From 7cebcdf4370200207bcf30d7afaedbda4ab194f4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:32:23 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2001/0xxx/CVE-2001-0036.json | 150 ++++++++-------- 2001/0xxx/CVE-2001-0063.json | 150 ++++++++-------- 2001/0xxx/CVE-2001-0069.json | 140 +++++++-------- 2001/0xxx/CVE-2001-0375.json | 150 ++++++++-------- 2001/0xxx/CVE-2001-0410.json | 120 ++++++------- 2001/1xxx/CVE-2001-1555.json | 150 ++++++++-------- 2006/2xxx/CVE-2006-2045.json | 170 +++++++++--------- 2006/2xxx/CVE-2006-2081.json | 230 ++++++++++++------------ 2006/2xxx/CVE-2006-2156.json | 190 ++++++++++---------- 2006/2xxx/CVE-2006-2574.json | 230 ++++++++++++------------ 2006/2xxx/CVE-2006-2952.json | 200 ++++++++++----------- 2006/6xxx/CVE-2006-6529.json | 130 +++++++------- 2006/6xxx/CVE-2006-6543.json | 140 +++++++-------- 2006/6xxx/CVE-2006-6889.json | 130 +++++++------- 2011/2xxx/CVE-2011-2229.json | 34 ++-- 2011/2xxx/CVE-2011-2901.json | 160 ++++++++--------- 2011/2xxx/CVE-2011-2977.json | 170 +++++++++--------- 2011/3xxx/CVE-2011-3126.json | 160 ++++++++--------- 2011/3xxx/CVE-2011-3157.json | 130 +++++++------- 2011/3xxx/CVE-2011-3358.json | 270 ++++++++++++++-------------- 2011/3xxx/CVE-2011-3394.json | 130 +++++++------- 2011/4xxx/CVE-2011-4093.json | 180 +++++++++---------- 2011/4xxx/CVE-2011-4300.json | 140 +++++++-------- 2011/4xxx/CVE-2011-4677.json | 130 +++++++------- 2013/0xxx/CVE-2013-0221.json | 150 ++++++++-------- 2013/1xxx/CVE-2013-1227.json | 120 ++++++------- 2013/1xxx/CVE-2013-1550.json | 130 +++++++------- 2013/1xxx/CVE-2013-1853.json | 160 ++++++++--------- 2013/1xxx/CVE-2013-1969.json | 190 ++++++++++---------- 2013/5xxx/CVE-2013-5452.json | 160 ++++++++--------- 2013/5xxx/CVE-2013-5738.json | 150 ++++++++-------- 2013/5xxx/CVE-2013-5769.json | 120 ++++++------- 2014/2xxx/CVE-2014-2040.json | 140 +++++++-------- 2014/2xxx/CVE-2014-2427.json | 280 ++++++++++++++--------------- 2014/2xxx/CVE-2014-2444.json | 120 ++++++------- 2014/2xxx/CVE-2014-2687.json | 34 ++-- 2014/2xxx/CVE-2014-2835.json | 34 ++-- 2014/6xxx/CVE-2014-6319.json | 120 ++++++------- 2017/0xxx/CVE-2017-0136.json | 140 +++++++-------- 2017/0xxx/CVE-2017-0214.json | 140 +++++++-------- 2017/0xxx/CVE-2017-0215.json | 150 ++++++++-------- 2017/0xxx/CVE-2017-0217.json | 34 ++-- 2017/0xxx/CVE-2017-0910.json | 132 +++++++------- 2017/1000xxx/CVE-2017-1000375.json | 142 +++++++-------- 2017/1000xxx/CVE-2017-1000435.json | 34 ++-- 2017/1000xxx/CVE-2017-1000472.json | 144 +++++++-------- 2017/16xxx/CVE-2017-16052.json | 122 ++++++------- 2017/16xxx/CVE-2017-16065.json | 122 ++++++------- 2017/16xxx/CVE-2017-16477.json | 34 ++-- 2017/16xxx/CVE-2017-16488.json | 34 ++-- 2017/16xxx/CVE-2017-16944.json | 190 ++++++++++---------- 2017/1xxx/CVE-2017-1104.json | 246 ++++++++++++------------- 2017/1xxx/CVE-2017-1207.json | 148 +++++++-------- 2017/1xxx/CVE-2017-1683.json | 142 +++++++-------- 2017/4xxx/CVE-2017-4076.json | 34 ++-- 2017/4xxx/CVE-2017-4115.json | 34 ++-- 2017/4xxx/CVE-2017-4711.json | 34 ++-- 2018/5xxx/CVE-2018-5215.json | 120 ++++++------- 2018/5xxx/CVE-2018-5320.json | 34 ++-- 2018/5xxx/CVE-2018-5985.json | 120 ++++++------- 60 files changed, 4011 insertions(+), 4011 deletions(-) diff --git a/2001/0xxx/CVE-2001-0036.json b/2001/0xxx/CVE-2001-0036.json index 13c58d8d3f2..ec86884fb68 100644 --- a/2001/0xxx/CVE-2001-0036.json +++ b/2001/0xxx/CVE-2001-0036.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001208 Vulnerabilities in KTH Kerberos IV", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html" - }, - { - "name" : "20001210 KTH upgrade and FIX", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html" - }, - { - "name" : "RHSA-2001:025", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2001-025.html" - }, - { - "name" : "kerberos4-tmpfile-dos(5754)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5754" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2001:025", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2001-025.html" + }, + { + "name": "20001208 Vulnerabilities in KTH Kerberos IV", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html" + }, + { + "name": "kerberos4-tmpfile-dos(5754)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5754" + }, + { + "name": "20001210 KTH upgrade and FIX", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0063.json b/2001/0xxx/CVE-2001-0063.json index 67fbb284568..2b57a70e5ac 100644 --- a/2001/0xxx/CVE-2001-0063.json +++ b/2001/0xxx/CVE-2001-0063.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0063", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0063", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FreeBSD-SA-00:77", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc" - }, - { - "name" : "2132", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2132" - }, - { - "name" : "procfs-access-control-bo(6108)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6108" - }, - { - "name" : "1691", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1691" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1691", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1691" + }, + { + "name": "2132", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2132" + }, + { + "name": "FreeBSD-SA-00:77", + "refsource": "FREEBSD", + "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc" + }, + { + "name": "procfs-access-control-bo(6108)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6108" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0069.json b/2001/0xxx/CVE-2001-0069.json index 3e3f9980b25..74d02612e43 100644 --- a/2001/0xxx/CVE-2001-0069.json +++ b/2001/0xxx/CVE-2001-0069.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0069", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-008-1", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2000/20001225" - }, - { - "name" : "2151", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2151" - }, - { - "name" : "dialog-symlink(5809)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5809" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2151", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2151" + }, + { + "name": "dialog-symlink(5809)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5809" + }, + { + "name": "DSA-008-1", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2000/20001225" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0375.json b/2001/0xxx/CVE-2001-0375.json index 7344a3f40a6..6dafe4634ce 100644 --- a/2001/0xxx/CVE-2001-0375.json +++ b/2001/0xxx/CVE-2001-0375.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010406 PIX Firewall 5.1 DoS Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=98658271707833&w=2" - }, - { - "name" : "20011003 Cisco PIX Firewall Authentication Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml" - }, - { - "name" : "cisco-pix-tacacs-dos(6353)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6353" - }, - { - "name" : "2551", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2551", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2551" + }, + { + "name": "cisco-pix-tacacs-dos(6353)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6353" + }, + { + "name": "20010406 PIX Firewall 5.1 DoS Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=98658271707833&w=2" + }, + { + "name": "20011003 Cisco PIX Firewall Authentication Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0410.json b/2001/0xxx/CVE-2001-0410.json index 5b2fa888f9a..f7871a1d620 100644 --- a/2001/0xxx/CVE-2001-0410.json +++ b/2001/0xxx/CVE-2001-0410.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long \"From\" header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010330 Virus Buster 2001(ver8.02) Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=98593642520755&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long \"From\" header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20010330 Virus Buster 2001(ver8.02) Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=98593642520755&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1555.json b/2001/1xxx/CVE-2001-1555.json index 4bd53966668..9b2f313e615 100644 --- a/2001/1xxx/CVE-2001-1555.json +++ b/2001/1xxx/CVE-2001-1555.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3522", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3522" - }, - { - "name" : "1002732", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1002732" - }, - { - "name" : "1004035", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1004035" - }, - { - "name" : "43929", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-43929-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43929", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-43929-1" + }, + { + "name": "1002732", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1002732" + }, + { + "name": "1004035", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1004035" + }, + { + "name": "3522", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3522" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2045.json b/2006/2xxx/CVE-2006-2045.json index 80cbd65587f..4c6b79d0cee 100644 --- a/2006/2xxx/CVE-2006-2045.json +++ b/2006/2xxx/CVE-2006-2045.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060424 Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432007/100/0/threaded" - }, - { - "name" : "17698", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17698" - }, - { - "name" : "ADV-2006-1540", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1540" - }, - { - "name" : "19818", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19818" - }, - { - "name" : "ip3-na75-database-file-permission(26110)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26110" - }, - { - "name" : "ip3-na75-shadow-file-permission(26109)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26109" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-1540", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1540" + }, + { + "name": "ip3-na75-database-file-permission(26110)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26110" + }, + { + "name": "20060424 Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432007/100/0/threaded" + }, + { + "name": "ip3-na75-shadow-file-permission(26109)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26109" + }, + { + "name": "17698", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17698" + }, + { + "name": "19818", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19818" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2081.json b/2006/2xxx/CVE-2006-2081.json index 487ef445882..5c7543e7ccd 100644 --- a/2006/2xxx/CVE-2006-2081.json +++ b/2006/2xxx/CVE-2006-2081.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. NOTE: this issue was originally linked to DB05 (CVE-2006-1870), but a reliable third party has claimed that it is not the same issue. Based on details of the problem, the primary issue appears to be insecure privileges that facilitate the introduction of SQL in a way that is not related to special characters, so this is not \"SQL injection\" per se." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060419 Oracle 10g 10.2.0.2.0 DBA exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/431353/100/0/threaded" - }, - { - "name" : "20060426 Recent Oracle exploit is _actually_ an 0day with no patch", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432078/100/0/threaded" - }, - { - "name" : "20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432354/100/0/threaded" - }, - { - "name" : "20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432355/100/0/threaded" - }, - { - "name" : "20060501 RE: Oracle 10g 10.2.0.2.0 DBA exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432632/30/5250/threaded" - }, - { - "name" : "http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html" - }, - { - "name" : "VU#932124", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/932124" - }, - { - "name" : "17699", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17699" - }, - { - "name" : "1015999", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015999" - }, - { - "name" : "19860", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19860" - }, - { - "name" : "802", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/802" - }, - { - "name" : "oracle-dbmsexportextension-sql-injection(26048)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. NOTE: this issue was originally linked to DB05 (CVE-2006-1870), but a reliable third party has claimed that it is not the same issue. Based on details of the problem, the primary issue appears to be insecure privileges that facilitate the introduction of SQL in a way that is not related to special characters, so this is not \"SQL injection\" per se." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060426 Recent Oracle exploit is _actually_ an 0day with no patch", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432078/100/0/threaded" + }, + { + "name": "20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432354/100/0/threaded" + }, + { + "name": "http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html" + }, + { + "name": "VU#932124", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/932124" + }, + { + "name": "19860", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19860" + }, + { + "name": "oracle-dbmsexportextension-sql-injection(26048)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26048" + }, + { + "name": "20060419 Oracle 10g 10.2.0.2.0 DBA exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/431353/100/0/threaded" + }, + { + "name": "17699", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17699" + }, + { + "name": "1015999", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015999" + }, + { + "name": "20060501 RE: Oracle 10g 10.2.0.2.0 DBA exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432632/30/5250/threaded" + }, + { + "name": "802", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/802" + }, + { + "name": "20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432355/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2156.json b/2006/2xxx/CVE-2006-2156.json index 682cb1deae4..dd0a12a10e7 100644 --- a/2006/2xxx/CVE-2006-2156.json +++ b/2006/2xxx/CVE-2006-2156.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2156", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. (dot dot) sequences in the help_file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2156", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060502 X7 Chat <=2.0 remote commands execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432716/100/0/threaded" - }, - { - "name" : "1738", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/1738" - }, - { - "name" : "17777", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17777" - }, - { - "name" : "ADV-2006-1608", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1608" - }, - { - "name" : "25149", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25149" - }, - { - "name" : "19886", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19886" - }, - { - "name" : "829", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/829" - }, - { - "name" : "x7chat-index-file-include(26218)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26218" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. (dot dot) sequences in the help_file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17777", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17777" + }, + { + "name": "ADV-2006-1608", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1608" + }, + { + "name": "20060502 X7 Chat <=2.0 remote commands execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432716/100/0/threaded" + }, + { + "name": "1738", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/1738" + }, + { + "name": "x7chat-index-file-include(26218)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26218" + }, + { + "name": "19886", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19886" + }, + { + "name": "829", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/829" + }, + { + "name": "25149", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25149" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2574.json b/2006/2xxx/CVE-2006-2574.json index 7ea7a201680..c3e03a80bc4 100644 --- a/2006/2xxx/CVE-2006-2574.json +++ b/2006/2xxx/CVE-2006-2574.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-106.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-106.htm" - }, - { - "name" : "HPSBUX02114", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/434838/100/0/threaded" - }, - { - "name" : "SSRT061115", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/434838/100/0/threaded" - }, - { - "name" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649", - "refsource" : "CONFIRM", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649" - }, - { - "name" : "18098", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18098" - }, - { - "name" : "oval:org.mitre.oval:def:5568", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5568" - }, - { - "name" : "ADV-2006-1947", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1947" - }, - { - "name" : "1016139", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016139" - }, - { - "name" : "20230", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20230" - }, - { - "name" : "20332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20332" - }, - { - "name" : "964", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/964" - }, - { - "name" : "hpux-sd-privilege-escalation(26609)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26609" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT061115", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/434838/100/0/threaded" + }, + { + "name": "ADV-2006-1947", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1947" + }, + { + "name": "20230", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20230" + }, + { + "name": "oval:org.mitre.oval:def:5568", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5568" + }, + { + "name": "20332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20332" + }, + { + "name": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649", + "refsource": "CONFIRM", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649" + }, + { + "name": "hpux-sd-privilege-escalation(26609)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26609" + }, + { + "name": "18098", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18098" + }, + { + "name": "1016139", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016139" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-106.