diff --git a/2006/5xxx/CVE-2006-5180.json b/2006/5xxx/CVE-2006-5180.json index 1a99da6e23a..17b947e99a1 100644 --- a/2006/5xxx/CVE-2006-5180.json +++ b/2006/5xxx/CVE-2006-5180.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in include/main.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter, a different vector than CVE-2006-5102." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060928 Newswriter SW v1.4.2 Remote File Include Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447253/100/0/threaded" - }, - { - "name" : "2443", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2443" - }, - { - "name" : "1695", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in include/main.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter, a different vector than CVE-2006-5102." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1695", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1695" + }, + { + "name": "20060928 Newswriter SW v1.4.2 Remote File Include Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447253/100/0/threaded" + }, + { + "name": "2443", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2443" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5383.json b/2006/5xxx/CVE-2006-5383.json index 16bf815c375..72a0c730415 100644 --- a/2006/5xxx/CVE-2006-5383.json +++ b/2006/5xxx/CVE-2006-5383.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2567", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2567" - }, - { - "name" : "20545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20545" - }, - { - "name" : "ADV-2006-4049", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4049" - }, - { - "name" : "22389", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22389" - }, - { - "name" : "defblog-comadd-sql-injection(29561)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29561" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "defblog-comadd-sql-injection(29561)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29561" + }, + { + "name": "2567", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2567" + }, + { + "name": "ADV-2006-4049", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4049" + }, + { + "name": "22389", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22389" + }, + { + "name": "20545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20545" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5535.json b/2006/5xxx/CVE-2006-5535.json index 0df20eb7de2..a7ae559fb09 100644 --- a/2006/5xxx/CVE-2006-5535.json +++ b/2006/5xxx/CVE-2006-5535.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5535", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5535", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061022 WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/449472/100/0/threaded" - }, - { - "name" : "http://changelog.cpanel.net/", - "refsource" : "CONFIRM", - "url" : "http://changelog.cpanel.net/" - }, - { - "name" : "20683", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20683" - }, - { - "name" : "ADV-2006-4190", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4190" - }, - { - "name" : "22555", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22555" - }, - { - "name" : "1780", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1780" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20683", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20683" + }, + { + "name": "1780", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1780" + }, + { + "name": "22555", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22555" + }, + { + "name": "20061022 WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/449472/100/0/threaded" + }, + { + "name": "ADV-2006-4190", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4190" + }, + { + "name": "http://changelog.cpanel.net/", + "refsource": "CONFIRM", + "url": "http://changelog.cpanel.net/" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5891.json b/2006/5xxx/CVE-2006-5891.json index ae9a3124fde..04b9afe04b4 100644 --- a/2006/5xxx/CVE-2006-5891.json +++ b/2006/5xxx/CVE-2006-5891.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5891", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5891", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061112 UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451307/100/0/threaded" - }, - { - "name" : "20061113 Ustore SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451519/100/0/threaded" - }, - { - "name" : "2763", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2763" - }, - { - "name" : "ADV-2006-4479", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4479" - }, - { - "name" : "22838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22838" - }, - { - "name" : "1851", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1851" - }, - { - "name" : "ustore-detail-sql-injection(30187)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30187" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4479", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4479" + }, + { + "name": "ustore-detail-sql-injection(30187)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30187" + }, + { + "name": "20061112 UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451307/100/0/threaded" + }, + { + "name": "2763", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2763" + }, + { + "name": "20061113 Ustore SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451519/100/0/threaded" + }, + { + "name": "22838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22838" + }, + { + "name": "1851", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1851" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5967.json b/2006/5xxx/CVE-2006-5967.json index b8b969b99d9..2637fcb4ab3 100644 --- a/2006/5xxx/CVE-2006-5967.json +++ b/2006/5xxx/CVE-2006-5967.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5967", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to cause memory corruption and execute arbitrary code via unknown vectors related to multiple invocations of the Analizar method in the ActiveScan.1 ActiveX control, which is not thread safe." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2006-5967", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451864/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2006-64/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2006-64/advisory/" - }, - { - "name" : "21132", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21132" - }, - { - "name" : "ADV-2006-4536", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4536" - }, - { - "name" : "21763", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21763" - }, - { - "name" : "pandaactivescan-activescan-code-execution(30319)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30319" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to cause memory corruption and execute arbitrary code via unknown vectors related to multiple invocations of the Analizar method in the ActiveScan.1 ActiveX control, which is not thread safe." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21763", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21763" + }, + { + "name": "21132", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21132" + }, + { + "name": "http://secunia.com/secunia_research/2006-64/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2006-64/advisory/" + }, + { + "name": "ADV-2006-4536", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4536" + }, + { + "name": "20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451864/100/0/threaded" + }, + { + "name": "pandaactivescan-activescan-code-execution(30319)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30319" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2276.json b/2007/2xxx/CVE-2007-2276.json index 9c4c27a1b65..e930e987450 100644 --- a/2007/2xxx/CVE-2007-2276.json +++ b/2007/2xxx/CVE-2007-2276.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2276", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a \"badly written loop.\" NOTE: the vendor disputes this issue, stating that the product has \"performed as expected with no DoS emerging.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2276", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070424 3Com's TippingPoint Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466784/100/0/threaded" - }, - { - "name" : "20070424 Re: 3Com's TippingPoint Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466795/100/0/threaded" - }, - { - "name" : "20070425 Re: 3Com's TippingPoint Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466891/100/0/threaded" - }, - { - "name" : "23644", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23644" - }, - { - "name" : "35724", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35724" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a \"badly written loop.\" NOTE: the vendor disputes this issue, stating that the product has \"performed as expected with no DoS emerging.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23644", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23644" + }, + { + "name": "20070425 Re: 3Com's TippingPoint Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466891/100/0/threaded" + }, + { + "name": "20070424 Re: 3Com's TippingPoint Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466795/100/0/threaded" + }, + { + "name": "20070424 3Com's TippingPoint Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466784/100/0/threaded" + }, + { + "name": "35724", + "refsource": "OSVDB", + "url": "http://osvdb.org/35724" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2370.json b/2007/2xxx/CVE-2007-2370.json index 303b5fdb713..c284119f5e5 100644 --- a/2007/2xxx/CVE-2007-2370.json +++ b/2007/2xxx/CVE-2007-2370.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3672", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3672" - }, - { - "name" : "20070405 true: XOOPS Module Jobs <= 2.4 (cid) SQL Injection Exploit", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-April/001494.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3672", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3672" + }, + { + "name": "20070405 true: XOOPS Module Jobs <= 2.4 (cid) SQL Injection Exploit", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-April/001494.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2856.json b/2007/2xxx/CVE-2007-2856.json index 951079cb7c8..9f9ae05a0f6 100644 --- a/2007/2xxx/CVE-2007-2856.json +++ b/2007/2xxx/CVE-2007-2856.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2856", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070524 Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469503/100/0/threaded" - }, - { - "name" : "20070525 IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469592/100/0/threaded" - }, - { - "name" : "http://retrogod.altervista.org/ie_DartZip_bof.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/ie_DartZip_bof.html" - }, - { - "name" : "24142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24142" - }, - { - "name" : "24163", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24163" - }, - { - "name" : "38111", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38111" - }, - { - "name" : "powertcp-compression-bo(34520)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34520" - }, - { - "name" : "powertcp-service-activex-bo(34494)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34494" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070525 IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469592/100/0/threaded" + }, + { + "name": "38111", + "refsource": "OSVDB", + "url": "http://osvdb.org/38111" + }, + { + "name": "24163", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24163" + }, + { + "name": "powertcp-service-activex-bo(34494)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34494" + }, + { + "name": "20070524 Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469503/100/0/threaded" + }, + { + "name": "powertcp-compression-bo(34520)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34520" + }, + { + "name": "24142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24142" + }, + { + "name": "http://retrogod.altervista.org/ie_DartZip_bof.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/ie_DartZip_bof.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2890.json b/2007/2xxx/CVE-2007-2890.json index 5bc06c9eca3..c7eab4a1e01 100644 --- a/2007/2xxx/CVE-2007-2890.json +++ b/2007/2xxx/CVE-2007-2890.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2890", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2890", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3981", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3981" - }, - { - "name" : "24138", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24138" - }, - { - "name" : "ADV-2007-1956", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1956" - }, - { - "name" : "36315", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36315" - }, - { - "name" : "25412", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25412" - }, - { - "name" : "cpcommerce-category-sql-injection(34484)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34484" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3981", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3981" + }, + { + "name": "25412", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25412" + }, + { + "name": "ADV-2007-1956", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1956" + }, + { + "name": "24138", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24138" + }, + { + "name": "cpcommerce-category-sql-injection(34484)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34484" + }, + { + "name": "36315", + "refsource": "OSVDB", + "url": "http://osvdb.org/36315" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2926.json b/2007/2xxx/CVE-2007-2926.json index 3908c8ffdbe..5475416afd8 100644 --- a/2007/2xxx/CVE-2007-2926.json +++ b/2007/2xxx/CVE-2007-2926.json @@ -1,402 +1,402 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-2926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070724 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474545/100/0/threaded" - }, - { - "name" : "20070726 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474808/100/0/threaded" - }, - { - "name" : "20070727 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474856/100/0/threaded" - }, - { - "name" : "20070724 \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474516/100/0/threaded" - }, - { - "name" : "http://www.securiteam.com/securitynews/5VP0L0UM0A.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/securitynews/5VP0L0UM0A.html" - }, - { - "name" : "http://www.trusteer.com/docs/bind9dns.html", - "refsource" : "MISC", - "url" : "http://www.trusteer.com/docs/bind9dns.html" - }, - { - "name" : "http://www.trusteer.com/docs/bind9dns_s.html", - "refsource" : "MISC", - "url" : "http://www.trusteer.com/docs/bind9dns_s.html" - }, - { - "name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php", - "refsource" : "CONFIRM", - "url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1587", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1587" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903" - }, - { - "name" : "ftp://aix.software.ibm.com/aix/efixes/security/README", - "refsource" : "CONFIRM", - "url" : "ftp://aix.software.ibm.com/aix/efixes/security/README" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "IZ02218", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only" - }, - { - "name" : "IZ02219", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "DSA-1341", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1341" - }, - { - "name" : "FreeBSD-SA-07:07", - "refsource" : "FREEBSD", - "url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc" - }, - { - "name" : "GLSA-200708-13", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml" - }, - { - "name" : "HPSBUX02251", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426" - }, - { - "name" : "SSRT071449", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426" - }, - { - "name" : "HPSBOV02261", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368" - }, - { - "name" : "HPSBTU02256", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600" - }, - { - "name" : "HPSBOV03226", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141879471518471&w=2" - }, - { - "name" : "SSRT101004", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141879471518471&w=2" - }, - { - "name" : "MDKSA-2007:149", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:149" - }, - { - "name" : "OpenPKG-SA-2007.022", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html" - }, - { - "name" : "RHSA-2007:0740", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0740.html" - }, - { - "name" : "20070801-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc" - }, - { - "name" : "SSA:2007-207-01", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385" - }, - { - "name" : "103018", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1" - }, - { - "name" : "SUSE-SA:2007:047", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_47_bind.html" - }, - { - "name" : "2007-0023", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0023/" - }, - { - "name" : "USN-491-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-491-1" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "VU#252735", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/252735" - }, - { - "name" : "25037", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25037" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "oval:org.mitre.oval:def:10293", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293" - }, - { - "name" : "ADV-2007-2627", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2627" - }, - { - "name" : "ADV-2007-2662", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2662" - }, - { - "name" : "ADV-2007-2782", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2782" - }, - { - "name" : "ADV-2007-2914", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2914" - }, - { - "name" : "ADV-2007-2932", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2932" - }, - { - "name" : "ADV-2007-3242", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3242" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "oval:org.mitre.oval:def:2226", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226" - }, - { - "name" : "1018442", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018442" - }, - { - "name" : "26152", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26152" - }, - { - "name" : "26195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26195" - }, - { - "name" : "26160", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26160" - }, - { - "name" : "26227", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26227" - }, - { - "name" : "26148", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26148" - }, - { - "name" : "26231", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26231" - }, - { - "name" : "26330", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26330" - }, - { - "name" : "26261", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26261" - }, - { - "name" : "26308", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26308" - }, - { - "name" : "26509", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26509" - }, - { - "name" : "26515", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26515" - }, - { - "name" : "26531", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26531" - }, - { - "name" : "26607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26607" - }, - { - "name" : "26847", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26847" - }, - { - "name" : "26925", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26925" - }, - { - "name" : "26180", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26180" - }, - { - "name" : "26217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26217" - }, - { - "name" : "26236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26236" - }, - { - "name" : "26605", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26605" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "isc-bind-queryid-spoofing(35575)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35575" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm" + }, + { + "name": "http://www.trusteer.com/docs/bind9dns_s.html", + "refsource": "MISC", + "url": "http://www.trusteer.com/docs/bind9dns_s.html" + }, + { + "name": "26231", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26231" + }, + { + "name": "ADV-2007-2932", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2932" + }, + { + "name": "HPSBOV03226", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2" + }, + { + "name": "26847", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26847" + }, + { + "name": "IZ02218", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only" + }, + { + "name": "ADV-2007-2914", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2914" + }, + { + "name": "RHSA-2007:0740", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0740.html" + }, + { + "name": "26217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26217" + }, + { + "name": "SSRT101004", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2" + }, + { + "name": "26509", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26509" + }, + { + "name": "HPSBOV02261", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368" + }, + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "http://www.securiteam.com/securitynews/5VP0L0UM0A.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/securitynews/5VP0L0UM0A.html" + }, + { + "name": "HPSBUX02251", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426" + }, + { + "name": "26605", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26605" + }, + { + "name": "103018", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1" + }, + { + "name": "MDKSA-2007:149", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:149" + }, + { + "name": "26607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26607" + }, + { + "name": "20070727 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474856/100/0/threaded" + }, + { + "name": "26148", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26148" + }, + { + "name": "FreeBSD-SA-07:07", + "refsource": "FREEBSD", + "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc" + }, + { + "name": "VU#252735", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/252735" + }, + { + "name": "http://www.trusteer.com/docs/bind9dns.html", + "refsource": "MISC", + "url": "http://www.trusteer.com/docs/bind9dns.html" + }, + { + "name": "26180", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26180" + }, + { + "name": "GLSA-200708-13", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml" + }, + { + "name": "26152", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26152" + }, + { + "name": "2007-0023", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0023/" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903" + }, + { + "name": "SSA:2007-207-01", + "refsource": "SLACKWARE", + "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "20070724 \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474516/100/0/threaded" + }, + { + "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", + "refsource": "CONFIRM", + "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" + }, + { + "name": "IZ02219", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only" + }, + { + "name": "isc-bind-queryid-spoofing(35575)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35575" + }, + { + "name": "ADV-2007-2782", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2782" + }, + { + "name": "26227", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26227" + }, + { + "name": "26261", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26261" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "25037", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25037" + }, + { + "name": "26515", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26515" + }, + { + "name": "USN-491-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-491-1" + }, + { + "name": "26330", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26330" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1587", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1587" + }, + { + "name": "HPSBTU02256", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600" + }, + { + "name": "1018442", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018442" + }, + { + "name": "20070801-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc" + }, + { + "name": "DSA-1341", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1341" + }, + { + "name": "26308", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26308" + }, + { + "name": "SUSE-SA:2007:047", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_47_bind.html" + }, + { + "name": "ADV-2007-2627", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2627" + }, + { + "name": "oval:org.mitre.oval:def:2226", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "26236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26236" + }, + { + "name": "ADV-2007-2662", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2662" + }, + { + "name": "26195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26195" + }, + { + "name": "ftp://aix.software.ibm.com/aix/efixes/security/README", + "refsource": "CONFIRM", + "url": "ftp://aix.software.ibm.com/aix/efixes/security/README" + }, + { + "name": "ADV-2007-3242", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3242" + }, + { + "name": "oval:org.mitre.oval:def:10293", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293" + }, + { + "name": "OpenPKG-SA-2007.022", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + }, + { + "name": "26925", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26925" + }, + { + "name": "26160", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26160" + }, + { + "name": "20070724 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474545/100/0/threaded" + }, + { + "name": "SSRT071449", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426" + }, + { + "name": "20070726 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474808/100/0/threaded" + }, + { + "name": "26531", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26531" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3078.json b/2007/3xxx/CVE-2007-3078.json index 3ccbcc8ee72..b2ec85e4a85 100644 --- a/2007/3xxx/CVE-2007-3078.json +++ b/2007/3xxx/CVE-2007-3078.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3078", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3078", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595" - }, - { - "name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107" - }, - { - "name" : "24264", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24264" - }, - { - "name" : "36897", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36897" - }, - { - "name" : "36898", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36898" - }, - { - "name" : "25503", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25503" - }, - { - "name" : "aigaion-authorpublication-xss(34665)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34665" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595" + }, + { + "name": "25503", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25503" + }, + { + "name": "36897", + "refsource": "OSVDB", + "url": "http://osvdb.org/36897" + }, + { + "name": "36898", + "refsource": "OSVDB", + "url": "http://osvdb.org/36898" + }, + { + "name": "aigaion-authorpublication-xss(34665)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34665" + }, + { + "name": "24264", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24264" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3842.json b/2007/3xxx/CVE-2007-3842.json index 5130c77ffc3..81945e4e87d 100644 --- a/2007/3xxx/CVE-2007-3842.json +++ b/2007/3xxx/CVE-2007-3842.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf" - }, - { - "name" : "36706", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf", + "refsource": "CONFIRM", + "url": "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf" + }, + { + "name": "36706", + "refsource": "OSVDB", + "url": "http://osvdb.org/36706" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6046.json b/2007/6xxx/CVE-2007-6046.json index 3f4d89b0b47..0507e503cee 100644 --- a/2007/6xxx/CVE-2007-6046.json +++ b/2007/6xxx/CVE-2007-6046.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6046", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6046", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" - }, - { - "name" : "IZ07018", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018" - }, - { - "name" : "26450", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26450" - }, - { - "name" : "ADV-2007-3867", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3867" - }, - { - "name" : "27667", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27667" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" + }, + { + "name": "ADV-2007-3867", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3867" + }, + { + "name": "26450", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26450" + }, + { + "name": "27667", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27667" + }, + { + "name": "IZ07018", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6321.json b/2007/6xxx/CVE-2007-6321.json index 8c911f7daec..35fa97569a9 100644 --- a/2007/6xxx/CVE-2007-6321.json +++ b/2007/6xxx/CVE-2007-6321.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071209 Unsanitized scripting in RoundCube webmail", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484802/100/0/threaded" - }, - { - "name" : "http://openmya.hacker.jp/hasegawa/security/expression.txt", - "refsource" : "MISC", - "url" : "http://openmya.hacker.jp/hasegawa/security/expression.txt" - }, - { - "name" : "http://trac.roundcube.net/ticket/1484701", - "refsource" : "CONFIRM", - "url" : "http://trac.roundcube.net/ticket/1484701" - }, - { - "name" : "26800", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26800" - }, - { - "name" : "30734", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30734" - }, - { - "name" : "3435", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3435" - }, - { - "name" : "roundcube-email-messages-xss(38981)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38981" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071209 Unsanitized scripting in RoundCube webmail", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484802/100/0/threaded" + }, + { + "name": "roundcube-email-messages-xss(38981)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38981" + }, + { + "name": "http://trac.roundcube.net/ticket/1484701", + "refsource": "CONFIRM", + "url": "http://trac.roundcube.net/ticket/1484701" + }, + { + "name": "3435", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3435" + }, + { + "name": "26800", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26800" + }, + { + "name": "http://openmya.hacker.jp/hasegawa/security/expression.txt", + "refsource": "MISC", + "url": "http://openmya.hacker.jp/hasegawa/security/expression.txt" + }, + { + "name": "30734", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30734" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0081.json b/2010/0xxx/CVE-2010-0081.json index 486dbf77418..b8c44c2a6f8 100644 --- a/2010/0xxx/CVE-2010-0081.json +++ b/2010/0xxx/CVE-2010-0081.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2381." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2381." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0199.json b/2010/0xxx/CVE-2010-0199.json index 870a30c800a..123ce3d999c 100644 --- a/2010/0xxx/CVE-2010-0199.json +++ b/2010/0xxx/CVE-2010-0199.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-0199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-09.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-09.html" - }, - { - "name" : "TA10-103C", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-103C.html" - }, - { - "name" : "39329", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39329" - }, - { - "name" : "oval:org.mitre.oval:def:6900", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6900" - }, - { - "name" : "ADV-2010-0873", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0873" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-0873", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0873" + }, + { + "name": "oval:org.mitre.oval:def:6900", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6900" + }, + { + "name": "TA10-103C", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-103C.html" + }, + { + "name": "39329", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39329" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-09.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0372.json b/2010/0xxx/CVE-2010-0372.json index 8b39efefd44..53adfa435ef 100644 --- a/2010/0xxx/CVE-2010-0372.json +++ b/2010/0xxx/CVE-2010-0372.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0372", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt" - }, - { - "name" : "11140", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/11140" - }, - { - "name" : "37799", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37799" - }, - { - "name" : "articlemanager-index-sql-injection(55664)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55664" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "articlemanager-index-sql-injection(55664)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55664" + }, + { + "name": "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt" + }, + { + "name": "37799", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37799" + }, + { + "name": "11140", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/11140" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1791.json b/2010/1xxx/CVE-2010-1791.json index 114c4122994..8b1ad9a410e 100644 --- a/2010/1xxx/CVE-2010-1791.json +++ b/2010/1xxx/CVE-2010-1791.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1791", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1791", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4276", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4276" - }, - { - "name" : "http://support.apple.com/kb/HT4334", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4334" - }, - { - "name" : "http://support.apple.com/kb/HT4456", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4456" - }, - { - "name" : "APPLE-SA-2010-07-28-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" - }, - { - "name" : "APPLE-SA-2010-09-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" - }, - { - "name" : "APPLE-SA-2010-11-22-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "SUSE-SR:2011:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" - }, - { - "name" : "42020", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/42020" - }, - { - "name" : "oval:org.mitre.oval:def:11802", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11802" - }, - { - "name" : "42314", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42314" - }, - { - "name" : "43068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43068" - }, - { - "name" : "ADV-2011-0212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0212" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "43068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43068" + }, + { + "name": "APPLE-SA-2010-09-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" + }, + { + "name": "http://support.apple.com/kb/HT4334", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4334" + }, + { + "name": "http://support.apple.com/kb/HT4276", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4276" + }, + { + "name": "ADV-2011-0212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0212" + }, + { + "name": "oval:org.mitre.oval:def:11802", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11802" + }, + { + "name": "APPLE-SA-2010-07-28-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" + }, + { + "name": "SUSE-SR:2011:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" + }, + { + "name": "42314", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42314" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + }, + { + "name": "42020", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/42020" + }, + { + "name": "http://support.apple.com/kb/HT4456", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4456" + }, + { + "name": "APPLE-SA-2010-11-22-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4713.json b/2010/4xxx/CVE-2010-4713.json index 55e70e664b5..e0f7d32235b 100644 --- a/2010/4xxx/CVE-2010-4713.json +++ b/2010/4xxx/CVE-2010-4713.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-10-241/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-10-241/" - }, - { - "name" : "http://www.facebook.com/note.php?note_id=477865030928", - "refsource" : "CONFIRM", - "url" : "http://www.facebook.com/note.php?note_id=477865030928" - }, - { - "name" : "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=642338", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=642338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=642338", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=642338" + }, + { + "name": "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-10-241/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-10-241/" + }, + { + "name": "http://www.facebook.com/note.php?note_id=477865030928", + "refsource": "CONFIRM", + "url": "http://www.facebook.com/note.php?note_id=477865030928" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5211.json b/2010/5xxx/CVE-2010-5211.json index 5c4be90340b..c93e8a854ff 100644 --- a/2010/5xxx/CVE-2010-5211.json +++ b/2010/5xxx/CVE-2010-5211.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking", - "refsource" : "MISC", - "url" : "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking" - }, - { - "name" : "41415", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41415" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking", + "refsource": "MISC", + "url": "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking" + }, + { + "name": "41415", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41415" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5286.json b/2010/5xxx/CVE-2010-5286.json index 8e42bab6065..9080f3635c0 100644 --- a/2010/5xxx/CVE-2010-5286.json +++ b/2010/5xxx/CVE-2010-5286.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5286", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt" - }, - { - "name" : "44053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44053" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44053" + }, + { + "name": "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0524.json b/2014/0xxx/CVE-2014-0524.json index b7ee3755b7d..cb01edb053a 100644 --- a/2014/0xxx/CVE-2014-0524.json +++ b/2014/0xxx/CVE-2014-0524.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0524", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0524", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://helpx.adobe.com/security/products/reader/apsb14-15.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0865.json b/2014/0xxx/CVE-2014-0865.json index 933e8867ca8..86481cf9e83 100644 --- a/2014/0xxx/CVE-2014-0865.json +++ b/2014/0xxx/CVE-2014-0865.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0865", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0865", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532598/100/0/threaded" - }, - { - "name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Jun/173" - }, - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881" - }, - { - "name" : "59296", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59296" - }, - { - "name" : "ibm-aclm-cve20140865-sec-bypass(90939)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90939" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-aclm-cve20140865-sec-bypass(90939)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90939" + }, + { + "name": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html" + }, + { + "name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532598/100/0/threaded" + }, + { + "name": "59296", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59296" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881" + }, + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt" + }, + { + "name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Jun/173" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1342.json b/2014/1xxx/CVE-2014-1342.json index 70aa56c7b26..0d445e7b552 100644 --- a/2014/1xxx/CVE-2014-1342.json +++ b/2014/1xxx/CVE-2014-1342.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT6254", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6254" - }, - { - "name" : "https://support.apple.com/kb/HT6537", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6537" - }, - { - "name" : "APPLE-SA-2014-05-21-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" - }, - { - "name" : "APPLE-SA-2014-06-30-3", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html" - }, - { - "name" : "APPLE-SA-2014-06-30-4", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" - }, - { - "name" : "67553", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/kb/HT6537", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6537" + }, + { + "name": "APPLE-SA-2014-06-30-4", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" + }, + { + "name": "http://support.apple.com/kb/HT6254", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6254" + }, + { + "name": "APPLE-SA-2014-06-30-3", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html" + }, + { + "name": "67553", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67553" + }, + { + "name": "APPLE-SA-2014-05-21-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1504.json b/2014/1xxx/CVE-2014-1504.json index ef2c9cd8b4f..bbb6a2b47aa 100644 --- a/2014/1xxx/CVE-2014-1504.json +++ b/2014/1xxx/CVE-2014-1504.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911547", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911547" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "SUSE-SU-2014:0418", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html" - }, - { - "name" : "openSUSE-SU-2014:0419", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" - }, - { - "name" : "openSUSE-SU-2014:0448", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html" - }, - { - "name" : "openSUSE-SU-2014:0584", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "SUSE-SU-2014:0418", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2014:0419", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" + }, + { + "name": "openSUSE-SU-2014:0584", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911547", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911547" + }, + { + "name": "openSUSE-SU-2014:0448", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1938.json b/2014/1xxx/CVE-2014-1938.json index e2885597b90..d75a77521d2 100644 --- a/2014/1xxx/CVE-2014-1938.json +++ b/2014/1xxx/CVE-2014-1938.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1938", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1938", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1994.json b/2014/1xxx/CVE-2014-1994.json index 1beb93bdd57..0bf815067c3 100644 --- a/2014/1xxx/CVE-2014-1994.json +++ b/2014/1xxx/CVE-2014-1994.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-1994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cs.cybozu.co.jp/information/gr20140714up04.php", - "refsource" : "CONFIRM", - "url" : "http://cs.cybozu.co.jp/information/gr20140714up04.php" - }, - { - "name" : "JVN#80583739", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN80583739/index.html" - }, - { - "name" : "JVNDB-2014-000076", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000076" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#80583739", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN80583739/index.html" + }, + { + "name": "http://cs.cybozu.co.jp/information/gr20140714up04.php", + "refsource": "CONFIRM", + "url": "http://cs.cybozu.co.jp/information/gr20140714up04.php" + }, + { + "name": "JVNDB-2014-000076", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000076" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4339.json b/2014/4xxx/CVE-2014-4339.json index a21c0c97529..7f5abc6e75a 100644 --- a/2014/4xxx/CVE-2014-4339.json +++ b/2014/4xxx/CVE-2014-4339.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4339", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4339", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4348.json b/2014/4xxx/CVE-2014-4348.json index d8f76e8035c..174c50f63da 100644 --- a/2014/4xxx/CVE-2014-4348.json +++ b/2014/4xxx/CVE-2014-4348.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php", - "refsource" : "CONFIRM", - "url" : "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838" - }, - { - "name" : "68201", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838" + }, + { + "name": "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php", + "refsource": "CONFIRM", + "url": "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e" + }, + { + "name": "68201", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68201" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4973.json b/2014/4xxx/CVE-2014-4973.json index 70e4b7ac963..993262f4c31 100644 --- a/2014/4xxx/CVE-2014-4973.json +++ b/2014/4xxx/CVE-2014-4973.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140820 CVE-2014-4973 - Privilege Escalation in ESET Windows Products", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Aug/52" - }, - { - "name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/", - "refsource" : "MISC", - "url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/", + "refsource": "MISC", + "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/" + }, + { + "name": "20140820 CVE-2014-4973 - Privilege Escalation in ESET Windows Products", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Aug/52" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5163.json b/2014/5xxx/CVE-2014-5163.json index 562de7cbb7c..9da6b9e2c6e 100644 --- a/2014/5xxx/CVE-2014-5163.json +++ b/2014/5xxx/CVE-2014-5163.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5163", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5163", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2014-09.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2014-09.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9" - }, - { - "name" : "DSA-3002", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3002" - }, - { - "name" : "SUSE-SU-2014:1221", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html" - }, - { - "name" : "openSUSE-SU-2014:1038", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html" - }, - { - "name" : "openSUSE-SU-2014:1249", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html" - }, - { - "name" : "57593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216" + }, + { + "name": "openSUSE-SU-2014:1249", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519" + }, + { + "name": "SUSE-SU-2014:1221", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html" + }, + { + "name": "DSA-3002", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3002" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2014-09.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2014-09.html" + }, + { + "name": "openSUSE-SU-2014:1038", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html" + }, + { + "name": "57593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57593" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5332.json b/2014/5xxx/CVE-2014-5332.json index a940fdb2bd8..f38362e6a6d 100644 --- a/2014/5xxx/CVE-2014-5332.json +++ b/2014/5xxx/CVE-2014-5332.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5332", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-5332", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html", - "refsource" : "MISC", - "url" : "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html" - }, - { - "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/3618", - "refsource" : "CONFIRM", - "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/3618" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html", + "refsource": "MISC", + "url": "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html" + }, + { + "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/3618", + "refsource": "CONFIRM", + "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3618" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3338.json b/2016/3xxx/CVE-2016-3338.json index 8ee7fad109e..e8db1697f72 100644 --- a/2016/3xxx/CVE-2016-3338.json +++ b/2016/3xxx/CVE-2016-3338.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka \"Windows Common Log File System Driver Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-134", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134" - }, - { - "name" : "94014", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94014" - }, - { - "name" : "1037252", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037252" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka \"Windows Common Log File System Driver Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037252", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037252" + }, + { + "name": "MS16-134", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134" + }, + { + "name": "94014", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94014" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3964.json b/2016/3xxx/CVE-2016-3964.json index 38593f7fcfe..31eb4f5673a 100644 --- a/2016/3xxx/CVE-2016-3964.json +++ b/2016/3xxx/CVE-2016-3964.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3964", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3964", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7379.json b/2016/7xxx/CVE-2016-7379.json index eb43b6da68a..830ccafd54f 100644 --- a/2016/7xxx/CVE-2016-7379.json +++ b/2016/7xxx/CVE-2016-7379.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7379", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7379", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7866.json b/2016/7xxx/CVE-2016-7866.json index 588ed3a105b..fd129372430 100644 --- a/2016/7xxx/CVE-2016-7866.json +++ b/2016/7xxx/CVE-2016-7866.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2016-7866", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Animate 15.2.1.95 and earlier", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Animate 15.2.1.95 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-7866", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Animate 15.2.1.95 and earlier", + "version": { + "version_data": [ + { + "version_value": "Adobe Animate 15.2.1.95 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539923/100/0/threaded" - }, - { - "name" : "40915", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40915/" - }, - { - "name" : "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Dec/45" - }, - { - "name" : "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt", - "refsource" : "MISC", - "url" : "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html" - }, - { - "name" : "https://helpx.adobe.com/security/products/animate/apsb16-38.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/animate/apsb16-38.html" - }, - { - "name" : "94872", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt", + "refsource": "MISC", + "url": "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt" + }, + { + "name": "94872", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94872" + }, + { + "name": "40915", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40915/" + }, + { + "name": "https://helpx.adobe.com/security/products/animate/apsb16-38.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/animate/apsb16-38.html" + }, + { + "name": "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html" + }, + { + "name": "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539923/100/0/threaded" + }, + { + "name": "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Dec/45" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8071.json b/2016/8xxx/CVE-2016-8071.json index 345e6a2c5a0..ea65e40979b 100644 --- a/2016/8xxx/CVE-2016-8071.json +++ b/2016/8xxx/CVE-2016-8071.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8071", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8071", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8120.json b/2016/8xxx/CVE-2016-8120.json index fd281ebdf98..068df33517f 100644 --- a/2016/8xxx/CVE-2016-8120.json +++ b/2016/8xxx/CVE-2016-8120.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8120", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8120", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8542.json b/2016/8xxx/CVE-2016-8542.json index 32f8b1c61d6..2fc2e56a33a 100644 --- a/2016/8xxx/CVE-2016-8542.json +++ b/2016/8xxx/CVE-2016-8542.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8542", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8542", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8814.json b/2016/8xxx/CVE-2016-8814.json index 7c2ff775f82..bd32c4d5dfd 100644 --- a/2016/8xxx/CVE-2016-8814.json +++ b/2016/8xxx/CVE-2016-8814.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@nvidia.com", - "ID" : "CVE-2016-8814", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Quadro, NVS, GeForce, GRID and Tesla", - "version" : { - "version_data" : [ - { - "version_value" : "All" - } - ] - } - } - ] - }, - "vendor_name" : "Nvidia Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", + "ID": "CVE-2016-8814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Quadro, NVS, GeForce, GRID and Tesla", + "version": { + "version_data": [ + { + "version_value": "All" + } + ] + } + } + ] + }, + "vendor_name": "Nvidia Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4257", - "refsource" : "CONFIRM", - "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4257" - }, - { - "name" : "95054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95054" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95054" + }, + { + "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4257", + "refsource": "CONFIRM", + "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4257" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8865.json b/2016/8xxx/CVE-2016-8865.json index 86648a44432..aae85563959 100644 --- a/2016/8xxx/CVE-2016-8865.json +++ b/2016/8xxx/CVE-2016-8865.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8865", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8865", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8892.json b/2016/8xxx/CVE-2016-8892.json index 21fca3d940f..94ef0f837f2 100644 --- a/2016/8xxx/CVE-2016-8892.json +++ b/2016/8xxx/CVE-2016-8892.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8892", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8892", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9024.json b/2016/9xxx/CVE-2016-9024.json index 272cd3a0afe..3982fa4dfe9 100644 --- a/2016/9xxx/CVE-2016-9024.json +++ b/2016/9xxx/CVE-2016-9024.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9024", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9024", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9451.json b/2016/9xxx/CVE-2016-9451.json index af4996e899c..3b07bbc549c 100644 --- a/2016/9xxx/CVE-2016-9451.json +++ b/2016/9xxx/CVE-2016-9451.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/SA-CORE-2016-005", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/SA-CORE-2016-005" - }, - { - "name" : "DSA-3718", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3718" - }, - { - "name" : "94367", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94367" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3718", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3718" + }, + { + "name": "94367", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94367" + }, + { + "name": "https://www.drupal.org/SA-CORE-2016-005", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/SA-CORE-2016-005" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2064.json b/2019/2xxx/CVE-2019-2064.json index ea39a657bb4..bb5e058e409 100644 --- a/2019/2xxx/CVE-2019-2064.json +++ b/2019/2xxx/CVE-2019-2064.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2064", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2064", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2597.json b/2019/2xxx/CVE-2019-2597.json index ab22fef6325..da6a17ac30e 100644 --- a/2019/2xxx/CVE-2019-2597.json +++ b/2019/2xxx/CVE-2019-2597.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2597", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2597", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2837.json b/2019/2xxx/CVE-2019-2837.json index d050c6d7583..8a0e2efe9cf 100644 --- a/2019/2xxx/CVE-2019-2837.json +++ b/2019/2xxx/CVE-2019-2837.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2837", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2837", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6682.json b/2019/6xxx/CVE-2019-6682.json index 22d45205224..851c1b0e820 100644 --- a/2019/6xxx/CVE-2019-6682.json +++ b/2019/6xxx/CVE-2019-6682.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6682", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6682", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file