admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 17:02:24 +00:00
parent 94a26380c4
commit 8814f0787c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
14 changed files with 2389 additions and 1351 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
2008/0xxx/CVE-2008-0884.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-0884",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp-lspp-eal4-config-hp packages before 0.65-2 in Red Hat Enterprise Linux (RHEL) 5 uses lstat instead of stat to determine the /etc/pam.d/system-auth file permissions, leading to a change to world-writable permissions for the /etc/pam.d/system-auth-ac file, which allows local users to gain privileges by modifying this file."
"value": "CVE-2008-0884 system-auth-ac is world-writable"
}
]
},
@ -44,43 +21,103 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2008:0193",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0193.html"
"url": "http://rhn.redhat.com/errata/RHSA-2008-0193.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2008-0193.html"
},
{
"name": "1019740",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019740"
"url": "http://secunia.com/advisories/29642",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29642"
},
{
"name": "28557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28557"
"url": "http://securitytracker.com/id?1019740",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1019740"
},
{
"name": "29642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29642"
"url": "http://www.securityfocus.com/bid/28557",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/28557"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=435442",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=435442"
"url": "https://access.redhat.com/errata/RHSA-2008:0193",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0193"
},
{
"name": "redhat-lsppeal4config-insecure-permissions(41584)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41584"
"url": "https://access.redhat.com/security/cve/CVE-2008-0884",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-0884"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=435442",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=435442"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41584",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41584"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

124
2008/0xxx/CVE-2008-0889.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-0889",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script."
"value": "CVE-2008-0889 directory server: insecure permissions on fedora/redhat-idm-console"
}
]
},
@ -44,33 +21,98 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Directory Server 8 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:1.0.0-17.el5idm",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1019677",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019677"
"url": "http://secunia.com/advisories/29482",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29482"
},
{
"name": "RHSA-2008:0191",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0191.html"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0191.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0191.html"
},
{
"name": "29482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29482"
"url": "http://www.securityfocus.com/bid/28327",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/28327"
},
{
"name": "28327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28327"
"url": "http://www.securitytracker.com/id?1019677",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1019677"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:0191",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0191"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-0889",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-0889"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=436107",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=436107"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

432
2009/1xxx/CVE-2009-1890.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-1890",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests."
"value": "CVE-2009-1890 httpd: mod_proxy reverse proxy DoS (infinite loop)"
}
]
},
@ -44,263 +21,360 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "JBEWS 1.0 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:2.2.10-23.1.ep5.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.3-22.el5_3.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.10-10.ep5.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2009-8812",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html"
"url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
},
{
"name": "SUSE-SA:2009:050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "PK99480",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480"
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "55553",
"refsource": "OSVDB",
"url": "http://osvdb.org/55553"
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "PK91259",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259"
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "oval:org.mitre.oval:def:12330",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330"
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "MDVSA-2009:149",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:149"
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "RHSA-2009:1156",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1156.html"
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "35865",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35865"
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "1022509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022509"
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "37152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37152"
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
},
{
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?revision=790587",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?revision=790587"
"url": "http://secunia.com/advisories/37152",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37152"
},
{
"name": "35691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35691"
"url": "http://secunia.com/advisories/37221",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37221"
},
{
"name": "http://svn.apache.org/viewvc?view=rev&revision=790587",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=rev&revision=790587"
"url": "http://support.apple.com/kb/HT3937",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3937"
},
{
"name": "20091112 rPSA-2009-0142-1 httpd mod_ssl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507852/100/0/threaded"
"url": "http://www.vupen.com/english/advisories/2009/3184",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "35565",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35565"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "DSA-1834",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1834"
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "20091113 rPSA-2009-0142-2 httpd mod_ssl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507857/100/0/threaded"
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "HPSBUX02612",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
"url": "https://access.redhat.com/errata/RHSA-2009:1160",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1160"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "oval:org.mitre.oval:def:9403",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403"
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587"
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "GLSA-200907-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200907-04.xml"
"url": "http://secunia.com/advisories/35721",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35721"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0142",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0142"
"url": "http://security.gentoo.org/glsa/glsa-200907-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200907-04.xml"
},
{
"name": "RHSA-2009:1148",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1148.html"
"url": "http://secunia.com/advisories/35793",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35793"
},
{
"name": "oval:org.mitre.oval:def:8616",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616"
"url": "http://secunia.com/advisories/35865",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35865"
},
{
"name": "USN-802-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-802-1"
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0142",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0142"
},
{
"name": "37221",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37221"
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
"url": "http://www.debian.org/security/2009/dsa-1834",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1834"
},
{
"name": "SSRT100345",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:149",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:149"
},
{
"name": "35793",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35793"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1156.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1156.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
"url": "http://www.securityfocus.com/archive/1/507857/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/507857/100/0/threaded"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"url": "http://www.ubuntu.com/usn/USN-802-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-802-1"
},
{
"name": "35721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35721"
"url": "https://access.redhat.com/errata/RHSA-2009:1148",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1148"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
"url": "https://access.redhat.com/errata/RHSA-2009:1155",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1155"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
"url": "https://access.redhat.com/errata/RHSA-2009:1156",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1156"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1148.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1148.html"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.securityfocus.com/archive/1/507852/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/507852/100/0/threaded"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
"url": "http://osvdb.org/55553",
"refsource": "MISC",
"name": "http://osvdb.org/55553"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/",
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E"
"url": "http://secunia.com/advisories/35691",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35691"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?revision=790587",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?revision=790587"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc?view=rev&revision=790587",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=rev&revision=790587"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E"
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.securityfocus.com/bid/35565",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/35565"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.securitytracker.com/id?1022509",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1022509"
},
{
"refsource": "MLIST",
"name": "[mina-users] 20210714 CWE-189 CWE-189 Numeric Errors: CVE-2009-1890 in Apache Mina SSHD SFTP 2.7.0 library",
"url": "https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e@%3Cusers.mina.apache.org%3E"
"url": "https://access.redhat.com/security/cve/CVE-2009-1890",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-1890"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=509375",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=509375"
},
{
"url": "https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e%40%3Cusers.mina.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e%40%3Cusers.mina.apache.org%3E"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

224
2009/1xxx/CVE-2009-1894.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-1894",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink."