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-106.htm" + }, + { + "name": "964", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/964" + }, + { + "name": "HPSBUX02114", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/434838/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2952.json b/2006/2xxx/CVE-2006-2952.json index 6c730f50e3a..fa2b27ae36e 100644 --- a/2006/2xxx/CVE-2006-2952.json +++ b/2006/2xxx/CVE-2006-2952.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2952", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) Default_Theme parameter to header.php or (2) ModPath parameter to modules/cluster-paradise/cluster-E.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2952", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060608 NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/436442/100/0/threaded" - }, - { - "name" : "http://www.acid-root.new.fr/advisories/npds510.txt", - "refsource" : "MISC", - "url" : "http://www.acid-root.new.fr/advisories/npds510.txt" - }, - { - "name" : "18383", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18383" - }, - { - "name" : "ADV-2006-2233", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2233" - }, - { - "name" : "26290", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26290" - }, - { - "name" : "26291", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26291" - }, - { - "name" : "20523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20523" - }, - { - "name" : "1076", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1076" - }, - { - "name" : "npds-header-clustere-file-include(27121)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27121" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) Default_Theme parameter to header.php or (2) ModPath parameter to modules/cluster-paradise/cluster-E.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20523" + }, + { + "name": "1076", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1076" + }, + { + "name": "18383", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18383" + }, + { + "name": "26291", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26291" + }, + { + "name": "npds-header-clustere-file-include(27121)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27121" + }, + { + "name": "20060608 NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/436442/100/0/threaded" + }, + { + "name": "ADV-2006-2233", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2233" + }, + { + "name": "http://www.acid-root.new.fr/advisories/npds510.txt", + "refsource": "MISC", + "url": "http://www.acid-root.new.fr/advisories/npds510.txt" + }, + { + "name": "26290", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26290" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6529.json b/2006/6xxx/CVE-2006-6529.json index 5099ab4b111..a1566748f49 100644 --- a/2006/6xxx/CVE-2006-6529.json +++ b/2006/6xxx/CVE-2006-6529.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Chatroom Module before 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last messages overview, which allows remote attackers to obtain sensitive information by reading the overview." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/102614", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/102614" - }, - { - "name" : "23343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23343" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Chatroom Module before 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last messages overview, which allows remote attackers to obtain sensitive information by reading the overview." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23343" + }, + { + "name": "http://drupal.org/node/102614", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/102614" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6543.json b/2006/6xxx/CVE-2006-6543.json index 6e24382e6f7..2ad475b4906 100644 --- a/2006/6xxx/CVE-2006-6543.json +++ b/2006/6xxx/CVE-2006-6543.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) login (UserName) and possibly (2) password parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2907", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2907" - }, - { - "name" : "ADV-2006-4932", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4932" - }, - { - "name" : "spotlight-login-sql-injection(30835)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30835" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) login (UserName) and possibly (2) password parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2907", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2907" + }, + { + "name": "ADV-2006-4932", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4932" + }, + { + "name": "spotlight-login-sql-injection(30835)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30835" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6889.json b/2006/6xxx/CVE-2006-6889.json index 7ac143eab54..0332b8587c6 100644 --- a/2006/6xxx/CVE-2006-6889.json +++ b/2006/6xxx/CVE-2006-6889.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3047", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3047" - }, - { - "name" : "freestylewiki-user-information-disclosure(31227)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31227" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3047", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3047" + }, + { + "name": "freestylewiki-user-information-disclosure(31227)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31227" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2229.json b/2011/2xxx/CVE-2011-2229.json index 95994138daf..ba1f3689624 100644 --- a/2011/2xxx/CVE-2011-2229.json +++ b/2011/2xxx/CVE-2011-2229.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2229", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2011-2229", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2901.json b/2011/2xxx/CVE-2011-2901.json index 101732fda22..775ba7a224c 100644 --- a/2011/2xxx/CVE-2011-2901.json +++ b/2011/2xxx/CVE-2011-2901.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-2901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110902 Xen Security Advisory 4 (CVE-2011-2901) - Xen 3.3 vaddr validation", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/09/02/2" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=728042", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=728042" - }, - { - "name" : "GLSA-201309-24", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201309-24.xml" - }, - { - "name" : "RHSA-2011:1212", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2011-1212.html" - }, - { - "name" : "55082", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55082" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55082", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55082" + }, + { + "name": "[oss-security] 20110902 Xen Security Advisory 4 (CVE-2011-2901) - Xen 3.3 vaddr validation", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/09/02/2" + }, + { + "name": "GLSA-201309-24", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml" + }, + { + "name": "RHSA-2011:1212", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=728042", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=728042" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2977.json b/2011/2xxx/CVE-2011-2977.json index ee0b4fbc14d..05cd2ef116a 100644 --- a/2011/2xxx/CVE-2011-2977.json +++ b/2011/2xxx/CVE-2011-2977.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.bugzilla.org/security/3.4.11/", - "refsource" : "CONFIRM", - "url" : "http://www.bugzilla.org/security/3.4.11/" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=660502", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=660502" - }, - { - "name" : "49042", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/49042" - }, - { - "name" : "74302", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/74302" - }, - { - "name" : "45501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45501" - }, - { - "name" : "bugzilla-attachments-info-disc(69037)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69037" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45501" + }, + { + "name": "74302", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/74302" + }, + { + "name": "http://www.bugzilla.org/security/3.4.11/", + "refsource": "CONFIRM", + "url": "http://www.bugzilla.org/security/3.4.11/" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=660502", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=660502" + }, + { + "name": "bugzilla-attachments-info-disc(69037)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69037" + }, + { + "name": "49042", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/49042" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3126.json b/2011/3xxx/CVE-2011-3126.json index e06e000b319..8196ea95c77 100644 --- a/2011/3xxx/CVE-2011-3126.json +++ b/2011/3xxx/CVE-2011-3126.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://wordpress.org/news/2011/05/wordpress-3-1-3/", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/news/2011/05/wordpress-3-1-3/" - }, - { - "name" : "DSA-2470", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2012/dsa-2470" - }, - { - "name" : "47995", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47995" - }, - { - "name" : "49138", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49138" - }, - { - "name" : "wordpress-nonauthos-info-disclosure(69173)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69173" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "47995", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47995" + }, + { + "name": "49138", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49138" + }, + { + "name": "http://wordpress.org/news/2011/05/wordpress-3-1-3/", + "refsource": "CONFIRM", + "url": "http://wordpress.org/news/2011/05/wordpress-3-1-3/" + }, + { + "name": "DSA-2470", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2012/dsa-2470" + }, + { + "name": "wordpress-nonauthos-info-disclosure(69173)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69173" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3157.json b/2011/3xxx/CVE-2011-3157.json index d99ec16571f..5101ea7d590 100644 --- a/2011/3xxx/CVE-2011-3157.json +++ b/2011/3xxx/CVE-2011-3157.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3157", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2011-3157", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c03058866", - "refsource" : "CONFIRM", - "url" : "https://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c03058866" - }, - { - "name" : "1026195", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1026195" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c03058866", + "refsource": "CONFIRM", + "url": "https://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c03058866" + }, + { + "name": "1026195", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1026195" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3358.json b/2011/3xxx/CVE-2011-3358.json index 2229cc1d074..c5765191a78 100644 --- a/2011/3xxx/CVE-2011-3358.json +++ b/2011/3xxx/CVE-2011-3358.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3358", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) os, (2) os_build, or (3) platform parameter to (a) bug_report_page.php or (b) bug_update_advanced_page.php, related to use of the Projax library." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-3358", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110905 Multiple vulnerabilities in MantisBT", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/519547/100/0/threaded" - }, - { - "name" : "[debian-security-tracker] 20110908 Security Fix for mantis stable 1.1.8", - "refsource" : "MLIST", - "url" : "http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html" - }, - { - "name" : "[oss-security] 20110904 CVE requests: