admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:01:19 +00:00
parent f31c0223fd
commit 832e99e667
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 3955 additions and 3955 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
2002/1xxx/CVE-2002-1259.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2002-1259", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2002-1259",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1286. Reason: This candidate is a reservation duplicate of CVE-2002-1286. Notes: All CVE users should reference CVE-2002-1286 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1286. Reason: This candidate is a reservation duplicate of CVE-2002-1286. Notes: All CVE users should reference CVE-2002-1286 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

120
2002/1xxx/CVE-2002-1551.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1551", "ID": "CVE-2002-1551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "IY34670", "description_data": [
"refsource" : "AIXAPAR", {
"url" : "http://archives.neohapsis.com/archives/aix/2002-q4/0002.html" "lang": "eng",
} "value": "Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IY34670",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/aix/2002-q4/0002.html"
}
]
}
}

150
2002/1xxx/CVE-2002-1788.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1788", "ID": "CVE-2002-1788",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020704 nn remote format string vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/280639" "lang": "eng",
}, "value": "Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses."
{ }
"name" : "5160", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/5160" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27086", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/27086" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "nn-error-msg-format-string(9491)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/9491.php" ]
} },
] "references": {
} "reference_data": [
} {
"name": "27086",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27086"
},
{
"name": "5160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5160"
},
{
"name": "nn-error-msg-format-string(9491)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9491.php"
},
{
"name": "20020704 nn remote format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/280639"
}
]
}
}

150
2003/0xxx/CVE-2003-0276.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0276", "ID": "CVE-2003-0276",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030428 Pi3Web 2.0.1 DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105155818012718&w=2" "lang": "eng",
}, "value": "Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters."
{ }
"name" : "20030512 Unix Version of the Pi3web DoS", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=105275789410250&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "7555", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/7555" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "pi3web-get-request-bo(11889)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11889" ]
} },
] "references": {
} "reference_data": [
} {
"name": "pi3web-get-request-bo(11889)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11889"
},
{
"name": "7555",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7555"
},
{
"name": "20030512 Unix Version of the Pi3web DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105275789410250&w=2"
},
{
"name": "20030428 Pi3Web 2.0.1 DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105155818012718&w=2"
}
]
}
}

130
2003/0xxx/CVE-2003-0480.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0480", "ID": "CVE-2003-0480",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via \"symlink manipulation.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030627 VMware Workstation 4.0: Possible privilege escalation on the host", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105673688529147&w=2" "lang": "eng",
}, "value": "VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via \"symlink manipulation.\""
{ }
"name" : "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019", ]
"refsource" : "CONFIRM", },
"url" : "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019"
},
{
"name": "20030627 VMware Workstation 4.0: Possible privilege escalation on the host",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105673688529147&w=2"
}
]
}
}

140
2003/0xxx/CVE-2003-0572.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0572", "ID": "CVE-2003-0572",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030701-01-P", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20030701-01-P" "lang": "eng",
}, "value": "Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption)."
{ }
"name" : "8587", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/8587" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "irix-nsd-map-dos(12635)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12635" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20030701-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030701-01-P"
},
{
"name": "irix-nsd-map-dos(12635)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12635"
},
{
"name": "8587",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/8587"
}
]
}
}

140
2003/0xxx/CVE-2003-0633.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0633", "ID": "CVE-2003-0633",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030724 Integrigy Security Alert - Oracle E-Business Suite AOL/J Setup Test Information Disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105906689120237&w=2" "lang": "eng",
}, "value": "Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key."
{ }
"name" : "http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "8268", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/8268" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "8268",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8268"
},
{
"name": "http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf",
"refsource": "CONFIRM",
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf"
},
{
"name": "20030724 Integrigy Security Alert - Oracle E-Business Suite AOL/J Setup Test Information Disclosure",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105906689120237&w=2"
}
]
}
}

190
2003/0xxx/CVE-2003-0634.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0634", "ID": "CVE-2003-0634",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030725 Oracle Extproc Buffer Overflow (#NISR25072003)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105914979629857&w=2" "lang": "eng",
}, "value": "Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name."
{ }
"name" : "20030725 Oracle Extproc Buffer Overflow (#NISR25072003)", ]
"refsource" : "NTBUGTRAQ", },
"url" : "http://marc.info/?l=ntbugtraq&m=105915485303327&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20030725 question about oracle advisory", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105916455814904&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf", ]
"refsource" : "CONFIRM", }
"url" : "http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf" ]
}, },
{ "references": {
"name" : "20030912 Update to the Oracle EXTPROC advisory", "reference_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0105.html" "name": "http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf",
}, "refsource": "CONFIRM",
{ "url": "http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf"
"name" : "VU#936868", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/936868" "name": "20030725 question about oracle advisory",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=105916455814904&w=2"
"name" : "8267", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/8267" "name": "8267",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/8267"
"name" : "oracle-extproc-bo(12721)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12721" "name": "oracle-extproc-bo(12721)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12721"
} },
} {
"name": "20030912 Update to the Oracle EXTPROC advisory",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0105.html"
},
{
"name": "20030725 Oracle Extproc Buffer Overflow (#NISR25072003)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=105915485303327&w=2"
},
{
"name": "VU#936868",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/936868"
},
{
"name": "20030725 Oracle Extproc Buffer Overflow (#NISR25072003)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105914979629857&w=2"
}
]
}
}

170
2003/1xxx/CVE-2003-1412.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1412", "ID": "CVE-2003-1412",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030224 GOnicus System Administrator php injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/313282/30/25760/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php."
{ }
"name" : "20030223 GOnicus System Administrator php injection", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2003-February/003932.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "6922", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6922" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1006162", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1006162" ]
}, },
{ "references": {
"name" : "8120", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/8120" "name": "8120",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/8120"
"name" : "gosa-plugin-file-include(11408)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11408" "name": "gosa-plugin-file-include(11408)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11408"
} },
} {
"name": "20030224 GOnicus System Administrator php injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/313282/30/25760/threaded"
},
{
"name": "20030223 GOnicus System Administrator php injection",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-February/003932.html"
},
{
"name": "6922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6922"
},
{
"name": "1006162",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006162"
}
]
}
}

150
2003/1xxx/CVE-2003-1505.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1505", "ID": "CVE-2003-1505",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20031022 IE6 CSS-Crash", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/342010" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved."
{ }
"name" : "8874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/8874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3295", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3295" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ie-scrollbarbasecolor-dos(13809)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13809" ]
} },
] "references": {
} "reference_data": [
} {
"name": "3295",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3295"
},
{
"name": "8874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8874"
},
{
"name": "20031022 IE6 CSS-Crash",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/342010"
},
{
"name": "ie-scrollbarbasecolor-dos(13809)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13809"
}
]
}
}

140
2003/1xxx/CVE-2003-1510.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1510", "ID": "CVE-2003-1510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a \".%00.\" in an HTTP GET request to the cgi-bin directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securiteam.com/windowsntfocus/6S0052K8LQ.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/windowsntfocus/6S0052K8LQ.html" "lang": "eng",
}, "value": "TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a \".%00.\" in an HTTP GET request to the cgi-bin directory."
{ }
"name" : "8810", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/8810" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "tinyweb-httpget-dos(13402)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13402" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "tinyweb-httpget-dos(13402)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13402"
},
{
"name": "8810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8810"
},
{
"name": "http://www.securiteam.com/windowsntfocus/6S0052K8LQ.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/windowsntfocus/6S0052K8LQ.html"
}
]
}
}

160
2004/0xxx/CVE-2004-0359.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0359", "ID": "CVE-2004-0359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040305 Invision Power Board v1.3 Final Cross Site Scripting Vulnerabillity", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107851589701916&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters."
{ }
"name" : "9768", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/9768" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4154", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/4154" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11053", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/11053" ]
}, },
{ "references": {
"name" : "invision-xss(15403)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15403" "name": "9768",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/9768"
} },
} {
"name": "4154",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4154"
},
{
"name": "invision-xss(15403)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15403"
},
{
"name": "20040305 Invision Power Board v1.3 Final Cross Site Scripting Vulnerabillity",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107851589701916&w=2"
},
{
"name": "11053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11053"
}
]
}
}

410
2004/0xxx/CVE-2004-0790.json
View File

@ -1,207 +1,207 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0790", "ID": "CVE-2004-0790",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the \"blind connection-reset attack.\" NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt" "lang": "eng",
}, "value": "Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the \"blind connection-reset attack.\" NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities."
{ }
"name" : "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en", ]
"refsource" : "MISC", },
"url" : "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "HPSBTU01210", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=112861397904255&w=2" ]
}, },
{ "references": {
"name" : "SSRT4743", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=112861397904255&w=2" "name": "oval:org.mitre.oval:def:412",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A412"
"name" : "HPSBUX01164", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/418882/100/0/threaded" "name": "oval:org.mitre.oval:def:4804",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4804"
"name" : "SSRT4884", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/418882/100/0/threaded" "name": "13124",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13124"
"name" : "HPSBST02161", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/449179/100/0/threaded" "name": "HPSBUX01164",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded"
"name" : "SSRT061264", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/449179/100/0/threaded" "name": "SSRT061264",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
"name" : "MS05-019", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019" "name": "oval:org.mitre.oval:def:176",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A176"
"name" : "MS06-064", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064" "name": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html",
}, "refsource": "MISC",
{ "url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html"
"name" : "SCOSA-2006.4", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt" "name": "MS06-064",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
"name" : "57746", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1" "name": "oval:org.mitre.oval:def:514",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A514"
"name" : "101658", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1" "name": "oval:org.mitre.oval:def:1910",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1910"
"name" : "13124", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13124" "name": "SSRT4743",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=112861397904255&w=2"
"name" : "ADV-2006-3983", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3983" "name": "HPSBTU01210",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=112861397904255&w=2"
"name" : "oval:org.mitre.oval:def:3458", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3458" "name": "57746",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1"
"name" : "oval:org.mitre.oval:def:1910", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1910" "name": "MS05-019",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
"name" : "oval:org.mitre.oval:def:4804", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4804" "name": "101658",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1"
"name" : "oval:org.mitre.oval:def:1177", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1177" "name": "SCOSA-2006.4",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt"
"name" : "oval:org.mitre.oval:def:176", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A176" "name": "oval:org.mitre.oval:def:1177",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1177"
"name" : "oval:org.mitre.oval:def:211", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A211" "name": "HPSBST02161",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
"name" : "oval:org.mitre.oval:def:412", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A412" "name": "18317",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18317"
"name" : "oval:org.mitre.oval:def:514", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A514" "name": "oval:org.mitre.oval:def:3458",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3458"
"name" : "oval:org.mitre.oval:def:53", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A53" "name": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en",
}, "refsource": "MISC",
{ "url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en"
"name" : "oval:org.mitre.oval:def:622", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A622" "name": "oval:org.mitre.oval:def:211",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A211"
"name" : "18317", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18317" "name": "19",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/19"
"name" : "22341", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22341" "name": "SSRT4884",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded"
"name" : "19", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/19" "name": "57",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/57"
"name" : "57", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/57" "name": "22341",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22341"
} },
} {
"name": "ADV-2006-3983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"name": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt",
"refsource": "MISC",
"url": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt"
},
{
"name": "oval:org.mitre.oval:def:53",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A53"
},
{
"name": "oval:org.mitre.oval:def:622",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A622"
}
]
}
}

180
2004/2xxx/CVE-2004-2137.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2137", "ID": "CVE-2004-2137",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Outlook Express 6.0, when sending multipart e-mail messages using the \"Break apart messages larger than\" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.networksecurity.fi/advisories/outlook-bcc.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.networksecurity.fi/advisories/outlook-bcc.html" "lang": "eng",
}, "value": "Outlook Express 6.0, when sending multipart e-mail messages using the \"Break apart messages larger than\" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information."
{ }
"name" : "843555", ]
"refsource" : "MSKB", },
"url" : "http://support.microsoft.com/kb/843555" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11040", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11040" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "9167", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/9167" ]
}, },
{ "references": {
"name" : "1011067", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1011067" "name": "11040",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/11040"
"name" : "12376", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12376" "name": "http://www.networksecurity.fi/advisories/outlook-bcc.html",
}, "refsource": "MISC",
{ "url": "http://www.networksecurity.fi/advisories/outlook-bcc.html"
"name" : "outlook-email-address-disclosure(17098)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17098" "name": "1011067",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1011067"
} },
} {
"name": "outlook-email-address-disclosure(17098)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17098"
},
{
"name": "843555",
"refsource": "MSKB",
"url": "http://support.microsoft.com/kb/843555"
},
{
"name": "12376",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12376"
},
{
"name": "9167",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9167"
}
]
}
}

170
2004/2xxx/CVE-2004-2170.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2170", "ID": "CVE-2004-2170",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://members.lycos.co.uk/r34ct/main/Caravan/Caravan.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://members.lycos.co.uk/r34ct/main/Caravan/Caravan.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter."
{ }
"name" : "9555", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/9555" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3787", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/3787" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1008913", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1008913" ]
}, },
{ "references": {
"name" : "10763", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://www.secunia.com/advisories/10763/" "name": "http://members.lycos.co.uk/r34ct/main/Caravan/Caravan.txt",
}, "refsource": "MISC",
{ "url": "http://members.lycos.co.uk/r34ct/main/Caravan/Caravan.txt"
"name" : "caravan-dotdot-directory-traveral(15004)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15004" "name": "10763",
} "refsource": "SECUNIA",
] "url": "http://www.secunia.com/advisories/10763/"
} },
} {
"name": "caravan-dotdot-directory-traveral(15004)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15004"
},
{
"name": "9555",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9555"
},
{
"name": "3787",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3787"
},
{
"name": "1008913",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1008913"
}
]
}
}

160
2004/2xxx/CVE-2004-2251.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2251", "ID": "CVE-2004-2251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459" "lang": "eng",
}, "value": "The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks."
{ }
"name" : "11406", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/11406" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1012065", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012065" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13089", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/13089" ]
}, },
{ "references": {
"name" : "astaro-pptp-info-disclosure(17959)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17959" "name": "11406",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/11406"
} },
} {
"name": "http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459",
"refsource": "CONFIRM",
"url": "http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459"
},
{
"name": "astaro-pptp-info-disclosure(17959)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17959"
},
{
"name": "13089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13089"
},
{
"name": "1012065",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012065"
}
]
}
}

220
2008/2xxx/CVE-2008-2257.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2008-2257", "ID": "CVE-2008-2257",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object \"appended in a specific order,\" aka \"HTML Objects Memory Corruption Vulnerability\" or \"XHTML Rendering Memory Corruption Vulnerability,\" a different vulnerability than CVE-2008-2258."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080812 ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/495430/100/0/threaded" "lang": "eng",
}, "value": "Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object \"appended in a specific order,\" aka \"HTML Objects Memory Corruption Vulnerability\" or \"XHTML Rendering Memory Corruption Vulnerability,\" a different vulnerability than CVE-2008-2258."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-050/", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-050/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBST02360", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=121915960406986&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT080117", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=121915960406986&w=2" ]
}, },
{ "references": {
"name" : "MS08-045", "reference_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045" "name": "ADV-2008-2349",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2349"
"name" : "TA08-225A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-225A.html" "name": "TA08-225A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html"
"name" : "30613", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30613" "name": "30613",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/30613"
"name" : "oval:org.mitre.oval:def:5266", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5266" "name": "1020674",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020674"
"name" : "ADV-2008-2349", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2349" "name": "HPSBST02360",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"
"name" : "1020674", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020674" "name": "SSRT080117",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"
"name" : "31375", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31375" "name": "MS08-045",
} "refsource": "MS",
] "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045"
} },
} {
"name": "20080812 ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495430/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-050/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-050/"
},
{
"name": "31375",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31375"
},
{
"name": "oval:org.mitre.oval:def:5266",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5266"
}
]
}
}

250
2008/2xxx/CVE-2008-2541.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2541", "ID": "CVE-2008-2541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080604 TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/493087/100/0/threaded" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command."
{ }
"name" : "20080604 ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/493084/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20080604 ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/493082/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20080604 CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/493124/100/0/threaded" ]
}, },
{ "references": {
"name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-08-05", "reference_data": [
"refsource" : "MISC", {
"url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-08-05" "name": "20080604 TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/493087/100/0/threaded"
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-035/", },
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-035/" "name": "30518",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30518"
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-036", },
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-036" "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-05",
}, "refsource": "MISC",
{ "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-05"
"name" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408", },
"refsource" : "CONFIRM", {
"url" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408" "name": "29528",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/29528"
"name" : "https://support.ca.com/irj/portal/anonymous/SolutionResults?aparNo=QO99987&os=NT&actionID=3", },
"refsource" : "CONFIRM", {
"url" : "https://support.ca.com/irj/portal/anonymous/SolutionResults?aparNo=QO99987&os=NT&actionID=3" "name": "20080604 ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/493082/100/0/threaded"
"name" : "29528", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/29528" "name": "20080604 CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/493124/100/0/threaded"
"name" : "ADV-2008-1741", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1741/references" "name": "ADV-2008-1741",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1741/references"
"name" : "1020167", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020167" "name": "1020167",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020167"
"name" : "30518", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30518" "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-035/",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-035/"
"name" : "ca-etrust-scm-ftp-bo(42821)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42821" "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408",
} "refsource": "CONFIRM",
] "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408"
} },
} {
"name": "https://support.ca.com/irj/portal/anonymous/SolutionResults?aparNo=QO99987&os=NT&actionID=3",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/SolutionResults?aparNo=QO99987&os=NT&actionID=3"
},
{
"name": "20080604 ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493084/100/0/threaded"
},
{
"name": "ca-etrust-scm-ftp-bo(42821)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42821"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-036",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-036"
}
]
}
}

160
2012/0xxx/CVE-2012-0733.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-0733", "ID": "CVE-2012-0733",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21592188", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21592188" "lang": "eng",
}, "value": "IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account."
{ }
"name" : "53247", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/53247" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48967", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48967" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "48968", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/48968" ]
}, },
{ "references": {
"name" : "ae-serviceacct-session-hijacking(74374)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74374" "name": "ae-serviceacct-session-hijacking(74374)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74374"
} },
} {
"name": "48967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48967"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21592188",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21592188"
},
{
"name": "48968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48968"
},
{
"name": "53247",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53247"
}
]
}
}

150
2012/0xxx/CVE-2012-0923.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-0923", "ID": "CVE-2012-0923",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://service.real.com/realplayer/security/02062012_player/en/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://service.real.com/realplayer/security/02062012_player/en/" "lang": "eng",
}, "value": "The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream."
{ }
"name" : "51884", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/51884" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "78912", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/78912" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "47896", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/47896" ]
} },
] "references": {
} "reference_data": [
} {
"name": "47896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47896"
},
{
"name": "http://service.real.com/realplayer/security/02062012_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/02062012_player/en/"
},
{
"name": "78912",
"refsource": "OSVDB",
"url": "http://osvdb.org/78912"
},
{
"name": "51884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51884"
}
]
}
}

150
2012/1xxx/CVE-2012-1006.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1006", "ID": "CVE-2012-1006",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://secpod.org/advisories/SecPod_Apache_Struts_Multiple_Parsistant_XSS_Vulns.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://secpod.org/advisories/SecPod_Apache_Struts_Multiple_Parsistant_XSS_Vulns.txt" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders."
{ }
"name" : "http://secpod.org/blog/?p=450", ]
"refsource" : "MISC", },
"url" : "http://secpod.org/blog/?p=450" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "51902", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/51902" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "apache-struts-multiple-xss(72888)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72888" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://secpod.org/blog/?p=450",
"refsource": "MISC",
"url": "http://secpod.org/blog/?p=450"
},
{
"name": "http://secpod.org/advisories/SecPod_Apache_Struts_Multiple_Parsistant_XSS_Vulns.txt",
"refsource": "MISC",
"url": "http://secpod.org/advisories/SecPod_Apache_Struts_Multiple_Parsistant_XSS_Vulns.txt"
},
{
"name": "apache-struts-multiple-xss(72888)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72888"
},
{
"name": "51902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51902"
}
]
}
}

320
2012/1xxx/CVE-2012-1135.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-1135", "ID": "CVE-2012-1135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/03/06/16" "lang": "eng",
}, "value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font."
{ }
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=733512", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=733512" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=800593", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=800593" ]
}, },
{ "references": {
"name" : "http://support.apple.com/kb/HT5503", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5503" "name": "48797",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48797"
"name" : "APPLE-SA-2012-09-19-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "name": "48508",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48508"
"name" : "GLSA-201204-04", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201204-04.xml" "name": "48822",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48822"
"name" : "MDVSA-2012:057", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057" "name": "MDVSA-2012:057",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
"name" : "SUSE-SU-2012:0483", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html" "name": "APPLE-SA-2012-09-19-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"name" : "SUSE-SU-2012:0521", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html" "name": "http://support.apple.com/kb/HT5503",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5503"
"name" : "SUSE-SU-2012:0484", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html" "name": "52318",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/52318"
"name" : "openSUSE-SU-2012:0489", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html" "name": "USN-1403-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1403-1"
"name" : "USN-1403-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1403-1" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
"name" : "52318", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/52318" "name": "48918",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48918"
"name" : "1026765", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026765" "name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
"name" : "48918", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48918" "name": "SUSE-SU-2012:0484",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
"name" : "48951", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48951" "name": "SUSE-SU-2012:0521",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
"name" : "48822", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48822" "name": "48973",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48973"
"name" : "48973", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48973" "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
"name" : "48797", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48797" "name": "SUSE-SU-2012:0483",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
"name" : "48508", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48508" "name": "1026765",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1026765"
} },
} {
"name": "openSUSE-SU-2012:0489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800593",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"name": "GLSA-201204-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
}

34
2012/1xxx/CVE-2012-1330.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1330", "ID": "CVE-2012-1330",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/1xxx/CVE-2012-1487.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1487", "ID": "CVE-2012-1487",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2012/1xxx/CVE-2012-1539.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1539", "ID": "CVE-2012-1539",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka \"CTreePos Use After Free Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS12-071", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-071" "lang": "eng",
}, "value": "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka \"CTreePos Use After Free Vulnerability.\""
{ }
"name" : "TA12-318A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-318A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "56421", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56421" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:15886", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15886" ]
}, },
{ "references": {
"name" : "1027749", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027749" "name": "oval:org.mitre.oval:def:15886",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15886"
"name" : "51202", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51202" "name": "1027749",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1027749"
} },
} {
"name": "MS12-071",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-071"
},
{
"name": "56421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56421"
},
{
"name": "51202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51202"
},
{
"name": "TA12-318A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-318A.html"
}
]
}
}

180
2012/1xxx/CVE-2012-1607.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-1607", "ID": "CVE-2012-1607",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120329 Re: CVE request: TYPO3-CORE-SA-2012-001", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/03/30/4" "lang": "eng",
}, "value": "The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request."
{ }
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/", ]
"refsource" : "CONFIRM", },
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2445", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2445" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "52771", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/52771" ]
}, },
{ "references": {
"name" : "80761", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/80761" "name": "48647",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48647"
"name" : "48622", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48622" "name": "48622",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48622"
"name" : "48647", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48647" "name": "[oss-security] 20120329 Re: CVE request: TYPO3-CORE-SA-2012-001",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2012/03/30/4"
} },
} {
"name": "80761",
"refsource": "OSVDB",
"url": "http://osvdb.org/80761"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/"
},
{
"name": "DSA-2445",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2445"
},
{
"name": "52771",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52771"
}
]
}
}

130
2012/5xxx/CVE-2012-5062.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-5062", "ID": "CVE-2012-5062",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
{ }
"name" : "MDVSA-2013:150", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}

440
2012/5xxx/CVE-2012-5072.json
View File

@ -1,222 +1,222 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-5072", "ID": "CVE-2012-5072",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21616490", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21616490" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21621154", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21621154" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", ]
"refsource" : "CONFIRM", }
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" ]
}, },
{ "references": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620037", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620037" "name": "SUSE-SU-2012:1398",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
"name" : "HPSBUX02832", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2" "name": "RHSA-2012:1466",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
"name" : "SSRT101042", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2" "name": "RHSA-2012:1386",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
"name" : "HPSBOV02833", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2" "name": "51438",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51438"
"name" : "SSRT101043", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2" "name": "51141",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51141"
"name" : "RHSA-2012:1385", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1385.html" "name": "SSRT101043",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
"name" : "RHSA-2012:1386", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1386.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
"name" : "RHSA-2012:1391", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1391.html" "name": "openSUSE-SU-2012:1423",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
"name" : "RHSA-2012:1392", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1392.html" "name": "RHSA-2013:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name" : "RHSA-2012:1466", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1466.html" "name": "56083",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/56083"
"name" : "RHSA-2012:1467", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1467.html" "name": "RHSA-2012:1391",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
"name" : "RHSA-2013:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
"name" : "RHSA-2013:1456", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html" "name": "51029",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51029"
"name" : "openSUSE-SU-2012:1423", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html" "name": "HPSBOV02833",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
"name" : "SUSE-SU-2012:1398", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" "name": "51166",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51166"
"name" : "SUSE-SU-2012:1595", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html" "name": "51390",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51390"
"name" : "56083", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56083" "name": "RHSA-2012:1392",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
"name" : "oval:org.mitre.oval:def:16522", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16522" "name": "SUSE-SU-2012:1595",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
"name" : "51028", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51028" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
"name" : "51029", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51029" "name": "51327",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51327"
"name" : "51141", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51141" "name": "oval:org.mitre.oval:def:16522",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16522"
"name" : "51326", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51326" "name": "RHSA-2012:1467",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
"name" : "51327", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51327" "name": "SSRT101042",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
"name" : "51390", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51390" "name": "51028",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51028"
"name" : "51438", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51438" "name": "RHSA-2013:1456",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
"name" : "51166", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51166" "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
"name" : "javaruntimeenvironment-security-info-disc(79434)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79434" "name": "51326",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/51326"
} },
} {
"name": "javaruntimeenvironment-security-info-disc(79434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79434"
},
{
"name": "RHSA-2012:1385",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
},
{
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "HPSBUX02832",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
}
]
}
}

34
2012/5xxx/CVE-2012-5365.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5365", "ID": "CVE-2012-5365",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/5xxx/CVE-2012-5423.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5423", "ID": "CVE-2012-5423",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2012/5xxx/CVE-2012-5505.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5505", "ID": "CVE-2012-5505",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/11/10/1" "lang": "eng",
}, "value": "atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name."
{ }
"name" : "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://plone.org/products/plone-hotfix/releases/20121106", "description": [
"refsource" : "CONFIRM", {
"url" : "https://plone.org/products/plone-hotfix/releases/20121106" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://plone.org/products/plone/security/advisories/20121106/21", ]
"refsource" : "CONFIRM", }
"url" : "https://plone.org/products/plone/security/advisories/20121106/21" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"name": "https://plone.org/products/plone/security/advisories/20121106/21",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone/security/advisories/20121106/21"
},
{
"name": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
}
]
}
}

260
2012/5xxx/CVE-2012-5517.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5517", "ID": "CVE-2012-5517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20121113 Re: CVE request -- Linux kernel: mm/hotplug: failure in propagating hot-added memory to other nodes", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/11/13/11" "lang": "eng",
}, "value": "The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator."
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=08dff7b7d629807dbb1f398c68dd9cd58dd657a1", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=08dff7b7d629807dbb1f398c68dd9cd58dd657a1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=875374", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=875374" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
"name" : "https://github.com/torvalds/linux/commit/08dff7b7d629807dbb1f398c68dd9cd58dd657a1", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/08dff7b7d629807dbb1f398c68dd9cd58dd657a1" "name": "USN-1679-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1679-1"
"name" : "RHSA-2012:1580", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1580.html" "name": "RHSA-2012:1580",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1580.html"
"name" : "SUSE-SU-2012:1679", },
"refsource" : "SUSE", {
"url" : "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v3.x/"
"name" : "openSUSE-SU-2013:0925", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html" "name": "SUSE-SU-2012:1679",
}, "refsource": "SUSE",
{ "url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html"
"name" : "USN-1678-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1678-1" "name": "USN-1673-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1673-1"
"name" : "USN-1671-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1671-1" "name": "https://github.com/torvalds/linux/commit/08dff7b7d629807dbb1f398c68dd9cd58dd657a1",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/08dff7b7d629807dbb1f398c68dd9cd58dd657a1"
"name" : "USN-1673-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1673-1" "name": "[oss-security] 20121113 Re: CVE request -- Linux kernel: mm/hotplug: failure in propagating hot-added memory to other nodes",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/11/13/11"
"name" : "USN-1677-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1677-1" "name": "USN-1678-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1678-1"
"name" : "USN-1679-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1679-1" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=08dff7b7d629807dbb1f398c68dd9cd58dd657a1",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=08dff7b7d629807dbb1f398c68dd9cd58dd657a1"
"name" : "56527", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56527" "name": "56527",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/56527"
} },
} {
"name": "USN-1671-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1671-1"
},
{
"name": "openSUSE-SU-2013:0925",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name": "USN-1677-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1677-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=875374",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875374"
}
]
}
}

140
2017/3xxx/CVE-2017-3039.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-3039", "ID": "CVE-2017-3039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.", "product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier." "version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory Corruption"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html" "lang": "eng",
}, "value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "97556", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97556" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038228", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038228" "lang": "eng",
} "value": "Memory Corruption"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}

140
2017/3xxx/CVE-2017-3050.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-3050", "ID": "CVE-2017-3050",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.", "product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier." "version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory Corruption"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html" "lang": "eng",
}, "value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "97556", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97556" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038228", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038228" "lang": "eng",
} "value": "Memory Corruption"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}

160
2017/3xxx/CVE-2017-3075.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-3075", "ID": "CVE-2017-3075",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Flash Player 25.0.0.171 and earlier.", "product_name": "Adobe Flash Player 25.0.0.171 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Flash Player 25.0.0.171 and earlier." "version_value": "Adobe Flash Player 25.0.0.171 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use After Free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb17-17.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb17-17.html" "lang": "eng",
}, "value": "Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "GLSA-201707-15", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201707-15" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2017:1439", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1439" "lang": "eng",
}, "value": "Use After Free"
{ }
"name" : "99023", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/99023" ]
}, },
{ "references": {
"name" : "1038655", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038655" "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-17.html",
} "refsource": "CONFIRM",
] "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-17.html"
} },
} {
"name": "99023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99023"
},
{
"name": "1038655",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038655"
},
{
"name": "RHSA-2017:1439",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1439"
},
{
"name": "GLSA-201707-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-15"
}
]
}
}

130
2017/3xxx/CVE-2017-3224.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2017-3224", "ID": "CVE-2017-3224",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)" "TITLE": "Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Protocol", "product_name": "Protocol",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "?", "affected": "?",
"version_value" : "N/A" "version_value": "N/A"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Open Shortest Path First (OSPF)" "vendor_name": "Open Shortest Path First (OSPF)"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-354"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#793496", "description_data": [
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/793496" "lang": "eng",
} "value": "Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)."
] }
}, ]
"source" : { },
"discovery" : "UNKNOWN" "problemtype": {
} "problemtype_data": [
} {
"description": [
{
"lang": "eng",
"value": "CWE-354"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#793496",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/793496"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

150
2017/7xxx/CVE-2017-7183.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7183", "ID": "CVE-2017-7183",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20170320 CVE-2017-7183 ExtraPuTTY v029_RC2 TFTP Denial Of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/540300/100/0/threaded" "lang": "eng",
}, "value": "The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message."
{ }
"name" : "41639", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/41639/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "96973", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/96973" ]
} },
] "references": {
} "reference_data": [
} {
"name": "96973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96973"
},
{
"name": "http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html"
},
{
"name": "41639",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41639/"
},
{
"name": "20170320 CVE-2017-7183 ExtraPuTTY v029_RC2 TFTP Denial Of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/540300/100/0/threaded"
}
]
}
}

200
2017/7xxx/CVE-2017-7957.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7957", "ID": "CVE-2017-7957",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML(\"<void/>\") call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://x-stream.github.io/CVE-2017-7957.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://x-stream.github.io/CVE-2017-7957.html" "lang": "eng",
}, "value": "XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML(\"<void/>\") call."
{ }
"name" : "https://www-prd-trops.events.ibm.com/node/715749", ]
"refsource" : "CONFIRM", },
"url" : "https://www-prd-trops.events.ibm.com/node/715749" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3841", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3841" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2017:2888", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2017:2888" ]
}, },
{ "references": {
"name" : "RHSA-2017:2889", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2889" "name": "RHSA-2017:2888",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2888"
"name" : "RHSA-2017:1832", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1832" "name": "RHSA-2017:1832",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1832"
"name" : "100687", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100687" "name": "RHSA-2017:2889",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2889"
"name" : "1039499", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039499" "name": "1039499",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1039499"
"name" : "xstream-cve20177957-dos(125800)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125800" "name": "https://www-prd-trops.events.ibm.com/node/715749",
} "refsource": "CONFIRM",
] "url": "https://www-prd-trops.events.ibm.com/node/715749"
} },
} {
"name": "xstream-cve20177957-dos(125800)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125800"
},
{
"name": "DSA-3841",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3841"
},
{
"name": "http://x-stream.github.io/CVE-2017-7957.html",
"refsource": "CONFIRM",
"url": "http://x-stream.github.io/CVE-2017-7957.html"
},
{
"name": "100687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100687"
}
]
}
}

122
2017/8xxx/CVE-2017-8144.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-15T00:00:00", "DATE_PUBLIC": "2017-11-15T00:00:00",
"ID" : "CVE-2017-8144", "ID": "CVE-2017-8144",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus", "product_name": "Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "The versions before CAM-L03C605B143CUSTC605D003,The versions before Prague-L03C605B161,The versions before Prague-L23C605B160,The versions before MHA-AL00C00B225,The versions before LON-AL00C00B225,The versions before VTR-AL00C00B167,The versions before VTR-TL00C01B167,The versions before VKY-AL00C00B167,The versions before VKY-TL00C01B167" "version_value": "The versions before CAM-L03C605B143CUSTC605D003,The versions before Prague-L03C605B161,The versions before Prague-L23C605B160,The versions before MHA-AL00C00B225,The versions before LON-AL00C00B225,The versions before VTR-AL00C00B167,The versions before VTR-TL00C01B167,The versions before VKY-AL00C00B167,The versions before VKY-TL00C01B167"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Resource Exhaustion"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en" "lang": "eng",
} "value": "Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Resource Exhaustion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en"
}
]
}
}

34
2017/8xxx/CVE-2017-8341.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8341", "ID": "CVE-2017-8341",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2017/8xxx/CVE-2017-8461.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-8461", "ID": "CVE-2017-8461",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Windows", "product_name": "Microsoft Windows",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows XP SP3, Windows XP x64 SP2, Windows Server 2003 SP2" "version_value": "Windows XP SP3, Windows XP x64 SP2, Windows Server 2003 SP2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka \"Windows RPC Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.microsoft.com/en-us/help/4024323/security-update-of-windows-xp-and-windows-server-2003", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.microsoft.com/en-us/help/4024323/security-update-of-windows-xp-and-windows-server-2003" "lang": "eng",
}, "value": "Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka \"Windows RPC Remote Code Execution Vulnerability.\""
{ }
"name" : "99012", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99012" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038701", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038701" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.microsoft.com/en-us/help/4024323/security-update-of-windows-xp-and-windows-server-2003",
"refsource": "CONFIRM",
"url": "https://support.microsoft.com/en-us/help/4024323/security-update-of-windows-xp-and-windows-server-2003"
},
{
"name": "99012",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99012"
},
{
"name": "1038701",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038701"
}
]
}
}

120
2017/8xxx/CVE-2017-8776.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8776", "ID": "CVE-2017-8776",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://payatu.com/quick-heal-antivirus-protection-mechanism-failure-vulnerability/", "description_data": [
"refsource" : "MISC", {
"url" : "http://payatu.com/quick-heal-antivirus-protection-mechanism-failure-vulnerability/" "lang": "eng",
} "value": "Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://payatu.com/quick-heal-antivirus-protection-mechanism-failure-vulnerability/",
"refsource": "MISC",
"url": "http://payatu.com/quick-heal-antivirus-protection-mechanism-failure-vulnerability/"
}
]
}
}

120
2018/10xxx/CVE-2018-10076.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10076", "ID": "CVE-2018-10076",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality (the search box of the Dashboard)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.manageengine.com/products/eventlog/release-notes.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.manageengine.com/products/eventlog/release-notes.html" "lang": "eng",
} "value": "An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality (the search box of the Dashboard)."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.manageengine.com/products/eventlog/release-notes.html",
"refsource": "CONFIRM",
"url": "https://www.manageengine.com/products/eventlog/release-notes.html"
}
]
}
}

34
2018/10xxx/CVE-2018-10448.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10448", "ID": "CVE-2018-10448",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/10xxx/CVE-2018-10552.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10552", "ID": "CVE-2018-10552",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/10xxx/CVE-2018-10570.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10570", "ID": "CVE-2018-10570",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/philippe/FrogCMS/issues/9", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/philippe/FrogCMS/issues/9" "lang": "eng",
} "value": "Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/philippe/FrogCMS/issues/9",
"refsource": "MISC",
"url": "https://github.com/philippe/FrogCMS/issues/9"
}
]
}
}

34
2018/10xxx/CVE-2018-10838.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10838", "ID": "CVE-2018-10838",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/13xxx/CVE-2018-13043.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13043", "ID": "CVE-2018-13043",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/902409", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.debian.org/902409" "lang": "eng",
}, "value": "scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing."
{ }
"name" : "USN-3704-1", ]
"refsource" : "UBUNTU", },
"url" : "https://usn.ubuntu.com/3704-1/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.debian.org/902409",
"refsource": "MISC",
"url": "https://bugs.debian.org/902409"
},
{
"name": "USN-3704-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3704-1/"
}
]
}
}

34
2018/13xxx/CVE-2018-13245.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13245", "ID": "CVE-2018-13245",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/13xxx/CVE-2018-13260.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-13260", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-13260",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

130
2018/13xxx/CVE-2018-13685.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13685", "ID": "CVE-2018-13685",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
}
]
}
}

130
2018/17xxx/CVE-2018-17096.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17096", "ID": "CVE-2018-17096",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/TeamSeri0us/pocs/tree/master/soundtouch/2018_09_03", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/TeamSeri0us/pocs/tree/master/soundtouch/2018_09_03" "lang": "eng",
}, "value": "The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch."
{ }
"name" : "https://gitlab.com/soundtouch/soundtouch/issues/14", ]
"refsource" : "MISC", },
"url" : "https://gitlab.com/soundtouch/soundtouch/issues/14" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.com/soundtouch/soundtouch/issues/14",
"refsource": "MISC",
"url": "https://gitlab.com/soundtouch/soundtouch/issues/14"
},
{
"name": "https://github.com/TeamSeri0us/pocs/tree/master/soundtouch/2018_09_03",
"refsource": "MISC",
"url": "https://github.com/TeamSeri0us/pocs/tree/master/soundtouch/2018_09_03"
}
]
}
}

34
2018/17xxx/CVE-2018-17549.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17549", "ID": "CVE-2018-17549",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/17xxx/CVE-2018-17735.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17735", "ID": "CVE-2018-17735",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/17xxx/CVE-2018-17879.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17879", "ID": "CVE-2018-17879",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/20xxx/CVE-2018-20791.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20791", "ID": "CVE-2018-20791",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "45987", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/45987" "lang": "eng",
} "value": "tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45987",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45987"
}
]
}
}

34
2018/9xxx/CVE-2018-9680.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9680", "ID": "CVE-2018-9680",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9769.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9769", "ID": "CVE-2018-9769",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2018/9xxx/CVE-2018-9844.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9844", "ID": "CVE-2018-9844",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "44444", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/44444/" "lang": "eng",
}, "value": "The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS."
{ }
"name" : "https://wordpress.org/plugins/wp-file-upload/#developers", ]
"refsource" : "CONFIRM", },
"url" : "https://wordpress.org/plugins/wp-file-upload/#developers" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.iptanus.com/new-version-4-3-4-of-wordpress-file-upload-plugin/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.iptanus.com/new-version-4-3-4-of-wordpress-file-upload-plugin/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "44444",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44444/"
},
{
"name": "https://www.iptanus.com/new-version-4-3-4-of-wordpress-file-upload-plugin/",
"refsource": "CONFIRM",
"url": "https://www.iptanus.com/new-version-4-3-4-of-wordpress-file-upload-plugin/"
},
{
"name": "https://wordpress.org/plugins/wp-file-upload/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/wp-file-upload/#developers"
}
]
}
}

34
2018/9xxx/CVE-2018-9894.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9894", "ID": "CVE-2018-9894",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }