name" : "USN-3016-4", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-4" - }, - { - "name" : "USN-3017-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-1" - }, - { - "name" : "USN-3017-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-2" - }, - { - "name" : "USN-3017-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-3" - }, - { - "name" : "USN-3018-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-1" - }, - { - "name" : "USN-3018-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-2" - }, - { - "name" : "USN-3019-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3019-1" - }, - { - "name" : "USN-3020-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3020-1" - }, - { - "name" : "91451", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91451" - }, - { - "name" : "1036171", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:2180", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "SUSE-SU-2016:1709", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html" + }, + { + "name": "USN-3017-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" + }, + { + "name": "SUSE-SU-2016:1985", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" + }, + { + "name": "USN-3017-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-3" + }, + { + "name": "RHSA-2016:1847", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1349722", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349722" + }, + { + "name": "openSUSE-SU-2016:2184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" + }, + { + "name": "USN-3018-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-2" + }, + { + "name": "SUSE-SU-2016:2174", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html" + }, + { + "name": "USN-3017-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-2" + }, + { + "name": "RHSA-2016:1875", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html" + }, + { + "name": "USN-3019-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3019-1" + }, + { + "name": "SUSE-SU-2016:2018", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "USN-3016-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-2" + }, + { + "name": "USN-3016-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-1" + }, + { + "name": "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/24/5" + }, + { + "name": "SUSE-SU-2016:2181", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html" + }, + { + "name": "SUSE-SU-2016:2178", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html" + }, + { + "name": "40435", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40435/" + }, + { + "name": "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c" + }, + { + "name": "USN-3018-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-1" + }, + { + "name": "1036171", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036171" + }, + { + "name": "40489", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40489/" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" + }, + { + "name": "SUSE-SU-2016:2177", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html" + }, + { + "name": "RHSA-2016:1883", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html" + }, + { + "name": "SUSE-SU-2016:2179", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html" + }, + { + "name": "SUSE-SU-2016:2105", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" + }, + { + "name": "USN-3016-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-3" + }, + { + "name": "SUSE-SU-2016:1710", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html" + }, + { + "name": "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/29/10" + }, + { + "name": "USN-3016-4", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-4" + }, + { + "name": "91451", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91451" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c" + }, + { + "name": "USN-3020-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3020-1" + }, + { + "name": "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt", + "refsource": "MISC", + "url": "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt" + }, + { + "name": "SUSE-SU-2016:1937", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3064.json b/2019/3xxx/CVE-2019-3064.json index c7ca87adca3..5c1db777a71 100644 --- a/2019/3xxx/CVE-2019-3064.json +++ b/2019/3xxx/CVE-2019-3064.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3064", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3064", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3538.json b/2019/3xxx/CVE-2019-3538.json index 6b1bf20ce9b..5f35c30405e 100644 --- a/2019/3xxx/CVE-2019-3538.json +++ b/2019/3xxx/CVE-2019-3538.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3538", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3538", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3877.json b/2019/3xxx/CVE-2019-3877.json index 8892f92e13b..46398a84317 100644 --- a/2019/3xxx/CVE-2019-3877.json +++ b/2019/3xxx/CVE-2019-3877.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3877", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3877", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4090.json b/2019/4xxx/CVE-2019-4090.json index 78f9c7a38a2..2262505773c 100644 --- a/2019/4xxx/CVE-2019-4090.json +++ b/2019/4xxx/CVE-2019-4090.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4090", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4090", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4775.json b/2019/4xxx/CVE-2019-4775.json index f481f30c333..264cb1de618 100644 --- a/2019/4xxx/CVE-2019-4775.json +++ b/2019/4xxx/CVE-2019-4775.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4775", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4775", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4840.json b/2019/4xxx/CVE-2019-4840.json index 1fe3527f435..d6d0993e688 100644 --- a/2019/4xxx/CVE-2019-4840.json +++ b/2019/4xxx/CVE-2019-4840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6304.json b/2019/6xxx/CVE-2019-6304.json index cdd16221cb7..87fbd7ebda7 100644 --- a/2019/6xxx/CVE-2019-6304.json +++ b/2019/6xxx/CVE-2019-6304.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6304", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6304", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6531.json b/2019/6xxx/CVE-2019-6531.json index 7bfc4d0b2b4..56c504a1404 100644 --- a/2019/6xxx/CVE-2019-6531.json +++ b/2019/6xxx/CVE-2019-6531.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6531", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6531", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6691.json b/2019/6xxx/CVE-2019-6691.json index dc16f072874..eb5df0b5ee8 100644 --- a/2019/6xxx/CVE-2019-6691.json +++ b/2019/6xxx/CVE-2019-6691.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6691", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the \"--backup database\" option." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Veeeooo/phpwind/blob/master/README.md", - "refsource" : "MISC", - "url" : "https://github.com/Veeeooo/phpwind/blob/master/README.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the \"--backup database\" option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Veeeooo/phpwind/blob/master/README.md", + "refsource": "MISC", + "url": "https://github.com/Veeeooo/phpwind/blob/master/README.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7001.json b/2019/7xxx/CVE-2019-7001.json index 908f59dc96f..55b06e1beb7 100644 --- a/2019/7xxx/CVE-2019-7001.json +++ b/2019/7xxx/CVE-2019-7001.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7001", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7001", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7520.json b/2019/7xxx/CVE-2019-7520.json index 9015cea291d..15a805fe258 100644 --- a/2019/7xxx/CVE-2019-7520.json +++ b/2019/7xxx/CVE-2019-7520.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7520", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7520", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7679.json b/2019/7xxx/CVE-2019-7679.json index a3d55a44139..c33d1ce4b50 100644 --- a/2019/7xxx/CVE-2019-7679.json +++ b/2019/7xxx/CVE-2019-7679.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7679", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7679", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7872.json b/2019/7xxx/CVE-2019-7872.json index c5c44f062d5..4e0b4afecb9 100644 --- a/2019/7xxx/CVE-2019-7872.json +++ b/2019/7xxx/CVE-2019-7872.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7872", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7872", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7949.json b/2019/7xxx/CVE-2019-7949.json index 0cb92bee90c..1941a4001dd 100644 --- a/2019/7xxx/CVE-2019-7949.json +++ b/2019/7xxx/CVE-2019-7949.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7949", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7949", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8504.json b/2019/8xxx/CVE-2019-8504.json index 0bb2420458b..b81fd0c50f4 100644 --- a/2019/8xxx/CVE-2019-8504.json +++ b/2019/8xxx/CVE-2019-8504.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8504", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8504", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8511.json b/2019/8xxx/CVE-2019-8511.json index 01dcf74cb4f..6db235c9998 100644 --- a/2019/8xxx/CVE-2019-8511.json +++ b/2019/8xxx/CVE-2019-8511.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8511", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8511", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8604.json b/2019/8xxx/CVE-2019-8604.json index cb43557f063..70a54f073e8 100644 --- a/2019/8xxx/CVE-2019-8604.json +++ b/2019/8xxx/CVE-2019-8604.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8604", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8604", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9450.json b/2019/9xxx/CVE-2019-9450.json index f6a2e072948..f0227066f22 100644 --- a/2019/9xxx/CVE-2019-9450.json +++ b/2019/9xxx/CVE-2019-9450.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9450", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9450", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9710.json b/2019/9xxx/CVE-2019-9710.json index 69eb05c32e1..9e540d4c2da 100644 --- a/2019/9xxx/CVE-2019-9710.json +++ b/2019/9xxx/CVE-2019-9710.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/marshmallow-code/webargs/issues/371", - "refsource" : "MISC", - "url" : "https://github.com/marshmallow-code/webargs/issues/371" - }, - { - "name" : "https://webargs.readthedocs.io/en/latest/changelog.html", - "refsource" : "MISC", - "url" : "https://webargs.readthedocs.io/en/latest/changelog.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://webargs.readthedocs.io/en/latest/changelog.html", + "refsource": "MISC", + "url": "https://webargs.readthedocs.io/en/latest/changelog.html" + }, + { + "name": "https://github.com/marshmallow-code/webargs/issues/371", + "refsource": "MISC", + "url": "https://github.com/marshmallow-code/webargs/issues/371" + } + ] + } +} \ No newline at end of file