"value": "CVE-2009-1894 pulseaudio: privilege escalation flaw via pulseaudio re-exec"
}
]
},
@ -44,93 +21,148 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Privilege Dropping / Lowering Errors",
"cweId": "CWE-271"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "35868",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35868"
},
{
"name": "MDVSA-2009:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:171"
},
{
"name": "http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html",
"url": "http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html",
"refsource": "MISC",
"url": "http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html"
"name": "http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html"
},
{
"name": "pulseaudio-suid-privilege-escalation(51804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51804"
},
{
"name": "http://www.akitasecurity.nl/advisory.php?id=AK20090602",
"url": "http://secunia.com/advisories/35868",
"refsource": "MISC",
"url": "http://www.akitasecurity.nl/advisory.php?id=AK20090602"
"name": "http://secunia.com/advisories/35868"
},
{
"name": "MDVSA-2009:152",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:152"
},
{
"name": "35886",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35886"
},
{
"name": "35721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35721"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=510071",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510071"
},
{
"name": "20090717 PulseAudio local race condition privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505052/100/0/threaded"
},
{
"name": "https://admin.fedoraproject.org/updates/pulseaudio-0.9.10-1.el5.2",
"refsource": "CONFIRM",
"url": "https://admin.fedoraproject.org/updates/pulseaudio-0.9.10-1.el5.2"
},
{
"name": "DSA-1838",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1838"
},
{
"name": "35896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35896"
},
{
"name": "http://taviso.decsystem.org/research.html",
"url": "http://secunia.com/advisories/35886",
"refsource": "MISC",
"url": "http://taviso.decsystem.org/research.html"
"name": "http://secunia.com/advisories/35886"
},
{
"name": "GLSA-200907-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200907-13.xml"
"url": "http://secunia.com/advisories/35896",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35896"
},
{
"name": "USN-804-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-804-1"
"url": "http://security.gentoo.org/glsa/glsa-200907-13.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200907-13.xml"
},
{
"url": "http://taviso.decsystem.org/research.html",
"refsource": "MISC",
"name": "http://taviso.decsystem.org/research.html"
},
{
"url": "http://www.akitasecurity.nl/advisory.php?id=AK20090602",
"refsource": "MISC",
"name": "http://www.akitasecurity.nl/advisory.php?id=AK20090602"
},
{
"url": "http://www.debian.org/security/2009/dsa-1838",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1838"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:152",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:152"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:171",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:171"
},
{
"url": "http://www.securityfocus.com/archive/1/505052/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/505052/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/35721",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/35721"
},
{
"url": "http://www.ubuntu.com/usn/usn-804-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-804-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-1894",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-1894"
},
{
"url": "https://admin.fedoraproject.org/updates/pulseaudio-0.9.10-1.el5.2",
"refsource": "MISC",
"name": "https://admin.fedoraproject.org/updates/pulseaudio-0.9.10-1.el5.2"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510071",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=510071"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51804",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51804"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

607
2009/2xxx/CVE-2009-2405.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-2405",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML via the (1) monitorName, (2) objectName, (3) attribute, or (4) period parameter to createSnapshot.jsp, or the (5) monitorName, (6) objectName, (7) attribute, (8) threshold, (9) period, or (10) enabled parameter to createThresholdMonitor.jsp. NOTE: some of these details are obtained from third party information."
"value": "CVE-2009-2405 JBoss Application Server Web Console XSS"
}
]
},
@ -44,88 +21,540 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "JBEAP 4.2.0 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:1.4.2-0jpp.ep1.5.el4",
"version_affected": "!"
},
{
"version_value": "0:1.2_13-2.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.3.1-1.11.GA_CP02.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.3.2-2.5.GA_CP01.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1jpp.ep1.9.el4",
"version_affected": "!"
},
{
"version_value": "0:1.1-9.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-3.CP04.2.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:4.2.0-5.GA_CP08.5.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-0jpp.ep1.3.el4",
"version_affected": "!"
},
{
"version_value": "0:2.2.3-3.SP1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1.ep1.22.el4",
"version_affected": "!"
},
{
"version_value": "1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-6.CP12.0jpp.ep1.2.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.16-1.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.13-2.3.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "1:2.4.7-1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.2-1jpp.patch01.ep1.4.el4",
"version_affected": "!"
},
{
"version_value": "0:4.2.0-6.GA_CP08.ep1.3.el4",
"version_affected": "!"
},
{
"version_value": "0:2.7.1-9jpp.4.patch_02.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-1.3.patch01.ep1.2.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "JBEAP 4.2.0 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:1.2_13-2.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5",
"version_affected": "!"
},
{
"version_value": "0:3.3.1-1.11GA_CP02.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:3.3.2-2.5.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1jpp.ep1.9.1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-3.CP04.2.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:4.2.0-5.GA_CP08.5.2.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-0jpp.ep1.3.el5.1",
"version_affected": "!"
},
{
"version_value": "0:2.2.3-3.SP1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1.ep1.14.el5",
"version_affected": "!"
},
{
"version_value": "1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-6.CP12.0jpp.ep1.2.el5",
"version_affected": "!"
},
{
"version_value": "0:1.0.16-1.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.0.13-2.3.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "1:2.4.7-1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.5.2-1jpp.patch01.ep1.4.1.el5",
"version_affected": "!"
},
{
"version_value": "0:4.2.0-6.GA_CP08.ep1.3.el5",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-1.3.patch01.ep1.2.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:1.4.2-0jpp.ep1.5.el4",
"version_affected": "!"
},
{
"version_value": "0:2.1.4-1.12.patch03.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.2_13-2.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.3.1-1.11.GA_CP02.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.3.2-2.5.GA_CP01.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1jpp.ep1.9.el4",
"version_affected": "!"
},
{
"version_value": "0:1.1-9.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-3.CP04.2.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:4.3.0-6.GA_CP07.4.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-0jpp.ep1.3.el4",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-3.SP3_CP09.4.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:2.2.3-3.SP1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4",
"version_affected": "!"
},
{
"version_value": "0:2.0.2.FP-1.ep1.21.el4",
"version_affected": "!"
},
{
"version_value": "1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-6.CP12.0jpp.ep1.2.el4",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-4.SP2_CP07.2.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.GA_CP05.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-1.GA_CP05.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.16-1.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.13-2.3.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "1:2.4.7-1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.2-1jpp.patch01.ep1.4.el4",
"version_affected": "!"
},
{
"version_value": "0:4.3.0-6.GA_CP07.ep1.3.el4",
"version_affected": "!"
},
{
"version_value": "0:2.7.1-9jpp.4.patch_02.1.ep1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-1.3.patch01.ep1.2.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:2.1.4-1.12.patch03.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.2_13-2.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5",
"version_affected": "!"
},
{
"version_value": "0:3.3.1-1.11GA_CP02.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:3.3.2-2.5.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1jpp.ep1.9.1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-3.CP04.2.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:4.3.0-6.GA_CP07.4.2.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-0jpp.ep1.3.el5.1",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-3.SP3_CP09.4.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.2.3-3.SP1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1",
"version_affected": "!"
},
{
"version_value": "0:2.0.2.FP-1.ep1.18.el5",
"version_affected": "!"
},
{
"version_value": "1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-6.CP12.0jpp.ep1.2.el5",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-4.SP2_CP07.2.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.GA_CP05.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-1.GA_CP05.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.0.16-1.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.0.13-2.3.1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "1:2.4.7-1.ep1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.5.2-1jpp.patch01.ep1.4.1.el5",
"version_affected": "!"
},
{
"version_value": "0:4.3.0-6.GA_CP07.ep1.3.el5",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-1.3.patch01.ep1.2.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jira.jboss.org/jira/browse/JBAS-7105",
"url": "http://secunia.com/advisories/37671",
"refsource": "MISC",
"url": "https://jira.jboss.org/jira/browse/JBAS-7105"
"name": "http://secunia.com/advisories/37671"
},
{
"name": "37276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37276"
},
{
"name": "1023315",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023315"
},
{
"name": "60899",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/60899"
},
{
"name": "RHSA-2009:1637",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html"
},
{
"name": "https://jira.jboss.org/jira/browse/JBPAPP-2284",
"url": "http://securitytracker.com/id?1023315",
"refsource": "MISC",
"url": "https://jira.jboss.org/jira/browse/JBPAPP-2284"
"name": "http://securitytracker.com/id?1023315"
},
{
"name": "37671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37671"
},
{
"name": "RHSA-2009:1636",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html"
},
{
"name": "RHSA-2009:1649",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html"
},
{
"name": "60898",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/60898"
},
{
"name": "jboss-createsnapshot-xss(54700)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54700"
},
{
"name": "https://jira.jboss.org/jira/browse/JBPAPP-2274",
"url": "http://www.securityfocus.com/bid/37276",
"refsource": "MISC",
"url": "https://jira.jboss.org/jira/browse/JBPAPP-2274"
"name": "http://www.securityfocus.com/bid/37276"
},
{
"name": "35680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35680"
"url": "https://access.redhat.com/errata/RHSA-2009:1636",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1636"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=510023",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023"
"url": "https://access.redhat.com/errata/RHSA-2009:1637",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1637"
},
{
"name": "RHSA-2009:1650",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html"
"url": "https://access.redhat.com/errata/RHSA-2009:1649",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1649"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:1650",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1650"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1636.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1637.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1649.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1650.html"
},
{
"url": "http://secunia.com/advisories/35680",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35680"
},
{
"url": "http://www.osvdb.org/60898",
"refsource": "MISC",
"name": "http://www.osvdb.org/60898"
},
{
"url": "http://www.osvdb.org/60899",
"refsource": "MISC",
"name": "http://www.osvdb.org/60899"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-2405",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-2405"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=510023"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54700",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54700"
},
{
"url": "https://jira.jboss.org/jira/browse/JBAS-7105",
"refsource": "MISC",
"name": "https://jira.jboss.org/jira/browse/JBAS-7105"
},
{
"url": "https://jira.jboss.org/jira/browse/JBPAPP-2274",
"refsource": "MISC",
"name": "https://jira.jboss.org/jira/browse/JBPAPP-2274"
},
{
"url": "https://jira.jboss.org/jira/browse/JBPAPP-2284",
"refsource": "MISC",
"name": "https://jira.jboss.org/jira/browse/JBPAPP-2284"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

295
2009/2xxx/CVE-2009-2406.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-2406",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size."
"value": "CVE-2009-2406 kernel: ecryptfs stack overflow in parse_tag_11_packet()"
}
]
},
@ -44,148 +21,224 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.4.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.4.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "35851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35851"
},
{
"name": "35985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35985"
},
{
"name": "36131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36131"
},
{
"name": "20090728 [RISE-2009002] Linux eCryptfs parse_tag_11_packet Literal Data Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505334/100/0/threaded"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6352a29305373ae6196491e6d4669f301e26492e",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6352a29305373ae6196491e6d4669f301e26492e"
},
{
"name": "37471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37471"
},
{
"name": "http://risesecurity.org/advisories/RISE-2009002.txt",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded",
"refsource": "MISC",
"url": "http://risesecurity.org/advisories/RISE-2009002.txt"
"name": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "FEDORA-2009-8144",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html"
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "DSA-1844",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1844"
"url": "http://www.vupen.com/english/advisories/2009/3316",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "USN-807-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-807-1"
"url": "http://secunia.com/advisories/36051",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36051"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
"url": "http://secunia.com/advisories/36131",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36131"
},
{
"name": "RHSA-2009:1193",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
"url": "http://secunia.com/advisories/37471",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37471"
},
{
"name": "oval:org.mitre.oval:def:10072",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10072"
"url": "http://www.debian.org/security/2009/dsa-1844",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1844"
},
{
"name": "oval:org.mitre.oval:def:8246",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8246"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4"
"url": "https://access.redhat.com/errata/RHSA-2009:1193",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1193"
},
{
"name": "SUSE-SR:2009:015",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"
},
{
"name": "FEDORA-2009-8264",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html"
"url": "http://secunia.com/advisories/36045",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36045"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
"url": "http://www.ubuntu.com/usn/usn-807-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-807-1"
},
{
"name": "36051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36051"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "36045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36045"
"url": "http://secunia.com/advisories/36054",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36054"
},
{
"name": "36116",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36116"
"url": "http://secunia.com/advisories/36116",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36116"
},
{
"name": "MDVSA-2011:029",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"
"url": "http://www.debian.org/security/2009/dsa-1845",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1845"
},
{
"name": "36054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36054"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html"
},
{
"name": "ADV-2009-2041",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2041"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html"
},
{
"name": "DSA-1845",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1845"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6352a29305373ae6196491e6d4669f301e26492e",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6352a29305373ae6196491e6d4669f301e26492e"
},
{
"name": "1022663",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022663"
"url": "http://risesecurity.org/advisories/RISE-2009002.txt",
"refsource": "MISC",
"name": "http://risesecurity.org/advisories/RISE-2009002.txt"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
"url": "http://secunia.com/advisories/35985",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35985"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4"
},
{
"url": "http://www.securityfocus.com/archive/1/505334/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/505334/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/35851",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/35851"
},
{
"url": "http://www.securitytracker.com/id?1022663",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1022663"
},
{
"url": "http://www.vupen.com/english/advisories/2009/2041",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2041"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-2406",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-2406"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512861",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=512861"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10072",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10072"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8246",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8246"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

355
2009/2xxx/CVE-2009-2407.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-2407",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet."
"value": "CVE-2009-2407 kernel: ecryptfs heap overflow in parse_tag_3_packet()"
}
]
},
@ -44,138 +21,214 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.4.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.4.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "35985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35985"
},
{
"name": "36131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36131"
},
{
"name": "37471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37471"
},
{
"name": "FEDORA-2009-8144",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html"
},
{
"name": "DSA-1844",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1844"
},
{
"name": "USN-807-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-807-1"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "RHSA-2009:1193",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
},
{
"name": "20090728 [RISE-2009003] Linux eCryptfs parse_tag_3_packet Encrypted Key Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505337/100/0/threaded"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4"
},
{
"name": "SUSE-SR:2009:015",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "FEDORA-2009-8264",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "36051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36051"
},
{
"name": "35850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35850"
},
{
"name": "oval:org.mitre.oval:def:11255",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11255"
},
{
"name": "36045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36045"
},
{
"name": "36116",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36116"
},
{
"name": "oval:org.mitre.oval:def:8057",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8057"
},
{
"name": "36054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36054"
},
{
"name": "ADV-2009-2041",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2041"
},
{
"name": "DSA-1845",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1845"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f151cd2c54ddc7714e2f740681350476cda03a28",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f151cd2c54ddc7714e2f740681350476cda03a28"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "http://risesecurity.org/advisories/RISE-2009003.txt",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded",
"refsource": "MISC",
"url": "http://risesecurity.org/advisories/RISE-2009003.txt"
"name": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"url": "http://www.vupen.com/english/advisories/2009/3316",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"url": "http://secunia.com/advisories/36051",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36051"
},
{
"url": "http://secunia.com/advisories/36131",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36131"
},
{
"url": "http://secunia.com/advisories/37471",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37471"
},
{
"url": "http://www.debian.org/security/2009/dsa-1844",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1844"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:1193",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1193"
},
{
"url": "http://secunia.com/advisories/36045",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36045"
},
{
"url": "http://www.ubuntu.com/usn/usn-807-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-807-1"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"url": "http://secunia.com/advisories/36054",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36054"
},
{
"url": "http://secunia.com/advisories/36116",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36116"
},
{
"url": "http://www.debian.org/security/2009/dsa-1845",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1845"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html"
},
{
"url": "http://secunia.com/advisories/35985",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35985"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.4"
},
{
"url": "http://www.vupen.com/english/advisories/2009/2041",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2041"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f151cd2c54ddc7714e2f740681350476cda03a28",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f151cd2c54ddc7714e2f740681350476cda03a28"
},
{
"url": "http://risesecurity.org/advisories/RISE-2009003.txt",
"refsource": "MISC",
"name": "http://risesecurity.org/advisories/RISE-2009003.txt"
},
{
"url": "http://www.securityfocus.com/archive/1/505337/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/505337/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/35850",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/35850"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-2407",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-2407"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512885",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=512885"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11255",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11255"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8057",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8057"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

184
2010/1xxx/CVE-2010-1622.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-1622",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file."
"value": "CVE-2010-1622 SpringSource Spring Framework (x < 2.5.6.SEC02, 2.5.7.SR01, 3.0.3): Arbitrary Java code execution via an HTTP request containing a specially-crafted .jar file"
}
]
},
@ -44,83 +21,148 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
"cweId": "CWE-96"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "JBWFK 1.0.0 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:1.0.0-3.ep5.el4",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html",
"refsource": "CONFIRM",
"url": "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html"
"url": "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html",
"refsource": "MISC",
"name": "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html"
},
{
"name": "ADV-2011-0237",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0237"
"url": "http://geronimo.apache.org/21x-security-report.html",
"refsource": "MISC",
"name": "http://geronimo.apache.org/21x-security-report.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"url": "http://geronimo.apache.org/22x-security-report.html",
"refsource": "MISC",
"name": "http://geronimo.apache.org/22x-security-report.html"
},
{
"name": "13918",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13918"
"url": "http://secunia.com/advisories/41016",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41016"
},
{
"name": "43087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43087"
"url": "http://secunia.com/advisories/41025",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41025"
},
{
"name": "http://www.springsource.com/security/cve-2010-1622",
"refsource": "CONFIRM",
"url": "http://www.springsource.com/security/cve-2010-1622"
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "41025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41025"
"url": "http://secunia.com/advisories/43087",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43087"
},
{
"name": "RHSA-2011:0175",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0175.html"
"url": "http://www.exploit-db.com/exploits/13918",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/13918"
},
{
"name": "http://geronimo.apache.org/22x-security-report.html",
"refsource": "CONFIRM",
"url": "http://geronimo.apache.org/22x-security-report.html"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0175.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0175.html"
},
{
"name": "40954",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40954"
"url": "http://www.securityfocus.com/archive/1/511877",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/511877"
},
{
"name": "41016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41016"
"url": "http://www.securityfocus.com/bid/40954",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/40954"
},
{
"name": "1033898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033898"
"url": "http://www.securitytracker.com/id/1033898",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033898"
},
{
"name": "http://geronimo.apache.org/21x-security-report.html",
"refsource": "CONFIRM",
"url": "http://geronimo.apache.org/21x-security-report.html"
"url": "http://www.springsource.com/security/cve-2010-1622",
"refsource": "MISC",
"name": "http://www.springsource.com/security/cve-2010-1622"
},
{
"name": "20100618 CVE-2010-1622: Spring Framework execution of arbitrary code",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511877"
"url": "http://www.vupen.com/english/advisories/2011/0237",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0237"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0175",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0175"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-1622",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-1622"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=606706",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=606706"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

190
2010/1xxx/CVE-2010-1624.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-1624",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message."
"value": "CVE-2010-1624 Pidgin: MSN SLP emoticon DoS (NULL pointer dereference)"
}
]
},
@ -44,83 +21,154 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.6-5.el4_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.6-5.el5_5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2010:0788",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0788.html"
"url": "http://developer.pidgin.im/viewmtn/revision/diff/884d44222e8c81ecec51c25e07d005e002a5479b/with/894460d22c434e73d60b71ec031611988e687c8b/libpurple/protocols/msn/slp.c",
"refsource": "MISC",
"name": "http://developer.pidgin.im/viewmtn/revision/diff/884d44222e8c81ecec51c25e07d005e002a5479b/with/894460d22c434e73d60b71ec031611988e687c8b/libpurple/protocols/msn/slp.c"
},
{
"name": "40138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40138"
"url": "http://developer.pidgin.im/viewmtn/revision/info/894460d22c434e73d60b71ec031611988e687c8b",
"refsource": "MISC",
"name": "http://developer.pidgin.im/viewmtn/revision/info/894460d22c434e73d60b71ec031611988e687c8b"
},
{
"name": "MDVSA-2010:097",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:097"
"url": "http://secunia.com/advisories/39801",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39801"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=589973",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=589973"
"url": "http://secunia.com/advisories/41899",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41899"
},
{
"name": "39801",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39801"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:097",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:097"
},
{
"name": "USN-1014-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1014-1"
"url": "http://www.pidgin.im/news/security/index.php?id=46",
"refsource": "MISC",
"name": "http://www.pidgin.im/news/security/index.php?id=46"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/info/894460d22c434e73d60b71ec031611988e687c8b",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/info/894460d22c434e73d60b71ec031611988e687c8b"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0788.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0788.html"
},
{
"name": "ADV-2010-1141",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1141"
"url": "http://www.securityfocus.com/bid/40138",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/40138"
},
{
"name": "pidgin-slp-packets-dos(58559)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58559"
"url": "http://www.ubuntu.com/usn/USN-1014-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1014-1"
},
{
"name": "http://www.pidgin.im/news/security/index.php?id=46",
"refsource": "CONFIRM",
"url": "http://www.pidgin.im/news/security/index.php?id=46"
"url": "http://www.vupen.com/english/advisories/2010/1141",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1141"
},
{
"name": "oval:org.mitre.oval:def:18547",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18547"
"url": "http://www.vupen.com/english/advisories/2010/2755",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2755"
},
{
"name": "41899",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41899"
"url": "https://access.redhat.com/errata/RHSA-2010:0788",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0788"
},
{
"name": "ADV-2010-2755",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2755"
"url": "https://access.redhat.com/security/cve/CVE-2010-1624",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-1624"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/diff/884d44222e8c81ecec51c25e07d005e002a5479b/with/894460d22c434e73d60b71ec031611988e687c8b/libpurple/protocols/msn/slp.c",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/diff/884d44222e8c81ecec51c25e07d005e002a5479b/with/894460d22c434e73d60b71ec031611988e687c8b/libpurple/protocols/msn/slp.c"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=589973",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=589973"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58559",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58559"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18547",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18547"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

155
2010/1xxx/CVE-2010-1640.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-1640",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling."
"value": "CVE-2010-1640 Clam AntiVirus: Off-by-one error (DoS, crash) by parsing a specially-crafted PE icon file"
}
]
},
@ -44,63 +21,123 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Off-by-one Error",
"cweId": "CWE-193"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blobdiff;f=libclamav/pe_icons.c;h=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c;hp=39a714f05968f9e929576bf171dd0eb58bf06bef;hb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3;hpb=f0eb394501ec21b9fe67f36cbf5db788711d4236",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blobdiff;f=libclamav/pe_icons.c;h=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c;hp=39a714f05968f9e929576bf171dd0eb58bf06bef;hb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3;hpb=f0eb394501ec21b9fe67f36cbf5db788711d4236"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "[oss-security] 20100521 CVE Request: off by one DoS in pe_icons.c",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/05/21/7"
"url": "http://secunia.com/advisories/39895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39895"
},
{
"name": "clamav-parseicon-dos(58825)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"name": "40318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40318"
"url": "http://www.vupen.com/english/advisories/2010/1214",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"name": "ADV-2010-1214",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1214"
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1",
"refsource": "MISC",
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1"
},
{
"name": "MDVSA-2010:110",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236",
"refsource": "MISC",
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
"url": "http://www.openwall.com/lists/oss-security/2010/05/21/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/05/21/7"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031"
"url": "http://www.securityfocus.com/bid/40318",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/40318"
},
{
"name": "39895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39895"
"url": "https://access.redhat.com/security/cve/CVE-2010-1640",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-1640"
},
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.1",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=597358",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=597358"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825"
},
{
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031",
"refsource": "MISC",
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

155
2010/1xxx/CVE-2010-1644.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-1644",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php."
"value": "CVE-2010-1644 cacti: XSS issues in host.php and data_sources.php (VUPEN/ADV-2010-1203)"
}
]
},
@ -44,63 +21,123 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "ADV-2010-1203",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1203"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "MDVSA-2010:160",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
"url": "http://secunia.com/advisories/41041",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41041"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=609093",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609093"
"url": "http://www.vupen.com/english/advisories/2010/2132",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "41041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41041"
"url": "https://access.redhat.com/errata/RHSA-2010:0635",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0635"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7f.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "RHSA-2010:0635",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
"url": "http://svn.cacti.net/viewvc?view=rev&revision=5901",
"refsource": "MISC",
"name": "http://svn.cacti.net/viewvc?view=rev&revision=5901"
},
{
"name": "20100521 Cacti Multiple Parameter Cross Site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511393"
"url": "http://www.cacti.net/release_notes_0_8_7f.php",
"refsource": "MISC",
"name": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"name": "ADV-2010-2132",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2132"
"url": "http://www.securityfocus.com/archive/1/511393",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/511393"
},
{
"name": "40332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40332"
"url": "http://www.securityfocus.com/bid/40332",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/40332"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev&revision=5901",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev&revision=5901"
"url": "http://www.vupen.com/english/advisories/2010/1203",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1203"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-1644",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-1644"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609093",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=609093"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

190
2011/0xxx/CVE-2011-0706.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0706",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of \"an inappropriate security descriptor.\""
"value": "CVE-2011-0706 IcedTea multiple signers privilege escalation"
}
]
},
@ -44,68 +21,123 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2011-1631",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "FEDORA-2011-1645",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html"
},
{
"name": "46439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46439"
},
{
"name": "icedtea-jnlpclassloader-priv-esc(65534)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65534"
},
{
"name": "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/",
"refsource": "CONFIRM",
"url": "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/"
},
{
"name": "43350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43350"
},
{
"name": "DSA-2224",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2224"
},
{
"name": "oval:org.mitre.oval:def:14117",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14117"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=677332",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=677332"
"name": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "MDVSA-2011:054",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
"url": "http://www.debian.org/security/2011/dsa-2224",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2224"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
},
{
"url": "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/",
"refsource": "MISC",
"name": "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html"
},
{
"url": "http://secunia.com/advisories/43350",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43350"
},
{
"url": "http://www.securityfocus.com/bid/46439",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46439"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-0706",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-0706"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=677332",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=677332"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65534",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65534"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14117",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14117"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

307
2011/0xxx/CVE-2011-0707.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0707",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message."
"value": "CVE-2011-0707 Mailman: Three XSS flaws due improper escaping of the full name of the member"
}
]
},
@ -44,163 +21,255 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "3:2.1.5.1-34.rhel4.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "3:2.1.9-6.el5_6.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "3:2.1.12-14.el6_0.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "ADV-2011-0487",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0487"
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "FEDORA-2011-2102",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html"
"url": "http://support.apple.com/kb/HT5002",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT5002"
},
{
"name": "RHSA-2011:0307",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name": "70936",
"refsource": "OSVDB",
"url": "http://osvdb.org/70936"
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html"
},
{
"name": "43294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43294"
"url": "http://secunia.com/advisories/43294",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43294"
},
{
"name": "ADV-2011-0720",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0720"
"url": "http://secunia.com/advisories/43425",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43425"
},
{
"name": "SUSE-SR:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
"url": "http://secunia.com/advisories/43549",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43549"
},
{
"name": "ADV-2011-0435",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0435"
"url": "http://secunia.com/advisories/43580",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43580"
},
{
"name": "ADV-2011-0460",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0460"
"url": "http://www.debian.org/security/2011/dsa-2170",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2170"
},
{
"name": "openSUSE-SU-2011:0424",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0307.html"
},
{
"name": "DSA-2170",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2170"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0308.html"
},
{
"name": "[mailman-announce] 20110213 Mailman Security Patch Announcement",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html"
"url": "http://www.ubuntu.com/usn/USN-1069-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1069-1"
},
{
"name": "USN-1069-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1069-1"
"url": "http://www.vupen.com/english/advisories/2011/0436",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0436"
},
{
"name": "RHSA-2011:0308",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html"
"url": "http://www.vupen.com/english/advisories/2011/0460",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0460"
},
{
"name": "ADV-2011-0436",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0436"
"url": "http://www.vupen.com/english/advisories/2011/0542",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0542"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
"url": "https://access.redhat.com/errata/RHSA-2011:0307",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0307"
},
{
"name": "MDVSA-2011:036",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:036"
"url": "https://access.redhat.com/errata/RHSA-2011:0308",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0308"
},
{
"name": "[mailman-announce] 20110218 Mailman Security Patch Announcement",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html"
},
{
"name": "46464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46464"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html"
},
{
"name": "1025106",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025106"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html"
},
{
"name": "43829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43829"
"url": "http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html",
"refsource": "MISC",
"name": "http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html"
},
{
"name": "43425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43425"
"url": "http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html",
"refsource": "MISC",
"name": "http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html"
},
{
"name": "ADV-2011-0542",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0542"
"url": "http://osvdb.org/70936",
"refsource": "MISC",
"name": "http://osvdb.org/70936"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
"url": "http://secunia.com/advisories/43389",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43389"
},
{
"name": "43389",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43389"
"url": "http://secunia.com/advisories/43829",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43829"
},
{
"name": "mailman-fullname-xss(65538)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65538"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:036",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:036"
},
{
"name": "FEDORA-2011-2125",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html"
"url": "http://www.securityfocus.com/bid/46464",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46464"
},
{
"name": "43580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43580"
"url": "http://www.securitytracker.com/id?1025106",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025106"
},
{
"name": "FEDORA-2011-2030",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html"
"url": "http://www.vupen.com/english/advisories/2011/0435",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0435"
},
{
"name": "43549",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43549"
"url": "http://www.vupen.com/english/advisories/2011/0487",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0487"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0720",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0720"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-0707",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-0707"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=677375",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=677375"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65538",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65538"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
}

391
2011/1xxx/CVE-2011-1002.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1002",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244."
"value": "CVE-2011-1002 avahi: daemon infinite loop triggered by an empty UDP packet (CVE-2010-2244 fix regression)"
}
]
},
@ -44,168 +21,244 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.6.16-10.el5_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:0.6.25-11.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2011:0779",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0779.html"
},
{
"name": "avahi-udp-packet-dos(65525)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"
},
{
"name": "[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/02/22/9"
},
{
"name": "RHSA-2011:0436",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0436.html"
},
{
"name": "ADV-2011-0511",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0511"
},
{
"name": "[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/18/1"
},
{
"name": "43605",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43605"
},
{
"name": "43465",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43465"
},
{
"name": "43673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43673"
},
{
"name": "ADV-2011-0601",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0601"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667187",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"
},
{
"name": "ADV-2011-0969",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0969"
},
{
"name": "avahi-udp-dos(65524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"
},
{
"name": "44131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44131"
},
{
"name": "MDVSA-2011:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"
},
{
"name": "46446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46446"
},
{
"name": "MDVSA-2011:037",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"
},
{
"name": "ADV-2011-0448",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0448"
},
{
"name": "SUSE-SR:2011:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "DSA-2174",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2174"
},
{
"name": "ADV-2011-0499",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0499"
},
{
"name": "70948",
"refsource": "OSVDB",
"url": "http://osvdb.org/70948"
},
{
"name": "43361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43361"
},
{
"name": "ADV-2011-0670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0670"
},
{
"name": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "http://avahi.org/ticket/325",
"refsource": "CONFIRM",
"url": "http://avahi.org/ticket/325"
"url": "http://avahi.org/ticket/325",
"refsource": "MISC",
"name": "http://avahi.org/ticket/325"
},
{
"name": "FEDORA-2011-3033",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"
"url": "http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6",
"refsource": "MISC",
"name": "http://git.0pointer.de/?p=avahi.git%3Ba=commit%3Bh=46109dfec75534fe270c0ab902576f685d5ab3a6"
},
{
"name": "ADV-2011-0565",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0565"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"
},
{
"name": "http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6",
"refsource": "CONFIRM",
"url": "http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6"
"url": "http://openwall.com/lists/oss-security/2011/02/18/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/02/18/1"
},
{
"name": "USN-1084-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1084-1"
"url": "http://openwall.com/lists/oss-security/2011/02/18/4",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/02/18/4"
},
{
"name": "[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/18/4"
"url": "http://osvdb.org/70948",
"refsource": "MISC",
"name": "http://osvdb.org/70948"
},
{
"url": "http://secunia.com/advisories/43361",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43361"
},
{
"url": "http://secunia.com/advisories/43465",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43465"
},
{
"url": "http://secunia.com/advisories/43605",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43605"
},
{
"url": "http://secunia.com/advisories/43673",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43673"
},
{
"url": "http://secunia.com/advisories/44131",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44131"
},
{
"url": "http://ubuntu.com/usn/usn-1084-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-1084-1"
},
{
"url": "http://www.debian.org/security/2011/dsa-2174",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2174"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"
},
{
"url": "http://www.openwall.com/lists/oss-security/2011/02/22/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/02/22/9"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0436.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0436.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0779.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0779.html"
},
{
"url": "http://www.securityfocus.com/bid/46446",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46446"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0448",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0448"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0499",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0499"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0511",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0511"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0565",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0565"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0601",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0601"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0670",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0670"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0969",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0969"
},
{
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/",
"refsource": "MISC",
"name": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0436",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0436"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0779",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0779"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1002",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1002"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}