From 872160e3b3543ca8bd29b53dcce8e190bc2223ef Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 19 Jun 2018 09:04:33 -0400 Subject: [PATCH] - Synchronized data. --- 2018/11xxx/CVE-2018-11701.json | 48 +++++++++++- 2018/11xxx/CVE-2018-11702.json | 48 +++++++++++- 2018/11xxx/CVE-2018-11703.json | 48 +++++++++++- 2018/11xxx/CVE-2018-11704.json | 48 +++++++++++- 2018/11xxx/CVE-2018-11705.json | 48 +++++++++++- 2018/11xxx/CVE-2018-11706.json | 48 +++++++++++- 2018/11xxx/CVE-2018-11707.json | 48 +++++++++++- 2018/12xxx/CVE-2018-12574.json | 18 +++++ 2018/12xxx/CVE-2018-12575.json | 18 +++++ 2018/12xxx/CVE-2018-12576.json | 18 +++++ 2018/12xxx/CVE-2018-12577.json | 18 +++++ 2018/1xxx/CVE-2018-1117.json | 135 +++++++++++++++++---------------- 2018/8xxx/CVE-2018-8030.json | 2 + 13 files changed, 465 insertions(+), 80 deletions(-) create mode 100644 2018/12xxx/CVE-2018-12574.json create mode 100644 2018/12xxx/CVE-2018-12575.json create mode 100644 2018/12xxx/CVE-2018-12576.json create mode 100644 2018/12xxx/CVE-2018-12577.json diff --git a/2018/11xxx/CVE-2018-11701.json b/2018/11xxx/CVE-2018-11701.json index 43705a6017c..d0d0bc2a9b5 100644 --- a/2018/11xxx/CVE-2018-11701.json +++ b/2018/11xxx/CVE-2018-11701.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11701", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11701", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11701" } ] } diff --git a/2018/11xxx/CVE-2018-11702.json b/2018/11xxx/CVE-2018-11702.json index b4ae46db9e4..5aa51f374f0 100644 --- a/2018/11xxx/CVE-2018-11702.json +++ b/2018/11xxx/CVE-2018-11702.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11702", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11702", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11702" } ] } diff --git a/2018/11xxx/CVE-2018-11703.json b/2018/11xxx/CVE-2018-11703.json index 1c8af9fdc11..983d07a5466 100644 --- a/2018/11xxx/CVE-2018-11703.json +++ b/2018/11xxx/CVE-2018-11703.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11703", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703" } ] } diff --git a/2018/11xxx/CVE-2018-11704.json b/2018/11xxx/CVE-2018-11704.json index f2cec8c0350..00366a620e2 100644 --- a/2018/11xxx/CVE-2018-11704.json +++ b/2018/11xxx/CVE-2018-11704.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11704", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11704", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11704" } ] } diff --git a/2018/11xxx/CVE-2018-11705.json b/2018/11xxx/CVE-2018-11705.json index 9df72b89512..127b19a9061 100644 --- a/2018/11xxx/CVE-2018-11705.json +++ b/2018/11xxx/CVE-2018-11705.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11705", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11705", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11705" } ] } diff --git a/2018/11xxx/CVE-2018-11706.json b/2018/11xxx/CVE-2018-11706.json index 0b0cf7b80a1..4f0bbc00d39 100644 --- a/2018/11xxx/CVE-2018-11706.json +++ b/2018/11xxx/CVE-2018-11706.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11706", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11706", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11706" } ] } diff --git a/2018/11xxx/CVE-2018-11707.json b/2018/11xxx/CVE-2018-11707.json index b90f06a0d1a..38de23ed9f6 100644 --- a/2018/11xxx/CVE-2018-11707.json +++ b/2018/11xxx/CVE-2018-11707.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-11707", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11707", + "refsource" : "MISC", + "url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11707" } ] } diff --git a/2018/12xxx/CVE-2018-12574.json b/2018/12xxx/CVE-2018-12574.json new file mode 100644 index 00000000000..d3a610d6866 --- /dev/null +++ b/2018/12xxx/CVE-2018-12574.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12574", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12575.json b/2018/12xxx/CVE-2018-12575.json new file mode 100644 index 00000000000..daca62f3bf4 --- /dev/null +++ b/2018/12xxx/CVE-2018-12575.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12575", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12576.json b/2018/12xxx/CVE-2018-12576.json new file mode 100644 index 00000000000..d1b7a217e8b --- /dev/null +++ b/2018/12xxx/CVE-2018-12576.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12576", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/12xxx/CVE-2018-12577.json b/2018/12xxx/CVE-2018-12577.json new file mode 100644 index 00000000000..52cd0d22081 --- /dev/null +++ b/2018/12xxx/CVE-2018-12577.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-12577", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1117.json b/2018/1xxx/CVE-2018-1117.json index 4d6098ff5ca..0e9dac76893 100644 --- a/2018/1xxx/CVE-2018-1117.json +++ b/2018/1xxx/CVE-2018-1117.json @@ -1,69 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2018-1117", - "ASSIGNER": "sfowler@redhat.com" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "[UNKNOWN]", - "product": { - "product_data": [ - { - "product_name": "ovirt-ansible-roles", - "version": { - "version_data": [ - { - "version_value": "ovirt-ansible-roles 1.0.6" - } - ] - } - } - ] - } - } + "CVE_data_meta" : { + "ASSIGNER" : "sfowler@redhat.com", + "ID" : "CVE-2018-1117", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "ovirt-ansible-roles", + "version" : { + "version_data" : [ + { + "version_value" : "ovirt-ansible-roles 1.0.6" + } + ] + } + } + ] + }, + "vendor_name" : "[UNKNOWN]" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation." + } + ] + }, + "impact" : { + "cvss" : [ + [ + { + "vectorString" : "5.0/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "version" : "3.0" + } + ] + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-532" + } ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-532" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation." - } - ] - }, - "impact": { - "cvss": [ - [ - { - "vectorString": "5.0/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", - "version": "3.0" - } - ] - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1117" + } + ] + } } diff --git a/2018/8xxx/CVE-2018-8030.json b/2018/8xxx/CVE-2018-8030.json index b7be9fb5dd8..0415e651a2d 100644 --- a/2018/8xxx/CVE-2018-8030.json +++ b/2018/8xxx/CVE-2018-8030.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages", + "refsource" : "MLIST", "url" : "https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876@%3Cusers.qpid.apache.org%3E" } ]