From 84a136c8c8bb45815412dc8b28c86056d52d82f1 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:08:41 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2002/0xxx/CVE-2002-0655.json | 190 +++++++++--------- 2002/1xxx/CVE-2002-1145.json | 180 ++++++++--------- 2002/1xxx/CVE-2002-1181.json | 200 +++++++++---------- 2002/1xxx/CVE-2002-1227.json | 140 ++++++------- 2002/1xxx/CVE-2002-1383.json | 260 ++++++++++++------------ 2002/1xxx/CVE-2002-1798.json | 150 +++++++------- 2002/1xxx/CVE-2002-1967.json | 140 ++++++------- 2003/0xxx/CVE-2003-0003.json | 190 +++++++++--------- 2003/0xxx/CVE-2003-0208.json | 150 +++++++------- 2003/0xxx/CVE-2003-0314.json | 120 +++++------ 2003/0xxx/CVE-2003-0534.json | 34 ++-- 2003/0xxx/CVE-2003-0779.json | 120 +++++------ 2003/1xxx/CVE-2003-1120.json | 180 ++++++++--------- 2004/2xxx/CVE-2004-2028.json | 160 +++++++-------- 2004/2xxx/CVE-2004-2172.json | 210 ++++++++++---------- 2004/2xxx/CVE-2004-2764.json | 200 +++++++++---------- 2008/2xxx/CVE-2008-2621.json | 200 +++++++++---------- 2012/0xxx/CVE-2012-0256.json | 170 ++++++++-------- 2012/0xxx/CVE-2012-0845.json | 310 ++++++++++++++--------------- 2012/1xxx/CVE-2012-1306.json | 34 ++-- 2012/1xxx/CVE-2012-1603.json | 180 ++++++++--------- 2012/1xxx/CVE-2012-1858.json | 170 ++++++++-------- 2012/4xxx/CVE-2012-4443.json | 140 ++++++------- 2012/4xxx/CVE-2012-4917.json | 130 ++++++------ 2012/5xxx/CVE-2012-5054.json | 150 +++++++------- 2012/5xxx/CVE-2012-5077.json | 350 ++++++++++++++++----------------- 2012/5xxx/CVE-2012-5880.json | 34 ++-- 2017/3xxx/CVE-2017-3350.json | 166 ++++++++-------- 2017/3xxx/CVE-2017-3883.json | 150 +++++++------- 2017/6xxx/CVE-2017-6391.json | 140 ++++++------- 2017/6xxx/CVE-2017-6593.json | 34 ++-- 2017/7xxx/CVE-2017-7137.json | 140 ++++++------- 2017/7xxx/CVE-2017-7344.json | 142 ++++++------- 2017/7xxx/CVE-2017-7476.json | 160 +++++++-------- 2017/7xxx/CVE-2017-7907.json | 150 +++++++------- 2017/8xxx/CVE-2017-8569.json | 142 ++++++------- 2018/10xxx/CVE-2018-10270.json | 34 ++-- 2018/10xxx/CVE-2018-10280.json | 34 ++-- 2018/10xxx/CVE-2018-10372.json | 140 ++++++------- 2018/10xxx/CVE-2018-10507.json | 140 ++++++------- 2018/10xxx/CVE-2018-10805.json | 130 ++++++------ 2018/13xxx/CVE-2018-13381.json | 34 ++-- 2018/17xxx/CVE-2018-17520.json | 34 ++-- 2018/17xxx/CVE-2018-17567.json | 130 ++++++------ 2018/17xxx/CVE-2018-17685.json | 130 ++++++------ 2018/17xxx/CVE-2018-17833.json | 34 ++-- 2018/20xxx/CVE-2018-20506.json | 34 ++-- 2018/9xxx/CVE-2018-9021.json | 132 ++++++------- 2018/9xxx/CVE-2018-9094.json | 34 ++-- 2018/9xxx/CVE-2018-9629.json | 34 ++-- 2018/9xxx/CVE-2018-9699.json | 34 ++-- 2018/9xxx/CVE-2018-9989.json | 150 +++++++------- 52 files changed, 3487 insertions(+), 3487 deletions(-) diff --git a/2002/0xxx/CVE-2002-0655.json b/2002/0xxx/CVE-2002-0655.json index f98b1b02f7b..93abbd4a56e 100644 --- a/2002/0xxx/CVE-2002-0655.json +++ b/2002/0xxx/CVE-2002-0655.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CA-2002-23", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2002-23.html" - }, - { - "name" : "VU#308891", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/308891" - }, - { - "name" : "CSSA-2002-033.0", - "refsource" : "CALDERA", - "url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt" - }, - { - "name" : "CSSA-2002-033.1", - "refsource" : "CALDERA", - "url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt" - }, - { - "name" : "FreeBSD-SA-02:33", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc" - }, - { - "name" : "MDKSA-2002:046", - "refsource" : "MANDRAKE", - "url" : "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php" - }, - { - "name" : "CLA-2002:513", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513" - }, - { - "name" : "5364", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5364" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2002:046", + "refsource": "MANDRAKE", + "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php" + }, + { + "name": "CSSA-2002-033.0", + "refsource": "CALDERA", + "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt" + }, + { + "name": "CA-2002-23", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2002-23.html" + }, + { + "name": "CSSA-2002-033.1", + "refsource": "CALDERA", + "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt" + }, + { + "name": "CLA-2002:513", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513" + }, + { + "name": "FreeBSD-SA-02:33", + "refsource": "FREEBSD", + "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc" + }, + { + "name": "VU#308891", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/308891" + }, + { + "name": "5364", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5364" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1145.json b/2002/1xxx/CVE-2002-1145.json index e5ffbe040a7..811924f00e1 100644 --- a/2002/1xxx/CVE-2002-1145.json +++ b/2002/1xxx/CVE-2002-1145.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1145", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owner through the msdb.dbo.mswebtasks table, which does not have strong permissions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1145", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=103487044122900&w=2" - }, - { - "name" : "20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=103486356413404&w=2" - }, - { - "name" : "http://www.nextgenss.com/advisories/mssql-webtasks.txt", - "refsource" : "MISC", - "url" : "http://www.nextgenss.com/advisories/mssql-webtasks.txt" - }, - { - "name" : "MS02-061", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-061" - }, - { - "name" : "20030203 Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml" - }, - { - "name" : "5980", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5980" - }, - { - "name" : "mssql-webtask-gain-privileges(10388)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10388.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owner through the msdb.dbo.mswebtasks table, which does not have strong permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5980", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5980" + }, + { + "name": "http://www.nextgenss.com/advisories/mssql-webtasks.txt", + "refsource": "MISC", + "url": "http://www.nextgenss.com/advisories/mssql-webtasks.txt" + }, + { + "name": "mssql-webtask-gain-privileges(10388)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10388.php" + }, + { + "name": "20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=103487044122900&w=2" + }, + { + "name": "MS02-061", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-061" + }, + { + "name": "20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=103486356413404&w=2" + }, + { + "name": "20030203 Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1181.json b/2002/1xxx/CVE-2002-1181.json index fd1473c7482..638e58ecf4c 100644 --- a/2002/1xxx/CVE-2002-1181.json +++ b/2002/1xxx/CVE-2002-1181.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1181", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1181", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021105 [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=103651224215736&w=2" - }, - { - "name" : "http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html", - "refsource" : "MISC", - "url" : "http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html" - }, - { - "name" : "MS02-062", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062" - }, - { - "name" : "N-011", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/n-011.shtml" - }, - { - "name" : "6068", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6068" - }, - { - "name" : "6072", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6072" - }, - { - "name" : "oval:org.mitre.oval:def:942", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A942" - }, - { - "name" : "oval:org.mitre.oval:def:944", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A944" - }, - { - "name" : "iis-admin-pages-xss(10501)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10501.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "iis-admin-pages-xss(10501)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10501.php" + }, + { + "name": "6072", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6072" + }, + { + "name": "oval:org.mitre.oval:def:942", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A942" + }, + { + "name": "N-011", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/n-011.shtml" + }, + { + "name": "6068", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6068" + }, + { + "name": "http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html", + "refsource": "MISC", + "url": "http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html" + }, + { + "name": "oval:org.mitre.oval:def:944", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A944" + }, + { + "name": "MS02-062", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062" + }, + { + "name": "20021105 [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=103651224215736&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1227.json b/2002/1xxx/CVE-2002-1227.json index 30a7c5f65f0..3f01fcbb63a 100644 --- a/2002/1xxx/CVE-2002-1227.json +++ b/2002/1xxx/CVE-2002-1227.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1227", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1227", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-177", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2002/dsa-177" - }, - { - "name" : "pam-disabled-bypass-authentication(10405)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10405.php" - }, - { - "name" : "5994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "pam-disabled-bypass-authentication(10405)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10405.php" + }, + { + "name": "5994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5994" + }, + { + "name": "DSA-177", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2002/dsa-177" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1383.json b/2002/1xxx/CVE-2002-1383.json index 1fd53b21d41..d581feb0851 100644 --- a/2002/1xxx/CVE-2002-1383.json +++ b/2002/1xxx/CVE-2002-1383.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=104032149026670&w=2" - }, - { - "name" : "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html" - }, - { - "name" : "http://www.idefense.com/advisory/12.19.02.txt", - "refsource" : "MISC", - "url" : "http://www.idefense.com/advisory/12.19.02.txt" - }, - { - "name" : "CSSA-2003-004.0", - "refsource" : "CALDERA", - "url" : "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-004.0.txt" - }, - { - "name" : "RHSA-2002:295", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2002-295.html" - }, - { - "name" : "SuSE-SA:2003:002", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2003_002_cups.html" - }, - { - "name" : "7907", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7907" - }, - { - "name" : "7756", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7756/" - }, - { - "name" : "7794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7794" - }, - { - "name" : "7803", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7803" - }, - { - "name" : "7843", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7843" - }, - { - "name" : "7858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7858" - }, - { - "name" : "7913", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7913/" - }, - { - "name" : "8080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/8080/" - }, - { - "name" : "9325", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/9325/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7858" + }, + { + "name": "7843", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7843" + }, + { + "name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html" + }, + { + "name": "9325", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/9325/" + }, + { + "name": "CSSA-2003-004.0", + "refsource": "CALDERA", + "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-004.0.txt" + }, + { + "name": "7756", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7756/" + }, + { + "name": "7907", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7907" + }, + { + "name": "7913", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7913/" + }, + { + "name": "7794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7794" + }, + { + "name": "SuSE-SA:2003:002", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html" + }, + { + "name": "http://www.idefense.com/advisory/12.19.02.txt", + "refsource": "MISC", + "url": "http://www.idefense.com/advisory/12.19.02.txt" + }, + { + "name": "RHSA-2002:295", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html" + }, + { + "name": "7803", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7803" + }, + { + "name": "8080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/8080/" + }, + { + "name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=104032149026670&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1798.json b/2002/1xxx/CVE-2002-1798.json index ceaf8be5bd4..82a43ea287e 100644 --- a/2002/1xxx/CVE-2002-1798.json +++ b/2002/1xxx/CVE-2002-1798.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1798", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1798", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021002 Multiple Web Security Holes", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2002-10/0016.html" - }, - { - "name" : "5851", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5851" - }, - { - "name" : "5855", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5855" - }, - { - "name" : "midicart-php-access-upload(10306)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10306.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5855", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5855" + }, + { + "name": "20021002 Multiple Web Security Holes", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0016.html" + }, + { + "name": "midicart-php-access-upload(10306)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10306.php" + }, + { + "name": "5851", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5851" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1967.json b/2002/1xxx/CVE-2002-1967.json index 108fc09aaff..f14bad3eb78 100644 --- a/2002/1xxx/CVE-2002-1967.json +++ b/2002/1xxx/CVE-2002-1967.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1967", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1967", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020705 bug", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0005.html" - }, - { - "name" : "5185", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5185" - }, - { - "name" : "xircon-client-command-dos(9516)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/9516.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5185", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5185" + }, + { + "name": "20020705 bug", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0005.html" + }, + { + "name": "xircon-client-command-dos(9516)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/9516.php" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0003.json b/2003/0xxx/CVE-2003-0003.json index e765948d338..8efa8d3ec3a 100644 --- a/2003/0xxx/CVE-2003-0003.json +++ b/2003/0xxx/CVE-2003-0003.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0003", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=104394414713415&w=2" - }, - { - "name" : "20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003)", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=104393588232166&w=2" - }, - { - "name" : "MS03-001", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-001" - }, - { - "name" : "CA-2003-03", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2003-03.html" - }, - { - "name" : "VU#610986", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/610986" - }, - { - "name" : "6666", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6666" - }, - { - "name" : "win-locator-bo(11132)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11132" - }, - { - "name" : "oval:org.mitre.oval:def:103", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A103" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS03-001", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-001" + }, + { + "name": "20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=104394414713415&w=2" + }, + { + "name": "oval:org.mitre.oval:def:103", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A103" + }, + { + "name": "win-locator-bo(11132)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11132" + }, + { + "name": "6666", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6666" + }, + { + "name": "VU#610986", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/610986" + }, + { + "name": "CA-2003-03", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2003-03.html" + }, + { + "name": "20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003)", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=104393588232166&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0208.json b/2003/0xxx/CVE-2003-0208.json index c7009532fd9..f39ef0d40b0 100644 --- a/2003/0xxx/CVE-2003-0208.json +++ b/2003/0xxx/CVE-2003-0208.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105033712615013&w=2" - }, - { - "name" : "20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2003-April/004514.html" - }, - { - "name" : "http://www.securiteam.com/securitynews/5XP0B0U9PE.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/securitynews/5XP0B0U9PE.html" - }, - { - "name" : "http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm", - "refsource" : "CONFIRM", - "url" : "http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm", + "refsource": "CONFIRM", + "url": "http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm" + }, + { + "name": "20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-April/004514.html" + }, + { + "name": "http://www.securiteam.com/securitynews/5XP0B0U9PE.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/securitynews/5XP0B0U9PE.html" + }, + { + "name": "20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105033712615013&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0314.json b/2003/0xxx/CVE-2003-0314.json index 2a6b6716662..b95a62faf18 100644 --- a/2003/0xxx/CVE-2003-0314.json +++ b/2003/0xxx/CVE-2003-0314.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0314", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a \"