admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:50:17 +00:00
parent 6577e1a12d
commit 87eaefe46f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 4215 additions and 4215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
1999/1xxx/CVE-1999-1072.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1072", "ID": "CVE-1999-1072",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19981130 Security bugs in Excite for Web Servers 1.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=91248445931140&w=2" "lang": "eng",
} "value": "Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981130 Security bugs in Excite for Web Servers 1.1",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=91248445931140&w=2"
}
]
}
} }

138
1999/1xxx/CVE-1999-1209.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1209", "ID": "CVE-1999-1209",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19971204 scoterm exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=88131151000069&w=2" "lang": "eng",
}, "value": "Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges."
{ }
"name" : "VB-97.14", ]
"refsource" : "CERT", },
"url" : "http://www.cert.org/vendor_bulletins/VB-97.14.scoterm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "sco-scoterm(690)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/690" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VB-97.14",
"refsource": "CERT",
"url": "http://www.cert.org/vendor_bulletins/VB-97.14.scoterm"
},
{
"name": "19971204 scoterm exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=88131151000069&w=2"
},
{
"name": "sco-scoterm(690)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/690"
}
]
}
} }

138
2000/0xxx/CVE-2000-0997.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0997", "ID": "CVE-2000-0997",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch", "description_data": [
"refsource" : "MISC", {
"url" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch" "lang": "eng",
}, "value": "Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges."
{ }
"name" : "1752", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1752" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "bsd-eeprom-format(5337)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-eeprom-format(5337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337"
},
{
"name": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch",
"refsource": "MISC",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"name": "1752",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1752"
}
]
}
} }

148
2000/1xxx/CVE-2000-1115.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1115", "ID": "CVE-2000-1115",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001122 602Pro Lan Suite Web Admin Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0299.html" "lang": "eng",
}, "value": "Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request."
{ }
"name" : "http://www.software602.com/products/ls/support/newbuild.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.software602.com/products/ls/support/newbuild.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1979", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1979" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "software602-lan-suite-bo(5583)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5583" ]
} },
] "references": {
} "reference_data": [
{
"name": "software602-lan-suite-bo(5583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5583"
},
{
"name": "1979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1979"
},
{
"name": "20001122 602Pro Lan Suite Web Admin Overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0299.html"
},
{
"name": "http://www.software602.com/products/ls/support/newbuild.html",
"refsource": "CONFIRM",
"url": "http://www.software602.com/products/ls/support/newbuild.html"
}
]
}
} }

128
2000/1xxx/CVE-2000-1218.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1218", "ID": "CVE-2000-1218",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#458659", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/458659" "lang": "eng",
}, "value": "The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache."
{ }
"name" : "win2k-dns-resolver(4280)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4280" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "win2k-dns-resolver(4280)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4280"
},
{
"name": "VU#458659",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/458659"
}
]
}
} }

148
2005/2xxx/CVE-2005-2080.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2080", "ID": "CVE-2005-2080",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://seer.support.veritas.com/docs/276608.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://seer.support.veritas.com/docs/276608.htm" "lang": "eng",
}, "value": "Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server."
{ }
"name" : "http://seer.support.veritas.com/docs/277429.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://seer.support.veritas.com/docs/277429.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14026", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14026" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15789", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15789" ]
} },
] "references": {
} "reference_data": [
{
"name": "14026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14026"
},
{
"name": "http://seer.support.veritas.com/docs/277429.htm",
"refsource": "CONFIRM",
"url": "http://seer.support.veritas.com/docs/277429.htm"
},
{
"name": "http://seer.support.veritas.com/docs/276608.htm",
"refsource": "CONFIRM",
"url": "http://seer.support.veritas.com/docs/276608.htm"
},
{
"name": "15789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15789"
}
]
}
} }

148
2005/2xxx/CVE-2005-2105.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2105", "ID": "CVE-2005-2105",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050629 RADIUS Authentication Bypass", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml" "lang": "eng",
}, "value": "Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username."
{ }
"name" : "oval:org.mitre.oval:def:5756", ]
"refsource" : "OVAL", },
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5756" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014330", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/alerts/2005/Jun/1014330.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "radius-authentication-bypass(21190)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21190" ]
} },
] "references": {
} "reference_data": [
{
"name": "20050629 RADIUS Authentication Bypass",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml"
},
{
"name": "1014330",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2005/Jun/1014330.html"
},
{
"name": "oval:org.mitre.oval:def:5756",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5756"
},
{
"name": "radius-authentication-bypass(21190)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21190"
}
]
}
} }

238
2005/2xxx/CVE-2005-2124.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2005-2124", "ID": "CVE-2005-2124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to \"An unchecked buffer\" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka \"Windows Metafile Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.eeye.com/html/research/advisories/AD20051108b.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.eeye.com/html/research/advisories/AD20051108b.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to \"An unchecked buffer\" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka \"Windows Metafile Vulnerability.\""
{ }
"name" : "http://www.eeye.com/html/research/advisories/AD20051108a.html", ]
"refsource" : "MISC", },
"url" : "http://www.eeye.com/html/research/advisories/AD20051108a.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MS05-053", ]
"refsource" : "MS", }
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053" ]
}, },
{ "references": {
"name" : "TA05-312A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-312A.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf"
"name" : "VU#433341", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/433341" "name": "17461",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17461"
"name" : "15356", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15356" "name": "http://www.eeye.com/html/research/advisories/AD20051108a.html",
}, "refsource": "MISC",
{ "url": "http://www.eeye.com/html/research/advisories/AD20051108a.html"
"name" : "ADV-2005-2348", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2348" "name": "161",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/161"
"name" : "1015168", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015168" "name": "ADV-2005-2348",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2348"
"name" : "17498", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17498" "name": "1015168",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015168"
"name" : "17461", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17461" "name": "TA05-312A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA05-312A.html"
"name" : "17223", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17223" "name": "17223",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17223"
"name" : "161", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/161" "name": "17498",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17498"
} },
{
"name": "MS05-053",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053"
},
{
"name": "15356",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15356"
},
{
"name": "http://www.eeye.com/html/research/advisories/AD20051108b.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/advisories/AD20051108b.html"
},
{
"name": "VU#433341",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/433341"
}
]
}
} }

128
2005/2xxx/CVE-2005-2248.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2248", "ID": "CVE-2005-2248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in DownloadProtect before 1.0.3 allows remote attackers to read files above the download folder."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14211", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14211" "lang": "eng",
}, "value": "Directory traversal vulnerability in DownloadProtect before 1.0.3 allows remote attackers to read files above the download folder."
{ }
"name" : "16003", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/16003" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14211",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14211"
},
{
"name": "16003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16003"
}
]
}
} }

498
2005/2xxx/CVE-2005-2495.json
View File

@ -1,252 +1,252 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-2495", "ID": "CVE-2005-2495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf" "lang": "eng",
}, "value": "Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image."
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-816", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-816" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FLSA:168264-2", ]
"refsource" : "FEDORA", }
"url" : "http://www.securityfocus.com/archive/1/427045/100/0/threaded" ]
}, },
{ "references": {
"name" : "FEDORA-2005-893", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/advisories/9285" "name": "17258",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17258"
"name" : "FEDORA-2005-894", },
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/advisories/9286" "name": "USN-182-1",
}, "refsource": "UBUNTU",
{ "url": "https://www.ubuntu.com/usn/usn-182-1/"
"name" : "GLSA-200509-07", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200509-07.xml" "name": "1014887",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1014887"
"name" : "HPSBUX02137", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/442163/100/0/threaded" "name": "17044",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17044"
"name" : "SSRT051024", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/442163/100/0/threaded" "name": "20060403-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
"name" : "MDKSA-2005:164", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:164" "name": "HPSBUX02137",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/442163/100/0/threaded"
"name" : "RHSA-2005:501", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-501.html" "name": "oval:org.mitre.oval:def:998",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A998"
"name" : "RHSA-2005:329", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-329.html" "name": "21318",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21318"
"name" : "RHSA-2005:396", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-396.html" "name": "GLSA-200509-07",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-07.xml"
"name" : "SCOSA-2006.22", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.22/SCOSA-2006.22.txt" "name": "17278",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17278"
"name" : "20060403-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" "name": "RHSA-2005:329",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-329.html"
"name" : "101953", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101953-1" "name": "2005-0049",
}, "refsource": "TRUSTIX",
{ "url": "http://marc.info/?l=bugtraq&m=112690609622266&w=2"
"name" : "101926", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101926-1" "name": "14807",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14807"
"name" : "SUSE-SA:2005:056", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_56_xserver.html" "name": "SCOSA-2006.22",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.22/SCOSA-2006.22.txt"
"name" : "SUSE-SR:2005:023", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_23_sr.html" "name": "oval:org.mitre.oval:def:9615",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9615"
"name" : "2005-0049", },
"refsource" : "TRUSTIX", {
"url" : "http://marc.info/?l=bugtraq&m=112690609622266&w=2" "name": "SSRT051024",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/442163/100/0/threaded"
"name" : "USN-182-1", },
"refsource" : "UBUNTU", {
"url" : "https://www.ubuntu.com/usn/usn-182-1/" "name": "ADV-2006-3140",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3140"
"name" : "VU#102441", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/102441" "name": "oval:org.mitre.oval:def:1044",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1044"
"name" : "14807", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14807" "name": "FEDORA-2005-894",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/advisories/9286"
"name" : "oval:org.mitre.oval:def:9615", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9615" "name": "MDKSA-2005:164",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:164"
"name" : "ADV-2006-3140", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3140" "name": "RHSA-2005:501",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-501.html"
"name" : "19352", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19352" "name": "VU#102441",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/102441"
"name" : "oval:org.mitre.oval:def:1044", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1044" "name": "19624",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19624"
"name" : "oval:org.mitre.oval:def:998", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A998" "name": "101953",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101953-1"
"name" : "1014887", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014887" "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf"
"name" : "17044", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17044" "name": "FEDORA-2005-893",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/advisories/9285"
"name" : "17258", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17258" "name": "RHSA-2005:396",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-396.html"
"name" : "17278", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17278" "name": "SUSE-SA:2005:056",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_56_xserver.html"
"name" : "17215", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17215" "name": "101926",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101926-1"
"name" : "21318", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21318" "name": "FLSA:168264-2",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/427045/100/0/threaded"
"name" : "16777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16777" "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf"
"name" : "16790", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16790" "name": "16790",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16790"
"name" : "19624", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19624" "name": "16777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16777"
"name" : "19796", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19796" "name": "19352",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/19352"
"name" : "xorg-pixmap-bo(22244)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22244" "name": "19796",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19796"
} },
{
"name": "xorg-pixmap-bo(22244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22244"
},
{
"name": "17215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17215"
},
{
"name": "DSA-816",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-816"
},
{
"name": "SUSE-SR:2005:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_23_sr.html"
}
]
}
} }

148
2005/3xxx/CVE-2005-3045.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3045", "ID": "CVE-2005-3045",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050922 My Little Forum 1.5 / 1.6beta SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112741430006983&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field."
{ }
"name" : "http://rgod.altervista.org/mylittle15_16b.html", ]
"refsource" : "MISC", },
"url" : "http://rgod.altervista.org/mylittle15_16b.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14908", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14908" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16913", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16913/" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://rgod.altervista.org/mylittle15_16b.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/mylittle15_16b.html"
},
{
"name": "16913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16913/"
},
{
"name": "14908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14908"
},
{
"name": "20050922 My Little Forum 1.5 / 1.6beta SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112741430006983&w=2"
}
]
}
} }

448
2005/3xxx/CVE-2005-3389.json
View File

@ -1,227 +1,227 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3389", "ID": "CVE-2005-3389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str()", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/415291" "lang": "eng",
}, "value": "The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected."
{ }
"name" : "http://www.hardened-php.net/advisory_192005.78.html", ]
"refsource" : "MISC", },
"url" : "http://www.hardened-php.net/advisory_192005.78.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.php.net/release_4_4_1.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/release_4_4_1.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm" ]
}, },
{ "references": {
"name" : "FLSA:166943", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html" "name": "15249",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15249"
"name" : "GLSA-200511-08", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml" "name": "21252",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21252"
"name" : "HPSBMA02159", },
"refsource" : "HP", {
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522" "name": "22691",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22691"
"name" : "SSRT061238", },
"refsource" : "HP", {
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522" "name": "134",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/134"
"name" : "MDKSA-2005:213", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213" "name": "MDKSA-2005:213",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
"name" : "OpenPKG-SA-2005.027", },
"refsource" : "OPENPKG", {
"url" : "http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html" "name": "RHSA-2005:831",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-831.html"
"name" : "RHSA-2005:831", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-831.html" "name": "TLSA-2006-38",
}, "refsource": "TURBO",
{ "url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
"name" : "RHSA-2005:838", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-838.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm"
"name" : "RHSA-2006:0549", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0549.html" "name": "18198",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18198"
"name" : "SUSE-SA:2005:069", },
"refsource" : "SUSE", {
"url" : "http://www.securityfocus.com/archive/1/419504/100/0/threaded" "name": "SSRT061238",
}, "refsource": "HP",
{ "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
"name" : "SUSE-SR:2005:027", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_27_sr.html" "name": "HPSBMA02159",
}, "refsource": "HP",
{ "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
"name" : "TLSA-2006-38", },
"refsource" : "TURBO", {
"url" : "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt" "name": "18054",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18054"
"name" : "USN-232-1", },
"refsource" : "UBUNTU", {
"url" : "https://www.ubuntu.com/usn/usn-232-1/" "name": "ADV-2005-2254",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2254"
"name" : "15249", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15249" "name": "20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str()",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/415291"
"name" : "oval:org.mitre.oval:def:11481", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481" "name": "1015131",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015131"
"name" : "ADV-2005-2254", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2254" "name": "http://www.hardened-php.net/advisory_192005.78.html",
}, "refsource": "MISC",
{ "url": "http://www.hardened-php.net/advisory_192005.78.html"
"name" : "ADV-2006-4320", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4320" "name": "17559",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17559"
"name" : "1015131", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015131" "name": "FLSA:166943",
}, "refsource": "FEDORA",
{ "url": "http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html"
"name" : "17371", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17371" "name": "17371",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17371"
"name" : "18054", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18054" "name": "ADV-2006-4320",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4320"
"name" : "18198", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18198" "name": "RHSA-2006:0549",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
"name" : "17559", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17559" "name": "17490",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17490"
"name" : "17490", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17490" "name": "SUSE-SA:2005:069",
}, "refsource": "SUSE",
{ "url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
"name" : "17510", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17510" "name": "oval:org.mitre.oval:def:11481",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481"
"name" : "17531", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17531" "name": "http://www.php.net/release_4_4_1.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/release_4_4_1.php"
"name" : "17557", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17557" "name": "17510",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17510"
"name" : "18669", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18669" "name": "17531",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17531"
"name" : "21252", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21252" "name": "OpenPKG-SA-2005.027",
}, "refsource": "OPENPKG",
{ "url": "http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html"
"name" : "22691", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22691" "name": "18669",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18669"
"name" : "134", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/134" "name": "17557",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17557"
} },
{
"name": "GLSA-200511-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"name": "USN-232-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
},
{
"name": "RHSA-2005:838",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-838.html"
},
{
"name": "SUSE-SR:2005:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
}
]
}
} }

158
2005/3xxx/CVE-2005-3456.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3456", "ID": "CVE-2005-3456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Object Library, and (2) APPS17, (3) APPS18, and (4) APPS21 in Workflow Cartridge."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Object Library, and (2) APPS17, (3) APPS18, and (4) APPS21 in Workflow Cartridge."
{ }
"name" : "TA05-292A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-292A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#210524", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/210524" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15134", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15134" ]
}, },
{ "references": {
"name" : "17250", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17250" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html"
} },
{
"name": "TA05-292A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-292A.html"
},
{
"name": "15134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15134"
},
{
"name": "VU#210524",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/210524"
},
{
"name": "17250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17250"
}
]
}
} }

158
2005/3xxx/CVE-2005-3785.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3785", "ID": "CVE-2005-3785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix) before 0.5.0_pre2 allows local users to overwrite arbitrary files via a symlink attack on the exi.X.sync temporary file, which is processed by the diff-eix program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=112061", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=112061" "lang": "eng",
}, "value": "Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix) before 0.5.0_pre2 allows local users to overwrite arbitrary files via a symlink attack on the exi.X.sync temporary file, which is processed by the diff-eix program."
{ }
"name" : "GLSA-200511-19", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200511-19.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2539", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2539" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15541", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15541" ]
}, },
{ "references": {
"name" : "17699", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17699" "name": "17699",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17699"
} },
{
"name": "GLSA-200511-19",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-19.xml"
},
{
"name": "ADV-2005-2539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2539"
},
{
"name": "15541",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15541"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=112061",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=112061"
}
]
}
} }

188
2005/3xxx/CVE-2005-3831.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3831", "ID": "CVE-2005-3831",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051124 Secunia Research: SpeedProject Products ZIP/UUE File ExtractionBuffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/417588/30/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename."
{ }
"name" : "http://secunia.com/secunia_research/2005-60/advisory", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2005-60/advisory" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2570", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2570" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21073", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21073" ]
}, },
{ "references": {
"name" : "1015265", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015265" "name": "http://secunia.com/secunia_research/2005-60/advisory",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2005-60/advisory"
"name" : "1015266", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015266" "name": "1015265",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015265"
"name" : "1015267", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015267" "name": "ADV-2005-2570",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2570"
"name" : "17420", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17420" "name": "1015267",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1015267"
} },
{
"name": "20051124 Secunia Research: SpeedProject Products ZIP/UUE File ExtractionBuffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/417588/30/0/threaded"
},
{
"name": "21073",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21073"
},
{
"name": "17420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17420"
},
{
"name": "1015266",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015266"
}
]
}
} }

168
2005/4xxx/CVE-2005-4392.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4392", "ID": "CVE-2005-4392",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in printer_friendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/e-publish-cms-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/e-publish-cms-vuln.html" "lang": "eng",
}, "value": "SQL injection vulnerability in printer_friendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
{ }
"name" : "15964", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15964" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2983", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2983" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21881", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21881" ]
}, },
{ "references": {
"name" : "18140", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18140" "name": "epublish-printerfriendly-sql-injection(23827)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23827"
"name" : "epublish-printerfriendly-sql-injection(23827)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23827" "name": "18140",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18140"
} },
{
"name": "ADV-2005-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2983"
},
{
"name": "http://pridels0.blogspot.com/2005/12/e-publish-cms-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/e-publish-cms-vuln.html"
},
{
"name": "21881",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21881"
},
{
"name": "15964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15964"
}
]
}
} }

128
2005/4xxx/CVE-2005-4446.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4446", "ID": "CVE-2005-4446",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.asp in ASPBite 8.x allows remote attackers to inject arbitrary web script or HTML via the strSearch parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15991", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15991" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.asp in ASPBite 8.x allows remote attackers to inject arbitrary web script or HTML via the strSearch parameter."
{ }
"name" : "18132", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/18132" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15991"
},
{
"name": "18132",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18132"
}
]
}
} }

148
2005/4xxx/CVE-2005-4673.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4673", "ID": "CVE-2005-4673",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists, which allows remote attackers to enumerate valid usernames."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.critical.lt/?vulnerabilities/119", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.critical.lt/?vulnerabilities/119" "lang": "eng",
}, "value": "ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists, which allows remote attackers to enumerate valid usernames."
{ }
"name" : "http://www.security.nnov.ru/Kdocument79.html", ]
"refsource" : "MISC", },
"url" : "http://www.security.nnov.ru/Kdocument79.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15253", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15253" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22709", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/22709" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.security.nnov.ru/Kdocument79.html",
"refsource": "MISC",
"url": "http://www.security.nnov.ru/Kdocument79.html"
},
{
"name": "15253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15253"
},
{
"name": "22709",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22709"
},
{
"name": "http://www.critical.lt/?vulnerabilities/119",
"refsource": "MISC",
"url": "http://www.critical.lt/?vulnerabilities/119"
}
]
}
} }

148
2009/2xxx/CVE-2009-2085.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2085", "ID": "CVE-2009-2085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote attackers to bypass intended CSIv2 access restrictions via vectors involving Enterprise JavaBeans (EJB)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27007951", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27007951" "lang": "eng",
}, "value": "The Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote attackers to bypass intended CSIv2 access restrictions via vectors involving Enterprise JavaBeans (EJB)."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27014463", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27014463" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PK83097", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK83097" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "was-csiv2-security-bypass(52076)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52076" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27007951",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007951"
},
{
"name": "was-csiv2-security-bypass(52076)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52076"
},
{
"name": "PK83097",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK83097"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463"
}
]
}
} }

148
2009/2xxx/CVE-2009-2382.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2382", "ID": "CVE-2009-2382",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to bypass authentication and gain administrative access by setting the PHPMYBCAdmin cookie to LOGGEDIN."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9053", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9053" "lang": "eng",
}, "value": "admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to bypass authentication and gain administrative access by setting the PHPMYBCAdmin cookie to LOGGEDIN."
{ }
"name" : "55505", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/55505" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35660", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35660" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpmyblockchecker-phpmybcadmin-auth-bypass(51445)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51445" ]
} },
] "references": {
} "reference_data": [
{
"name": "phpmyblockchecker-phpmybcadmin-auth-bypass(51445)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51445"
},
{
"name": "9053",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9053"
},
{
"name": "55505",
"refsource": "OSVDB",
"url": "http://osvdb.org/55505"
},
{
"name": "35660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35660"
}
]
}
} }

138
2009/2xxx/CVE-2009-2517.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-2517", "ID": "CVE-2009-2517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka \"Windows Kernel Exception Handler Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS09-058", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-058" "lang": "eng",
}, "value": "The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka \"Windows Kernel Exception Handler Vulnerability.\""
{ }
"name" : "TA09-286A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:6512", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6512" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "MS09-058",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-058"
},
{
"name": "oval:org.mitre.oval:def:6512",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6512"
},
{
"name": "TA09-286A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
}
]
}
} }

178
2009/2xxx/CVE-2009-2620.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2620", "ID": "CVE-2009-2620",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9295", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9295" "lang": "eng",
}, "value": "src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference."
{ }
"name" : "http://www.coresecurity.com/content/firebird-sql-dos", ]
"refsource" : "MISC", },
"url" : "http://www.coresecurity.com/content/firebird-sql-dos" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://tracker.firebirdsql.org/browse/CORE-2563", "description": [
"refsource" : "CONFIRM", {
"url" : "http://tracker.firebirdsql.org/browse/CORE-2563" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=514463", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=514463" ]
}, },
{ "references": {
"name" : "FEDORA-2009-8317", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01341.html" "name": "35842",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/35842"
"name" : "FEDORA-2009-8340", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01370.html" "name": "FEDORA-2009-8317",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01341.html"
"name" : "35842", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35842" "name": "http://www.coresecurity.com/content/firebird-sql-dos",
} "refsource": "MISC",
] "url": "http://www.coresecurity.com/content/firebird-sql-dos"
} },
{
"name": "9295",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9295"
},
{
"name": "FEDORA-2009-8340",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01370.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=514463",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=514463"
},
{
"name": "http://tracker.firebirdsql.org/browse/CORE-2563",
"refsource": "CONFIRM",
"url": "http://tracker.firebirdsql.org/browse/CORE-2563"
}
]
}
} }

138
2009/2xxx/CVE-2009-2779.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2779", "ID": "CVE-2009-2779",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0907-exploits/ajmatrixdna-sql.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0907-exploits/ajmatrixdna-sql.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action."
{ }
"name" : "56639", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/56639" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36095", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36095" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "36095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36095"
},
{
"name": "56639",
"refsource": "OSVDB",
"url": "http://osvdb.org/56639"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/ajmatrixdna-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/ajmatrixdna-sql.txt"
}
]
}
} }

158
2009/2xxx/CVE-2009-2931.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2931", "ID": "CVE-2009-2931",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090806 [CSS09-01] SlideShowPro Director File Disclosure Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/505534/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter."
{ }
"name" : "http://www.clearskies.net/documents/css-advisory-css09001-sspdirector.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.clearskies.net/documents/css-advisory-css09001-sspdirector.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://slideshowpro.net/news/archive/2009/07/director-139-fi.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://slideshowpro.net/news/archive/2009/07/director-139-fi.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "56825", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/56825" ]
}, },
{ "references": {
"name" : "36197", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36197" "name": "56825",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/56825"
} },
{
"name": "36197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36197"
},
{
"name": "20090806 [CSS09-01] SlideShowPro Director File Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505534/100/0/threaded"
},
{
"name": "http://slideshowpro.net/news/archive/2009/07/director-139-fi.php",
"refsource": "CONFIRM",
"url": "http://slideshowpro.net/news/archive/2009/07/director-139-fi.php"
},
{
"name": "http://www.clearskies.net/documents/css-advisory-css09001-sspdirector.pdf",
"refsource": "MISC",
"url": "http://www.clearskies.net/documents/css-advisory-css09001-sspdirector.pdf"
}
]
}
} }

128
2009/2xxx/CVE-2009-2961.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2961", "ID": "CVE-2009-2961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9467", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9467" "lang": "eng",
}, "value": "Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file."
{ }
"name" : "kolplayer-mp3-bo(52629)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52629" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9467",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9467"
},
{
"name": "kolplayer-mp3-bo(52629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52629"
}
]
}
} }

158
2009/3xxx/CVE-2009-3166.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3166", "ID": "CVE-2009-3166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.bugzilla.org/security/3.0.8/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.bugzilla.org/security/3.0.8/" "lang": "eng",
}, "value": "token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=508189", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=508189" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36372", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36372" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1022902", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1022902" ]
}, },
{ "references": {
"name" : "36718", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36718" "name": "http://www.bugzilla.org/security/3.0.8/",
} "refsource": "CONFIRM",
] "url": "http://www.bugzilla.org/security/3.0.8/"
} },
{
"name": "1022902",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022902"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=508189",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=508189"
},
{
"name": "36372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36372"
},
{
"name": "36718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36718"
}
]
}
} }

158
2009/3xxx/CVE-2009-3527.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3527", "ID": "CVE-2009-3527",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090913 Re: [Full-disclosure] FreeBSD <= 6.1 kqueue() NULL pointer dereference", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/506449" "lang": "eng",
}, "value": "Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption."
{ }
"name" : "FreeBSD-SA-09:13", ]
"refsource" : "FREEBSD", },
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-09:13.pipe.asc" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36375", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36375" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "58544", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/58544" ]
}, },
{ "references": {
"name" : "1022982", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022982" "name": "1022982",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1022982"
} },
{
"name": "FreeBSD-SA-09:13",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-09:13.pipe.asc"
},
{
"name": "58544",
"refsource": "OSVDB",
"url": "http://osvdb.org/58544"
},
{
"name": "20090913 Re: [Full-disclosure] FreeBSD <= 6.1 kqueue() NULL pointer dereference",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506449"
},
{
"name": "36375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36375"
}
]
}
} }

248
2009/3xxx/CVE-2009-3678.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-3678", "ID": "CVE-2009-3678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using \"Browse with Irfanview\" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka \"Canonical Display Driver Integer Overflow Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys", "description_data": [
"refsource" : "MISC", {
"url" : "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys" "lang": "eng",
}, "value": "Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using \"Browse with Irfanview\" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka \"Canonical Display Driver Integer Overflow Vulnerability.\""
{ }
"name" : "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html", ]
"refsource" : "MISC", },
"url" : "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://isc.sans.org/diary.html?storyid=8809", "description": [
"refsource" : "MISC", {
"url" : "http://isc.sans.org/diary.html?storyid=8809" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx", ]
"refsource" : "CONFIRM", }
"url" : "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx" ]
}, },
{ "references": {
"name" : "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx" "name": "http://www.microsoft.com/technet/security/advisory/2028859.mspx",
}, "refsource": "CONFIRM",
{ "url": "http://www.microsoft.com/technet/security/advisory/2028859.mspx"
"name" : "http://www.microsoft.com/technet/security/advisory/2028859.mspx", },
"refsource" : "CONFIRM", {
"url" : "http://www.microsoft.com/technet/security/advisory/2028859.mspx" "name": "http://isc.sans.org/diary.html?storyid=8809",
}, "refsource": "MISC",
{ "url": "http://isc.sans.org/diary.html?storyid=8809"
"name" : "MS10-043", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043" "name": "64731",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/64731"
"name" : "TA10-194A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-194A.html" "name": "oval:org.mitre.oval:def:7195",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195"
"name" : "40237", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40237" "name": "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys",
}, "refsource": "MISC",
{ "url": "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys"
"name" : "64731", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/64731" "name": "MS10-043",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043"
"name" : "oval:org.mitre.oval:def:7195", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195" "name": "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx",
}, "refsource": "CONFIRM",
{ "url": "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx"
"name" : "39577", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39577" "name": "ms-win-irfanview-dos(58622)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58622"
"name" : "ADV-2010-1178", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1178" "name": "TA10-194A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA10-194A.html"
"name" : "ms-win-irfanview-dos(58622)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58622" "name": "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx",
} "refsource": "CONFIRM",
] "url": "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx"
} },
{
"name": "39577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39577"
},
{
"name": "40237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40237"
},
{
"name": "ADV-2010-1178",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1178"
},
{
"name": "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html",
"refsource": "MISC",
"url": "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html"
}
]
}
} }

128
2009/3xxx/CVE-2009-3974.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3974", "ID": "CVE-2009-3974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parameter to admin/applications/core/modules_public/global/lostpass.php. NOTE: on 20090818, the vendor patched 3.0.2 without changing the version number."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forums.invisionpower.com/topic/291103-invision-power-board-3-0-2-security-update/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://forums.invisionpower.com/topic/291103-invision-power-board-3-0-2-security-update/" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parameter to admin/applications/core/modules_public/global/lostpass.php. NOTE: on 20090818, the vendor patched 3.0.2 without changing the version number."
{ }
"name" : "ADV-2009-2413", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2009/2413" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.invisionpower.com/topic/291103-invision-power-board-3-0-2-security-update/",
"refsource": "CONFIRM",
"url": "http://forums.invisionpower.com/topic/291103-invision-power-board-3-0-2-security-update/"
},
{
"name": "ADV-2009-2413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2413"
}
]
}
} }

188
2009/4xxx/CVE-2009-4111.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4111", "ID": "CVE-2009-4111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerability than CVE-2009-4023."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20091123 CVE request: Argument injections in multiple PEAR packages", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/11/23/8" "lang": "eng",
}, "value": "Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerability than CVE-2009-4023."
{ }
"name" : "[oss-security] 20091128 Re: CVE request: Argument injections in multiple PEAR packages", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2009/11/28/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://pear.php.net/bugs/bug.php?id=16200", "description": [
"refsource" : "MISC", {
"url" : "http://pear.php.net/bugs/bug.php?id=16200" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=294256", ]
"refsource" : "MISC", }
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=294256" ]
}, },
{ "references": {
"name" : "DSA-1938", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1938" "name": "SUSE-SR:2010:020",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
"name" : "SUSE-SR:2010:020", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html" "name": "37458",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37458"
"name" : "37395", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37395" "name": "[oss-security] 20091123 CVE request: Argument injections in multiple PEAR packages",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2009/11/23/8"
"name" : "37458", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37458" "name": "http://pear.php.net/bugs/bug.php?id=16200",
} "refsource": "MISC",
] "url": "http://pear.php.net/bugs/bug.php?id=16200"
} },
{
"name": "DSA-1938",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1938"
},
{
"name": "[oss-security] 20091128 Re: CVE request: Argument injections in multiple PEAR packages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/28/2"
},
{
"name": "37395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37395"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=294256",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=294256"
}
]
}
} }

118
2009/4xxx/CVE-2009-4708.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4708", "ID": "CVE-2009-4708",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/" "lang": "eng",
} "value": "SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/"
}
]
}
} }

138
2009/4xxx/CVE-2009-4710.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4710", "ID": "CVE-2009-4710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/" "lang": "eng",
}, "value": "SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "35876", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35876" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36084", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36084" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "35876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35876"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/"
},
{
"name": "36084",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36084"
}
]
}
} }

148
2015/0xxx/CVE-2015-0538.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-0538", "ID": "CVE-2015-0538",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150504 ESA-2015-084: EMC AutoStart Packet Injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/May/25" "lang": "eng",
}, "value": "ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets."
{ }
"name" : "http://packetstormsecurity.com/files/131749/EMC-AutoStart-5.4.3-5.5.0-Packet-Injection.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/131749/EMC-AutoStart-5.4.3-5.5.0-Packet-Injection.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#581276", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/581276" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032237", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032237" ]
} },
] "references": {
} "reference_data": [
{
"name": "1032237",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032237"
},
{
"name": "http://packetstormsecurity.com/files/131749/EMC-AutoStart-5.4.3-5.5.0-Packet-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131749/EMC-AutoStart-5.4.3-5.5.0-Packet-Injection.html"
},
{
"name": "20150504 ESA-2015-084: EMC AutoStart Packet Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/May/25"
},
{
"name": "VU#581276",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/581276"
}
]
}
} }

128
2015/0xxx/CVE-2015-0584.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0584", "ID": "CVE-2015-0584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150219 Cisco Collaboration Desk Experience Endpoints Command Injection Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0584" "lang": "eng",
}, "value": "The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947."
{ }
"name" : "72696", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/72696" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "72696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72696"
},
{
"name": "20150219 Cisco Collaboration Desk Experience Endpoints Command Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0584"
}
]
}
} }

32
2015/0xxx/CVE-2015-0630.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-0630", "ID": "CVE-2015-0630",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2015/0xxx/CVE-2015-0709.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0709", "ID": "CVE-2015-0709",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a denial of service (device crash) by leveraging knowledge of the RADIUS secret and sending crafted RADIUS packets, aka Bug ID CSCur21348."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150428 Cisco IOS Software and Cisco IOS XE Software Crafted RADIUS Packet Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38544" "lang": "eng",
}, "value": "Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a denial of service (device crash) by leveraging knowledge of the RADIUS secret and sending crafted RADIUS packets, aka Bug ID CSCur21348."
{ }
"name" : "1032211", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032211" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032211",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032211"
},
{
"name": "20150428 Cisco IOS Software and Cisco IOS XE Software Crafted RADIUS Packet Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38544"
}
]
}
} }

158
2015/0xxx/CVE-2015-0853.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2015-0853", "ID": "CVE-2015-0853",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the \"Command Shell\" menu item while in the directory trunk/$(xeyes)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150913 CVE-2015-0853: insecure use of os.system() in svn-workbench", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/09/13/3" "lang": "eng",
}, "value": "svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the \"Command Shell\" menu item while in the directory trunk/$(xeyes)."
{ }
"name" : "http://pysvn.tigris.org/issues/show_bug.cgi?id=202", ]
"refsource" : "MISC", },
"url" : "http://pysvn.tigris.org/issues/show_bug.cgi?id=202" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798863", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798863" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.launchpad.net/ubuntu/+source/svn-workbench/+bug/1495268", ]
"refsource" : "MISC", }
"url" : "https://bugs.launchpad.net/ubuntu/+source/svn-workbench/+bug/1495268" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1262928", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1262928" "name": "http://pysvn.tigris.org/issues/show_bug.cgi?id=202",
} "refsource": "MISC",
] "url": "http://pysvn.tigris.org/issues/show_bug.cgi?id=202"
} },
{
"name": "https://bugs.launchpad.net/ubuntu/+source/svn-workbench/+bug/1495268",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/svn-workbench/+bug/1495268"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262928",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262928"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798863",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798863"
},
{
"name": "[oss-security] 20150913 CVE-2015-0853: insecure use of os.system() in svn-workbench",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/13/3"
}
]
}
} }

148
2015/1xxx/CVE-2015-1139.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-1139", "ID": "CVE-2015-1139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT204659", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT204659" "lang": "eng",
}, "value": "ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file."
{ }
"name" : "APPLE-SA-2015-04-08-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73982", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73982" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032048", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032048" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name": "73982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73982"
},
{
"name": "1032048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032048"
},
{
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
}
]
}
} }

198
2015/1xxx/CVE-2015-1294.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2015-1294", "ID": "CVE-2015-1294",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering the use of matrix elements that lead to an infinite result during an inversion calculation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering the use of matrix elements that lead to an infinite result during an inversion calculation."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=492263", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=492263" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://codereview.chromium.org/1188433011/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://codereview.chromium.org/1188433011/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3351", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3351" ]
}, },
{ "references": {
"name" : "GLSA-201603-09", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-09" "name": "openSUSE-SU-2015:1873",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html"
"name" : "RHSA-2015:1712", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1712.html" "name": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html"
"name" : "openSUSE-SU-2015:1873", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html" "name": "RHSA-2015:1712",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1712.html"
"name" : "openSUSE-SU-2015:1586", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html" "name": "1033472",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033472"
"name" : "1033472", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033472" "name": "openSUSE-SU-2015:1586",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html"
} },
{
"name": "https://code.google.com/p/chromium/issues/detail?id=492263",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=492263"
},
{
"name": "DSA-3351",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3351"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "https://codereview.chromium.org/1188433011/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1188433011/"
}
]
}
} }

168
2015/1xxx/CVE-2015-1730.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-1730", "ID": "CVE-2015-1730",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150701 Microsoft Internet Explorer \"JavascriptStackWalker\" Invalid Pointer Reference Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1099" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
{ }
"name" : "40881", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/40881/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blog.skylined.nl/20161206001.html", "description": [
"refsource" : "MISC", {
"url" : "http://blog.skylined.nl/20161206001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/140050/Microsoft-Internet-Explorer-9-jscript9-JavaScriptStackWalker-Memory-Corruption.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/140050/Microsoft-Internet-Explorer-9-jscript9-JavaScriptStackWalker-Memory-Corruption.html" ]
}, },
{ "references": {
"name" : "MS15-056", "reference_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056" "name": "MS15-056",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056"
"name" : "1032521", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032521" "name": "40881",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/40881/"
} },
{
"name": "http://blog.skylined.nl/20161206001.html",
"refsource": "MISC",
"url": "http://blog.skylined.nl/20161206001.html"
},
{
"name": "20150701 Microsoft Internet Explorer \"JavascriptStackWalker\" Invalid Pointer Reference Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1099"
},
{
"name": "http://packetstormsecurity.com/files/140050/Microsoft-Internet-Explorer-9-jscript9-JavaScriptStackWalker-Memory-Corruption.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140050/Microsoft-Internet-Explorer-9-jscript9-JavaScriptStackWalker-Memory-Corruption.html"
},
{
"name": "1032521",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032521"
}
]
}
} }

128
2015/1xxx/CVE-2015-1895.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1895", "ID": "CVE-2015-1895",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on client-side code to verify authorization, which allows remote attackers to bypass intended access restrictions by modifying the client behavior."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21700768", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21700768" "lang": "eng",
}, "value": "IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on client-side code to verify authorization, which allows remote attackers to bypass intended access restrictions by modifying the client behavior."
{ }
"name" : "74442", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74442" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74442"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21700768",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700768"
}
]
}
} }

32
2015/4xxx/CVE-2015-4055.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4055", "ID": "CVE-2015-4055",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2015/4xxx/CVE-2015-4438.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-4438", "ID": "CVE-2015-4438",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086."
{ }
"name" : "75737", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75737" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032892", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032892" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1032892",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032892"
},
{
"name": "https://helpx.adobe.com/security/products/reader/apsb15-15.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
},
{
"name": "75737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75737"
}
]
}
} }

32
2015/4xxx/CVE-2015-4968.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-4968", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-4968",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
} }
] ]
} }
} }

128
2015/5xxx/CVE-2015-5409.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2015-5409", "ID": "CVE-2015-5409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04765115", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04765115" "lang": "eng",
}, "value": "Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors."
{ }
"name" : "1033378", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033378" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033378",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033378"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04765115",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04765115"
}
]
}
} }

32
2018/2xxx/CVE-2018-2085.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2085", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2085",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

32
2018/2xxx/CVE-2018-2240.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2240", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2240",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

32
2018/3xxx/CVE-2018-3306.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3306", "ID": "CVE-2018-3306",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/3xxx/CVE-2018-3498.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3498", "ID": "CVE-2018-3498",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2018/3xxx/CVE-2018-3616.json
View File

@ -1,88 +1,88 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2018-09-11T00:00:00", "DATE_PUBLIC": "2018-09-11T00:00:00",
"ID" : "CVE-2018-3616", "ID": "CVE-2018-3616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel(R) Active Management Technology", "product_name": "Intel(R) Active Management Technology",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions before 12.0.5." "version_value": "Versions before 12.0.5."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service, Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05" "lang": "eng",
}, "value": "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network."
{ }
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us" "lang": "eng",
}, "value": "Denial of Service, Information Disclosure"
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180924-0003/", ]
"refsource" : "CONFIRM", }
"url" : "https://security.netapp.com/advisory/ntap-20180924-0003/" ]
}, },
{ "references": {
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf" "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
}, "refsource": "CONFIRM",
{ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
"name" : "106996", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106996" "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
} "refsource": "MISC",
] "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
} },
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
},
{
"name": "106996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106996"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
}
]
}
} }

118
2018/6xxx/CVE-2018-6011.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6011", "ID": "CVE-2018-6011",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a \"Use of Password Hash Instead of Password for Authentication\" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger" "lang": "eng",
} "value": "The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a \"Use of Password Hash Instead of Password for Authentication\" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger",
"refsource": "MISC",
"url": "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger"
}
]
}
} }

128
2018/6xxx/CVE-2018-6017.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6017", "ID": "CVE-2018-6017",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.checkmarx.com/2018/01/23/tinder-someone-may-watching-swipe-2/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.checkmarx.com/2018/01/23/tinder-someone-may-watching-swipe-2/" "lang": "eng",
}, "value": "Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic."
{ }
"name" : "https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/", ]
"refsource" : "MISC", },
"url" : "https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/",
"refsource": "MISC",
"url": "https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/"
},
{
"name": "https://www.checkmarx.com/2018/01/23/tinder-someone-may-watching-swipe-2/",
"refsource": "MISC",
"url": "https://www.checkmarx.com/2018/01/23/tinder-someone-may-watching-swipe-2/"
}
]
}
} }

118
2018/6xxx/CVE-2018-6354.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6354", "ID": "CVE-2018-6354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS related to the _next parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/formspree/formspree/commit/5f18eeaaa459bee9a58f70cdf7c46adb1ef34ea7", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/formspree/formspree/commit/5f18eeaaa459bee9a58f70cdf7c46adb1ef34ea7" "lang": "eng",
} "value": "templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS related to the _next parameter."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/formspree/formspree/commit/5f18eeaaa459bee9a58f70cdf7c46adb1ef34ea7",
"refsource": "MISC",
"url": "https://github.com/formspree/formspree/commit/5f18eeaaa459bee9a58f70cdf7c46adb1ef34ea7"
}
]
}
} }

32
2018/6xxx/CVE-2018-6726.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6726", "ID": "CVE-2018-6726",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/7xxx/CVE-2018-7008.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-7008", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-7008",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

148
2018/7xxx/CVE-2018-7327.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7327", "ID": "CVE-2018-7327",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420" "lang": "eng",
}, "value": "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths."
{ }
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe", ]
"refsource" : "CONFIRM", },
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.wireshark.org/security/wnpa-sec-2018-06.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.wireshark.org/security/wnpa-sec-2018-06.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "103158", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/103158" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://www.wireshark.org/security/wnpa-sec-2018-06.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-06.html"
},
{
"name": "103158",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103158"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe"
}
]
}
} }

32
2018/7xxx/CVE-2018-7388.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7388", "ID": "CVE-2018-7388",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/7xxx/CVE-2018-7913.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-7913", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-7913",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }
} }

228
2018/8xxx/CVE-2018-8229.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8229", "ID": "CVE-2018-8229",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 for 32-bit Systems" "version_value": "Windows 10 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 for x64-based Systems" "version_value": "Windows 10 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1607 for 32-bit Systems" "version_value": "Windows 10 Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1607 for x64-based Systems" "version_value": "Windows 10 Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for 32-bit Systems" "version_value": "Windows 10 Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for x64-based Systems" "version_value": "Windows 10 Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for 32-bit Systems" "version_value": "Windows 10 Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for x64-based Systems" "version_value": "Windows 10 Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for 32-bit Systems" "version_value": "Windows 10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for x64-based Systems" "version_value": "Windows 10 Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Windows Server 2016" "version_value": "Windows Server 2016"
} }
] ]
} }
}, },
{ {
"product_name" : "ChakraCore", "product_name": "ChakraCore",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ChakraCore" "version_value": "ChakraCore"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "45013", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/45013/" "lang": "eng",
}, "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104369", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104369" "lang": "eng",
}, "value": "Remote Code Execution"
{ }
"name" : "1041097", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1041097" ]
} },
] "references": {
} "reference_data": [
{
"name": "104369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104369"
},
{
"name": "45013",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45013/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229"
},
{
"name": "1041097",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041097"
}
]
}
} }

32
2018/8xxx/CVE-2018-8402.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8402", "ID": "CVE-2018-8402",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }