diff --git a/2006/0xxx/CVE-2006-0138.json b/2006/0xxx/CVE-2006-0138.json index c720a76f25a..b9316cf829f 100644 --- a/2006/0xxx/CVE-2006-0138.json +++ b/2006/0xxx/CVE-2006-0138.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securiteam.com/exploits/5JP090KHFQ.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/exploits/5JP090KHFQ.html" - }, - { - "name" : "22186", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22186" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22186", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22186" + }, + { + "name": "http://www.securiteam.com/exploits/5JP090KHFQ.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/exploits/5JP090KHFQ.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0693.json b/2006/0xxx/CVE-2006-0693.json index b55d1716a24..be1b135b58d 100644 --- a/2006/0xxx/CVE-2006-0693.json +++ b/2006/0xxx/CVE-2006-0693.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti CALimba 0.99.2 beta and earlier allow remote attackers to execute arbitrary SQL commands and bypass login authentication via the (1) login and (2) password parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060217 [eVuln] CALimba Authentication Bypass Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/425364/100/0/threaded" - }, - { - "name" : "http://www.evuln.com/vulns/68/summary.html", - "refsource" : "MISC", - "url" : "http://www.evuln.com/vulns/68/summary.html" - }, - { - "name" : "16632", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16632" - }, - { - "name" : "ADV-2006-0523", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0523" - }, - { - "name" : "18856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18856" - }, - { - "name" : "453", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/453" - }, - { - "name" : "calimba-rbauth-sql-injection(24578)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24578" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti CALimba 0.99.2 beta and earlier allow remote attackers to execute arbitrary SQL commands and bypass login authentication via the (1) login and (2) password parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16632", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16632" + }, + { + "name": "calimba-rbauth-sql-injection(24578)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24578" + }, + { + "name": "http://www.evuln.com/vulns/68/summary.html", + "refsource": "MISC", + "url": "http://www.evuln.com/vulns/68/summary.html" + }, + { + "name": "20060217 [eVuln] CALimba Authentication Bypass Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/425364/100/0/threaded" + }, + { + "name": "ADV-2006-0523", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0523" + }, + { + "name": "453", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/453" + }, + { + "name": "18856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18856" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1127.json b/2006/1xxx/CVE-2006-1127.json index 90fa952d921..aa1874936bd 100644 --- a/2006/1xxx/CVE-2006-1127.json +++ b/2006/1xxx/CVE-2006-1127.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060303 Gallery 2 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2006-02/0621.html" - }, - { - "name" : "http://www.gulftech.org/?node=research&article_id=00106-03022006", - "refsource" : "MISC", - "url" : "http://www.gulftech.org/?node=research&article_id=00106-03022006" - }, - { - "name" : "http://gallery.menalto.com/gallery_2.0.3_released", - "refsource" : "CONFIRM", - "url" : "http://gallery.menalto.com/gallery_2.0.3_released" - }, - { - "name" : "16940", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16940" - }, - { - "name" : "ADV-2006-0813", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0813" - }, - { - "name" : "23596", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23596" - }, - { - "name" : "1015717", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015717" - }, - { - "name" : "19104", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19104" - }, - { - "name" : "gallery-getremotehostaddress-xss(25117)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16940", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16940" + }, + { + "name": "23596", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23596" + }, + { + "name": "http://www.gulftech.org/?node=research&article_id=00106-03022006", + "refsource": "MISC", + "url": "http://www.gulftech.org/?node=research&article_id=00106-03022006" + }, + { + "name": "gallery-getremotehostaddress-xss(25117)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25117" + }, + { + "name": "http://gallery.menalto.com/gallery_2.0.3_released", + "refsource": "CONFIRM", + "url": "http://gallery.menalto.com/gallery_2.0.3_released" + }, + { + "name": "ADV-2006-0813", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0813" + }, + { + "name": "20060303 Gallery 2 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2006-02/0621.html" + }, + { + "name": "19104", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19104" + }, + { + "name": "1015717", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015717" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1206.json b/2006/1xxx/CVE-2006-1206.json index 3d4876ae1d2..2ccd205e559 100644 --- a/2006/1xxx/CVE-2006-1206.json +++ b/2006/1xxx/CVE-2006-1206.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1206", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1206", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060307 Dropbear SSH server Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/426999/100/0/threaded" - }, - { - "name" : "17024", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17024" - }, - { - "name" : "1015742", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015742" - }, - { - "name" : "dropbear-connection-dos(25075)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25075" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060307 Dropbear SSH server Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/426999/100/0/threaded" + }, + { + "name": "17024", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17024" + }, + { + "name": "dropbear-connection-dos(25075)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25075" + }, + { + "name": "1015742", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015742" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1947.json b/2006/1xxx/CVE-2006-1947.json index 78d172f2324..57eccd4c5f6 100644 --- a/2006/1xxx/CVE-2006-1947.json +++ b/2006/1xxx/CVE-2006-1947.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html" - }, - { - "name" : "17617", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17617" - }, - { - "name" : "ADV-2006-1423", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1423" - }, - { - "name" : "19720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19720" - }, - { - "name" : "plexum-multiple-sql-injection(25918)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25918" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19720" + }, + { + "name": "ADV-2006-1423", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1423" + }, + { + "name": "http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html", + "refsource": "MISC", + "url": "http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html" + }, + { + "name": "plexum-multiple-sql-injection(25918)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25918" + }, + { + "name": "17617", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17617" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5436.json b/2006/5xxx/CVE-2006-5436.json index a7dab4bea36..854f1c7541c 100644 --- a/2006/5xxx/CVE-2006-5436.json +++ b/2006/5xxx/CVE-2006-5436.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5436", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/freefaq-0.9.e-rfi.pl", - "refsource" : "MISC", - "url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/freefaq-0.9.e-rfi.pl" - }, - { - "name" : "20621", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20621" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://downloads.securityfocus.com/vulnerabilities/exploits/freefaq-0.9.e-rfi.pl", + "refsource": "MISC", + "url": "http://downloads.securityfocus.com/vulnerabilities/exploits/freefaq-0.9.e-rfi.pl" + }, + { + "name": "20621", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20621" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5662.json b/2006/5xxx/CVE-2006-5662.json index 17e255b3a48..3278d5a5d63 100644 --- a/2006/5xxx/CVE-2006-5662.json +++ b/2006/5xxx/CVE-2006-5662.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5662", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows remote attackers to execute arbitrary SQL commands via (1) the username parameter in login.php and (2) a search on the \"search page.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5662", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061029 easy notes manager sql injection and authentication bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/450045/100/0/threaded" - }, - { - "name" : "20803", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20803" - }, - { - "name" : "1819", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1819" - }, - { - "name" : "enm-search-sql-injection(29913)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29913" - }, - { - "name" : "enm-username-sql-injection(29908)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29908" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows remote attackers to execute arbitrary SQL commands via (1) the username parameter in login.php and (2) a search on the \"search page.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061029 easy notes manager sql injection and authentication bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/450045/100/0/threaded" + }, + { + "name": "1819", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1819" + }, + { + "name": "enm-search-sql-injection(29913)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29913" + }, + { + "name": "enm-username-sql-injection(29908)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29908" + }, + { + "name": "20803", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20803" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5668.json b/2006/5xxx/CVE-2006-5668.json index b497b49c061..4d2f5839184 100644 --- a/2006/5xxx/CVE-2006-5668.json +++ b/2006/5xxx/CVE-2006-5668.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5668", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5668", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://svn.ampache.org/branches/3.3.2/docs/CHANGELOG", - "refsource" : "CONFIRM", - "url" : "https://svn.ampache.org/branches/3.3.2/docs/CHANGELOG" - }, - { - "name" : "20798", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20798" - }, - { - "name" : "ADV-2006-4236", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4236" - }, - { - "name" : "22842", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22842" - }, - { - "name" : "ampache-session-security-bypass(29892)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29892" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4236", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4236" + }, + { + "name": "20798", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20798" + }, + { + "name": "https://svn.ampache.org/branches/3.3.2/docs/CHANGELOG", + "refsource": "CONFIRM", + "url": "https://svn.ampache.org/branches/3.3.2/docs/CHANGELOG" + }, + { + "name": "ampache-session-security-bypass(29892)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29892" + }, + { + "name": "22842", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22842" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5751.json b/2006/5xxx/CVE-2006-5751.json index b85ae576ee8..b220a8ca7fe 100644 --- a/2006/5xxx/CVE-2006-5751.json +++ b/2006/5xxx/CVE-2006-5751.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5751", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-5751", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061206 rPSA-2006-0226-1 kernel", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/453681/100/0/threaded" - }, - { - "name" : "http://projects.info-pull.com/mokb/MOKB-29-11-2006.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/mokb/MOKB-29-11-2006.html" - }, - { - "name" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=4c61a7e0a86e1ae9e16867f9f8e4b0412b8edbaf;hp=4e4119a1213925568b8a1acdef9bf52b98b19da3;hb=ba8379b220509e9448c00a77cf6c15ac2a559cc7;f=net/bridge/br_ioctl.c", - "refsource" : "MISC", - "url" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=4c61a7e0a86e1ae9e16867f9f8e4b0412b8edbaf;hp=4e4119a1213925568b8a1acdef9bf52b98b19da3;hb=ba8379b220509e9448c00a77cf6c15ac2a559cc7;f=net/bridge/br_ioctl.c" - }, - { - "name" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ba8379b220509e9448c00a77cf6c15ac2a559cc7", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ba8379b220509e9448c00a77cf6c15ac2a559cc7" - }, - { - "name" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18.4", - "refsource" : "CONFIRM", - "url" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18.4" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-803", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-803" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-837", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-837" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm" - }, - { - "name" : "DSA-1233", - "refsource" : "DEBIAN", - "url" : "http://www.us.debian.org/security/2006/dsa-1233" - }, - { - "name" : "MDKSA-2007:002", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:002" - }, - { - "name" : "MDKSA-2007:012", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:012" - }, - { - "name" : "RHSA-2007:0014", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0014.html" - }, - { - "name" : "SUSE-SA:2006:079", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_79_kernel.html" - }, - { - "name" : "SUSE-SA:2007:021", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_21_kernel.html" - }, - { - "name" : "USN-395-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-395-1" - }, - { - "name" : "21353", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21353" - }, - { - "name" : "oval:org.mitre.oval:def:10151", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10151" - }, - { - "name" : "ADV-2006-4781", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4781" - }, - { - "name" : "23073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23073" - }, - { - "name" : "23252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23252" - }, - { - "name" : "23370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23370" - }, - { - "name" : "23384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23384" - }, - { - "name" : "23593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23593" - }, - { - "name" : "23752", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23752" - }, - { - "name" : "23997", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23997" - }, - { - "name" : "24206", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24206" - }, - { - "name" : "24547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24547" - }, - { - "name" : "23474", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23474" - }, - { - "name" : "linux-getfdbentries-integer-overflow(30588)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ba8379b220509e9448c00a77cf6c15ac2a559cc7", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ba8379b220509e9448c00a77cf6c15ac2a559cc7" + }, + { + "name": "SUSE-SA:2006:079", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html" + }, + { + "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18.4", + "refsource": "CONFIRM", + "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18.4" + }, + { + "name": "https://issues.rpath.com/browse/RPL-803", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-803" + }, + { + "name": "23073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23073" + }, + { + "name": "oval:org.mitre.oval:def:10151", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10151" + }, + { + "name": "ADV-2006-4781", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4781" + }, + { + "name": "RHSA-2007:0014", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0014.html" + }, + { + "name": "MDKSA-2007:012", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:012" + }, + { + "name": "23593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23593" + }, + { + "name": "SUSE-SA:2007:021", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_21_kernel.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-837", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-837" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm" + }, + { + "name": "23384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23384" + }, + { + "name": "23752", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23752" + }, + { + "name": "24206", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24206" + }, + { + "name": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=4c61a7e0a86e1ae9e16867f9f8e4b0412b8edbaf;hp=4e4119a1213925568b8a1acdef9bf52b98b19da3;hb=ba8379b220509e9448c00a77cf6c15ac2a559cc7;f=net/bridge/br_ioctl.c", + "refsource": "MISC", + "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=4c61a7e0a86e1ae9e16867f9f8e4b0412b8edbaf;hp=4e4119a1213925568b8a1acdef9bf52b98b19da3;hb=ba8379b220509e9448c00a77cf6c15ac2a559cc7;f=net/bridge/br_ioctl.c" + }, + { + "name": "23252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23252" + }, + { + "name": "23474", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23474" + }, + { + "name": "http://projects.info-pull.com/mokb/MOKB-29-11-2006.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/mokb/MOKB-29-11-2006.html" + }, + { + "name": "DSA-1233", + "refsource": "DEBIAN", + "url": "http://www.us.debian.org/security/2006/dsa-1233" + }, + { + "name": "23370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23370" + }, + { + "name": "23997", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23997" + }, + { + "name": "21353", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21353" + }, + { + "name": "24547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24547" + }, + { + "name": "MDKSA-2007:002", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:002" + }, + { + "name": "USN-395-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-395-1" + }, + { + "name": "20061206 rPSA-2006-0226-1 kernel", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/453681/100/0/threaded" + }, + { + "name": "linux-getfdbentries-integer-overflow(30588)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30588" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5777.json b/2006/5xxx/CVE-2006-5777.json index 552b1b926d6..4ee29e67057 100644 --- a/2006/5xxx/CVE-2006-5777.json +++ b/2006/5xxx/CVE-2006-5777.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat.php, (7) canccat.php, (8) cancelart.php, (9) cancontsit.php, (10) chanpassamm.php, (11) dele.php, (12) delecat.php, (13) delecont.php, (14) emailall.php, (15) gestflashtempl.php, (16) gestmagart.php, (17) gestmagaz.php, (18) gestpre.php, (19) input.php, (20) input3.php, (21) insnucat.php, (22) instempflash.php, (23) mailfc.php, (24) modfdati.php, (25) rescont4.php, (26) ricordo1.php, (27) ricordo4.php, (28) tabcatalg.php, (29) tabcont.php, (30) tabcont3.php, (31) tabstile.php, (32) tabstile3.php, (33) testimmg.php, and (34) update.php in admin/. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2709", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2709" - }, - { - "name" : "22729", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22729" - }, - { - "name" : "creasito-admin-authentication-bypass(30011)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat.php, (7) canccat.php, (8) cancelart.php, (9) cancontsit.php, (10) chanpassamm.php, (11) dele.php, (12) delecat.php, (13) delecont.php, (14) emailall.php, (15) gestflashtempl.php, (16) gestmagart.php, (17) gestmagaz.php, (18) gestpre.php, (19) input.php, (20) input3.php, (21) insnucat.php, (22) instempflash.php, (23) mailfc.php, (24) modfdati.php, (25) rescont4.php, (26) ricordo1.php, (27) ricordo4.php, (28) tabcatalg.php, (29) tabcont.php, (30) tabcont3.php, (31) tabstile.php, (32) tabstile3.php, (33) testimmg.php, and (34) update.php in admin/. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22729", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22729" + }, + { + "name": "creasito-admin-authentication-bypass(30011)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30011" + }, + { + "name": "2709", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2709" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5944.json b/2006/5xxx/CVE-2006-5944.json index 6f740e977e2..7f4f9c04d21 100644 --- a/2006/5xxx/CVE-2006-5944.json +++ b/2006/5xxx/CVE-2006-5944.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5944", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM) allows remote attackers to inject arbitrary web script or HTML via the s parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5944", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061114 Car Site Manager [injection sql & xss (get)]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451557/100/0/threaded" - }, - { - "name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=17", - "refsource" : "MISC", - "url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=17" - }, - { - "name" : "21066", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21066" - }, - { - "name" : "ADV-2006-4532", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4532" - }, - { - "name" : "22914", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22914" - }, - { - "name" : "1876", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1876" - }, - { - "name" : "carsitemanager-listings-xss(30274)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM) allows remote attackers to inject arbitrary web script or HTML via the s parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061114 Car Site Manager [injection sql & xss (get)]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451557/100/0/threaded" + }, + { + "name": "22914", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22914" + }, + { + "name": "1876", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1876" + }, + { + "name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=17", + "refsource": "MISC", + "url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=17" + }, + { + "name": "ADV-2006-4532", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4532" + }, + { + "name": "21066", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21066" + }, + { + "name": "carsitemanager-listings-xss(30274)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30274" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2044.json b/2007/2xxx/CVE-2007-2044.json index ca8d87df561..7b11bc90f11 100644 --- a/2007/2xxx/CVE-2007-2044.json +++ b/2007/2xxx/CVE-2007-2044.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2044", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in mod_weather.php in the Antonis Ventouris Weather module for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2044", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3712", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3712" - }, - { - "name" : "ADV-2007-1356", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1356" - }, - { - "name" : "37435", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37435" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in mod_weather.php in the Antonis Ventouris Weather module for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3712", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3712" + }, + { + "name": "ADV-2007-1356", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1356" + }, + { + "name": "37435", + "refsource": "OSVDB", + "url": "http://osvdb.org/37435" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2138.json b/2007/2xxx/CVE-2007-2138.json index 059747acc5d..b870fb8b71f 100644 --- a/2007/2xxx/CVE-2007-2138.json +++ b/2007/2xxx/CVE-2007-2138.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to \"search_path settings.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.postgresql.org/about/news.791", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/about/news.791" - }, - { - "name" : "http://www.postgresql.org/support/security.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/support/security.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1292", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1292" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm" - }, - { - "name" : "DSA-1309", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1309" - }, - { - "name" : "DSA-1311", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1311" - }, - { - "name" : "GLSA-200705-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-12.xml" - }, - { - "name" : "MDKSA-2007:094", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:094" - }, - { - "name" : "RHSA-2007:0337", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0337.html" - }, - { - "name" : "RHSA-2007:0336", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0336.html" - }, - { - "name" : "102894", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1" - }, - { - "name" : "2007-0015", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0015/" - }, - { - "name" : "USN-454-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-454-1" - }, - { - "name" : "23618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23618" - }, - { - "name" : "oval:org.mitre.oval:def:10090", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090" - }, - { - "name" : "ADV-2007-1497", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1497" - }, - { - "name" : "ADV-2007-1549", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1549" - }, - { - "name" : "1017974", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017974" - }, - { - "name" : "25019", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25019" - }, - { - "name" : "25005", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25005" - }, - { - "name" : "24989", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24989" - }, - { - "name" : "25037", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25037" - }, - { - "name" : "24999", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24999" - }, - { - "name" : "25058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25058" - }, - { - "name" : "25184", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25184" - }, - { - "name" : "25238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25238" - }, - { - "name" : "25334", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25334" - }, - { - "name" : "25717", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25717" - }, - { - "name" : "25725", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25725" - }, - { - "name" : "25720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25720" - }, - { - "name" : "postgresql-searchpath-privilege-escalation(33842)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33842" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to \"search_path settings.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25334", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25334" + }, + { + "name": "25717", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25717" + }, + { + "name": "2007-0015", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0015/" + }, + { + "name": "http://www.postgresql.org/about/news.791", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/about/news.791" + }, + { + "name": "25058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25058" + }, + { + "name": "GLSA-200705-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-12.xml" + }, + { + "name": "MDKSA-2007:094", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:094" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1292", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1292" + }, + { + "name": "24999", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24999" + }, + { + "name": "25037", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25037" + }, + { + "name": "24989", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24989" + }, + { + "name": "23618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23618" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm" + }, + { + "name": "RHSA-2007:0337", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0337.html" + }, + { + "name": "25725", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25725" + }, + { + "name": "http://www.postgresql.org/support/security.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/support/security.html" + }, + { + "name": "1017974", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017974" + }, + { + "name": "postgresql-searchpath-privilege-escalation(33842)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33842" + }, + { + "name": "25720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25720" + }, + { + "name": "DSA-1311", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1311" + }, + { + "name": "DSA-1309", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1309" + }, + { + "name": "ADV-2007-1549", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1549" + }, + { + "name": "25019", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25019" + }, + { + "name": "USN-454-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-454-1" + }, + { + "name": "25238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25238" + }, + { + "name": "RHSA-2007:0336", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0336.html" + }, + { + "name": "102894", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1" + }, + { + "name": "25184", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25184" + }, + { + "name": "ADV-2007-1497", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1497" + }, + { + "name": "oval:org.mitre.oval:def:10090", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090" + }, + { + "name": "25005", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25005" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2589.json b/2007/2xxx/CVE-2007-2589.json index 927ae99a382..70475ef2762 100644 --- a/2007/2xxx/CVE-2007-2589.json +++ b/2007/2xxx/CVE-2007-2589.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.squirrelmail.org/security/issue/2007-05-09", - "refsource" : "CONFIRM", - "url" : "http://www.squirrelmail.org/security/issue/2007-05-09" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=306172", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306172" - }, - { - "name" : "APPLE-SA-2007-07-31", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" - }, - { - "name" : "MDKSA-2007:106", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:106" - }, - { - "name" : "RHSA-2007:0358", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2007-0358.html" - }, - { - "name" : "SUSE-SR:2007:013", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_13_sr.html" - }, - { - "name" : "25159", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25159" - }, - { - "name" : "35889", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35889" - }, - { - "name" : "oval:org.mitre.oval:def:11448", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11448" - }, - { - "name" : "ADV-2007-1748", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1748" - }, - { - "name" : "ADV-2007-2732", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2732" - }, - { - "name" : "25200", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25200" - }, - { - "name" : "25320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25320" - }, - { - "name" : "26235", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26235" - }, - { - "name" : "25787", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25787" - }, - { - "name" : "squirrelmail-multiple-scripts-csrf(34219)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2732", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2732" + }, + { + "name": "25200", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25200" + }, + { + "name": "ADV-2007-1748", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1748" + }, + { + "name": "25320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25320" + }, + { + "name": "APPLE-SA-2007-07-31", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" + }, + { + "name": "squirrelmail-multiple-scripts-csrf(34219)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34219" + }, + { + "name": "http://www.squirrelmail.org/security/issue/2007-05-09", + "refsource": "CONFIRM", + "url": "http://www.squirrelmail.org/security/issue/2007-05-09" + }, + { + "name": "MDKSA-2007:106", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:106" + }, + { + "name": "SUSE-SR:2007:013", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=306172", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306172" + }, + { + "name": "oval:org.mitre.oval:def:11448", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11448" + }, + { + "name": "RHSA-2007:0358", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2007-0358.html" + }, + { + "name": "25159", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25159" + }, + { + "name": "35889", + "refsource": "OSVDB", + "url": "http://osvdb.org/35889" + }, + { + "name": "25787", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25787" + }, + { + "name": "26235", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26235" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2737.json b/2007/2xxx/CVE-2007-2737.json index 82b70221af2..17202c0228c 100644 --- a/2007/2xxx/CVE-2007-2737.json +++ b/2007/2xxx/CVE-2007-2737.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2737", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the MyConference 1.0 module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2737", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2007-1830", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1830" - }, - { - "name" : "37920", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37920" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the MyConference 1.0 module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1830", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1830" + }, + { + "name": "37920", + "refsource": "OSVDB", + "url": "http://osvdb.org/37920" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2752.json b/2007/2xxx/CVE-2007-2752.json index 4a65240de3d..2eae33a5277 100644 --- a/2007/2xxx/CVE-2007-2752.json +++ b/2007/2xxx/CVE-2007-2752.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2752", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2752", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3936", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3936" - }, - { - "name" : "24018", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24018" - }, - { - "name" : "ADV-2007-1853", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1853" - }, - { - "name" : "36092", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36092" - }, - { - "name" : "25304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25304" - }, - { - "name" : "runaway-devami-sql-injection(34491)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34491" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24018", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24018" + }, + { + "name": "36092", + "refsource": "OSVDB", + "url": "http://osvdb.org/36092" + }, + { + "name": "runaway-devami-sql-injection(34491)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34491" + }, + { + "name": "ADV-2007-1853", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1853" + }, + { + "name": "25304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25304" + }, + { + "name": "3936", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3936" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0082.json b/2010/0xxx/CVE-2010-0082.json index 81311ff3343..a3adfc3999a 100644 --- a/2010/0xxx/CVE-2010-0082.json +++ b/2010/0xxx/CVE-2010-0082.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0082", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0082", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html" - }, - { - "name" : "http://support.apple.com/kb/HT4170", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4170" - }, - { - "name" : "http://support.apple.com/kb/HT4171", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4171" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" - }, - { - "name" : "APPLE-SA-2010-05-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" - }, - { - "name" : "APPLE-SA-2010-05-18-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" - }, - { - "name" : "HPSBMA02547", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" - }, - { - "name" : "SSRT100179", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "HPSBUX02524", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2" - }, - { - "name" : "SSRT100089", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2" - }, - { - "name" : "MDVSA-2010:084", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" - }, - { - "name" : "RHSA-2010:0337", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0337.html" - }, - { - "name" : "RHSA-2010:0338", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0338.html" - }, - { - "name" : "RHSA-2010:0339", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0339.html" - }, - { - "name" : "SUSE-SR:2010:008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" - }, - { - "name" : "SUSE-SR:2010:011", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" - }, - { - "name" : "USN-923-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-923-1" - }, - { - "name" : "oval:org.mitre.oval:def:11576", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11576" - }, - { - "name" : "oval:org.mitre.oval:def:13934", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13934" - }, - { - "name" : "39292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39292" - }, - { - "name" : "39317", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39317" - }, - { - "name" : "39819", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39819" - }, - { - "name" : "40545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40545" - }, - { - "name" : "43308", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43308" - }, - { - "name" : "ADV-2010-1107", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1107" - }, - { - "name" : "ADV-2010-1191", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1191" - }, - { - "name" : "ADV-2010-1793", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2010-05-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "39317", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39317" + }, + { + "name": "40545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40545" + }, + { + "name": "39819", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39819" + }, + { + "name": "oval:org.mitre.oval:def:13934", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13934" + }, + { + "name": "ADV-2010-1107", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1107" + }, + { + "name": "RHSA-2010:0338", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html" + }, + { + "name": "ADV-2010-1793", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1793" + }, + { + "name": "APPLE-SA-2010-05-18-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" + }, + { + "name": "SUSE-SR:2010:011", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" + }, + { + "name": "43308", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43308" + }, + { + "name": "SSRT100179", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" + }, + { + "name": "SSRT100089", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html" + }, + { + "name": "RHSA-2010:0339", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html" + }, + { + "name": "HPSBUX02524", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" + }, + { + "name": "oval:org.mitre.oval:def:11576", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11576" + }, + { + "name": "39292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39292" + }, + { + "name": "http://support.apple.com/kb/HT4170", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4170" + }, + { + "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" + }, + { + "name": "SUSE-SR:2010:008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" + }, + { + "name": "USN-923-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-923-1" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "RHSA-2010:0337", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html" + }, + { + "name": "HPSBMA02547", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" + }, + { + "name": "http://support.apple.com/kb/HT4171", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4171" + }, + { + "name": "MDVSA-2010:084", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + }, + { + "name": "ADV-2010-1191", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1191" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0635.json b/2010/0xxx/CVE-2010-0635.json index c226e05a0b7..435698c3fe3 100644 --- a/2010/0xxx/CVE-2010-0635.json +++ b/2010/0xxx/CVE-2010-0635.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0635", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0635", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.jevents.net/forum/viewtopic.php?f=17&t=3910#p15526", - "refsource" : "CONFIRM", - "url" : "http://www.jevents.net/forum/viewtopic.php?f=17&t=3910#p15526" - }, - { - "name" : "38050", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38050" - }, - { - "name" : "38404", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38050", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38050" + }, + { + "name": "http://www.jevents.net/forum/viewtopic.php?f=17&t=3910#p15526", + "refsource": "CONFIRM", + "url": "http://www.jevents.net/forum/viewtopic.php?f=17&t=3910#p15526" + }, + { + "name": "38404", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38404" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0774.json b/2010/0xxx/CVE-2010-0774.json index e4a096cf26e..45cc5403b34 100644 --- a/2010/0xxx/CVE-2010-0774.json +++ b/2010/0xxx/CVE-2010-0774.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0774", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 do not properly handle WebServices PKCS#7 and PKIPath tokens, which allows remote attackers to bypass intended access restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PK96427", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PK96427" - }, - { - "name" : "was-pkipath-security-bypass(58554)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58554" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 do not properly handle WebServices PKCS#7 and PKIPath tokens, which allows remote attackers to bypass intended access restrictions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "was-pkipath-security-bypass(58554)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58554" + }, + { + "name": "PK96427", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK96427" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0813.json b/2010/0xxx/CVE-2010-0813.json index 7d4af40750d..aadcb59c938 100644 --- a/2010/0xxx/CVE-2010-0813.json +++ b/2010/0xxx/CVE-2010-0813.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0813", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2010-0813", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1060.json b/2010/1xxx/CVE-2010-1060.json index c7848965dd8..56ddd0e97d5 100644 --- a/2010/1xxx/CVE-2010-1060.json +++ b/2010/1xxx/CVE-2010-1060.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1060", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1003-exploits/shorturl-lfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1003-exploits/shorturl-lfi.txt" - }, - { - "name" : "11775", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/11775" - }, - { - "name" : "38731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38731" - }, - { - "name" : "38968", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38968", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38968" + }, + { + "name": "38731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38731" + }, + { + "name": "http://packetstormsecurity.org/1003-exploits/shorturl-lfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1003-exploits/shorturl-lfi.txt" + }, + { + "name": "11775", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/11775" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1713.json b/2010/1xxx/CVE-2010-1713.json index 38157e189b3..be5d43bb53b 100644 --- a/2010/1xxx/CVE-2010-1713.json +++ b/2010/1xxx/CVE-2010-1713.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1004-exploits/postnukemodload-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/postnukemodload-sql.txt" - }, - { - "name" : "12410", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12410" - }, - { - "name" : "39713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39713" - }, - { - "name" : "modload-index-sql-injection(58204)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39713" + }, + { + "name": "modload-index-sql-injection(58204)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58204" + }, + { + "name": "http://packetstormsecurity.org/1004-exploits/postnukemodload-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/postnukemodload-sql.txt" + }, + { + "name": "12410", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12410" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3506.json b/2010/3xxx/CVE-2010-3506.json index bdec1106392..1db64d6a13e 100644 --- a/2010/3xxx/CVE-2010-3506.json +++ b/2010/3xxx/CVE-2010-3506.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-3506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - }, - { - "name" : "TA10-287A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + }, + { + "name": "TA10-287A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3549.json b/2010/3xxx/CVE-2010-3549.json index 251ced2f550..6d346d6da01 100644 --- a/2010/3xxx/CVE-2010-3549.json +++ b/2010/3xxx/CVE-2010-3549.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3549", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-3549", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100114315", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100114315" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100114327", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100114327" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=642180", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=642180" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100123193", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100123193" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "FEDORA-2010-16240", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" - }, - { - "name" : "FEDORA-2010-16294", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" - }, - { - "name" : "FEDORA-2010-16312", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "HPSBUX02608", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" - }, - { - "name" : "SSRT100333", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "RHSA-2010:0770", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0770.html" - }, - { - "name" : "RHSA-2010:0786", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0786.html" - }, - { - "name" : "RHSA-2010:0807", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0807.html" - }, - { - "name" : "RHSA-2010:0768", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0768.html" - }, - { - "name" : "RHSA-2010:0865", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0865.html" - }, - { - "name" : "RHSA-2010:0873", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0873.html" - }, - { - "name" : "RHSA-2010:0986", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0986.html" - }, - { - "name" : "RHSA-2010:0987", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0987.html" - }, - { - "name" : "RHSA-2011:0880", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0880.html" - }, - { - "name" : "SUSE-SA:2010:061", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" - }, - { - "name" : "SUSE-SR:2010:019", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" - }, - { - "name" : "USN-1010-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1010-1" - }, - { - "name" : "44027", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44027" - }, - { - "name" : "oval:org.mitre.oval:def:11559", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11559" - }, - { - "name" : "oval:org.mitre.oval:def:14340", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14340" - }, - { - "name" : "41967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41967" - }, - { - "name" : "41972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41972" - }, - { - "name" : "42974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42974" - }, - { - "name" : "44954", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44954" - }, - { - "name" : "ADV-2010-2745", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2745" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.avaya.com/css/P8/documents/100114327", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100114327" + }, + { + "name": "RHSA-2010:0865", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100114315", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100114315" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "SUSE-SA:2010:061", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" + }, + { + "name": "RHSA-2010:0770", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" + }, + { + "name": "SSRT100333", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" + }, + { + "name": "RHSA-2010:0768", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html" + }, + { + "name": "FEDORA-2010-16240", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" + }, + { + "name": "USN-1010-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1010-1" + }, + { + "name": "oval:org.mitre.oval:def:11559", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11559" + }, + { + "name": "RHSA-2010:0987", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" + }, + { + "name": "RHSA-2010:0986", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html" + }, + { + "name": "44954", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44954" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=642180", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=642180" + }, + { + "name": "RHSA-2011:0880", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" + }, + { + "name": "RHSA-2010:0873", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0873.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "42974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42974" + }, + { + "name": "41972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41972" + }, + { + "name": "HPSBUX02608", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100123193", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100123193" + }, + { + "name": "RHSA-2010:0786", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html" + }, + { + "name": "44027", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44027" + }, + { + "name": "SUSE-SR:2010:019", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" + }, + { + "name": "oval:org.mitre.oval:def:14340", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14340" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + }, + { + "name": "41967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41967" + }, + { + "name": "RHSA-2010:0807", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" + }, + { + "name": "FEDORA-2010-16312", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" + }, + { + "name": "ADV-2010-2745", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2745" + }, + { + "name": "FEDORA-2010-16294", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3672.json b/2010/3xxx/CVE-2010-3672.json index 66f40f6c923..9be80f091ba 100644 --- a/2010/3xxx/CVE-2010-3672.json +++ b/2010/3xxx/CVE-2010-3672.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3672", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3672", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4108.json b/2010/4xxx/CVE-2010-4108.json index 8f442c8a6d1..16da2552276 100644 --- a/2010/4xxx/CVE-2010-4108.json +++ b/2010/4xxx/CVE-2010-4108.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4108", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2010-4108", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX02611", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02586517" - }, - { - "name" : "SSRT090201", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02586517" - }, - { - "name" : "45219", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45219" - }, - { - "name" : "oval:org.mitre.oval:def:11945", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11945" - }, - { - "name" : "42499", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42499" - }, - { - "name" : "ADV-2010-3130", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3130" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:11945", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11945" + }, + { + "name": "42499", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42499" + }, + { + "name": "ADV-2010-3130", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3130" + }, + { + "name": "45219", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45219" + }, + { + "name": "SSRT090201", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02586517" + }, + { + "name": "HPSBUX02611", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02586517" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4160.json b/2010/4xxx/CVE-2010-4160.json index 0e48245c837..33774ae470b 100644 --- a/2010/4xxx/CVE-2010-4160.json +++ b/2010/4xxx/CVE-2010-4160.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4160", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4160", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[netdev] 20101027 Re: [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size()", - "refsource" : "MLIST", - "url" : "http://www.spinics.net/lists/netdev/msg145248.html" - }, - { - "name" : "[netdev] 20101031 [SECURITY] L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://www.spinics.net/lists/netdev/msg145673.html" - }, - { - "name" : "[oss-security] 20101110 CVE request: kernel: L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/11/10/5" - }, - { - "name" : "[oss-security] 20101110 Re: CVE request: kernel: L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/11/10/16" - }, - { - "name" : "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/11/24/4" - }, - { - "name" : "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/11/24/5" - }, - { - "name" : "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/11/24/6" - }, - { - "name" : "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/11/24/12" - }, - { - "name" : "http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/", - "refsource" : "MISC", - "url" : "http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=253eacc070b114c2ec1f81b067d2fed7305467b0", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=253eacc070b114c2ec1f81b067d2fed7305467b0" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8acfe468b0384e834a303f08ebc4953d72fb690a", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8acfe468b0384e834a303f08ebc4953d72fb690a" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=651892", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=651892" - }, - { - "name" : "RHSA-2011:0007", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0007.html" - }, - { - "name" : "SUSE-SA:2011:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html" - }, - { - "name" : "SUSE-SA:2011:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html" - }, - { - "name" : "SUSE-SA:2011:005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html" - }, - { - "name" : "SUSE-SA:2011:008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" - }, - { - "name" : "44762", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44762" - }, - { - "name" : "42801", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42801" - }, - { - "name" : "42932", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42932" - }, - { - "name" : "42890", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42890" - }, - { - "name" : "43056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43056" - }, - { - "name" : "43291", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43291" - }, - { - "name" : "ADV-2011-0012", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0012" - }, - { - "name" : "ADV-2011-0124", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0124" - }, - { - "name" : "ADV-2011-0213", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0213" - }, - { - "name" : "ADV-2011-0375", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0375" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43056" + }, + { + "name": "SUSE-SA:2011:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html" + }, + { + "name": "42801", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42801" + }, + { + "name": "SUSE-SA:2011:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html" + }, + { + "name": "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/11/24/6" + }, + { + "name": "42932", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42932" + }, + { + "name": "RHSA-2011:0007", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0007.html" + }, + { + "name": "ADV-2011-0124", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0124" + }, + { + "name": "[netdev] 20101031 [SECURITY] L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://www.spinics.net/lists/netdev/msg145673.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2" + }, + { + "name": "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/11/24/12" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=651892", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=651892" + }, + { + "name": "SUSE-SA:2011:005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html" + }, + { + "name": "ADV-2011-0375", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0375" + }, + { + "name": "42890", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42890" + }, + { + "name": "ADV-2011-0012", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0012" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8acfe468b0384e834a303f08ebc4953d72fb690a", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8acfe468b0384e834a303f08ebc4953d72fb690a" + }, + { + "name": "44762", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44762" + }, + { + "name": "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/11/24/4" + }, + { + "name": "SUSE-SA:2011:008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" + }, + { + "name": "[oss-security] 20101110 CVE request: kernel: L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/11/10/5" + }, + { + "name": "http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/", + "refsource": "MISC", + "url": "http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/" + }, + { + "name": "[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/11/24/5" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=253eacc070b114c2ec1f81b067d2fed7305467b0", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=253eacc070b114c2ec1f81b067d2fed7305467b0" + }, + { + "name": "43291", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43291" + }, + { + "name": "[oss-security] 20101110 Re: CVE request: kernel: L2TP send buffer allocation size overflows", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/11/10/16" + }, + { + "name": "ADV-2011-0213", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0213" + }, + { + "name": "[netdev] 20101027 Re: [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size()", + "refsource": "MLIST", + "url": "http://www.spinics.net/lists/netdev/msg145248.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4403.json b/2010/4xxx/CVE-2010-4403.json index 692d4787768..2d758e65513 100644 --- a/2010/4xxx/CVE-2010-4403.json +++ b/2010/4xxx/CVE-2010-4403.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20101125 [Suspected Spam]Vulnerabilities in Register Plus for WordPress", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/514903/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.org/files/view/96143/registerplus-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/files/view/96143/registerplus-xss.txt" - }, - { - "name" : "http://websecurity.com.ua/4539", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/4539" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://websecurity.com.ua/4539", + "refsource": "MISC", + "url": "http://websecurity.com.ua/4539" + }, + { + "name": "http://packetstormsecurity.org/files/view/96143/registerplus-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/files/view/96143/registerplus-xss.txt" + }, + { + "name": "20101125 [Suspected Spam]Vulnerabilities in Register Plus for WordPress", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/514903/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4791.json b/2010/4xxx/CVE-2010-4791.json index e3b5494d2ca..69fdddc7dc1 100644 --- a/2010/4xxx/CVE-2010-4791.json +++ b/2010/4xxx/CVE-2010-4791.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4791", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the album_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4791", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15227", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15227" - }, - { - "name" : "http://packetstormsecurity.org/1010-exploits/phpfusionmguser-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1010-exploits/phpfusionmguser-sql.txt" - }, - { - "name" : "43901", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43901" - }, - { - "name" : "41752", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41752" - }, - { - "name" : "8219", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8219" - }, - { - "name" : "phpfusion-fotoalbum-oalbum-sql-injection(62382)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62382" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the album_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41752", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41752" + }, + { + "name": "8219", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8219" + }, + { + "name": "phpfusion-fotoalbum-oalbum-sql-injection(62382)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62382" + }, + { + "name": "43901", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43901" + }, + { + "name": "15227", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15227" + }, + { + "name": "http://packetstormsecurity.org/1010-exploits/phpfusionmguser-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1010-exploits/phpfusionmguser-sql.txt" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0083.json b/2014/0xxx/CVE-2014-0083.json index 7e81e825b04..9a3a00c1a3b 100644 --- a/2014/0xxx/CVE-2014-0083.json +++ b/2014/0xxx/CVE-2014-0083.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0083", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0083", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0264.json b/2014/0xxx/CVE-2014-0264.json index c644ef5483b..00ab1e6942c 100644 --- a/2014/0xxx/CVE-2014-0264.json +++ b/2014/0xxx/CVE-2014-0264.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0264", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-0264", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0311.json b/2014/0xxx/CVE-2014-0311.json index 82aae031027..7089af23936 100644 --- a/2014/0xxx/CVE-2014-0311.json +++ b/2014/0xxx/CVE-2014-0311.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0311", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0299 and CVE-2014-0305." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0311", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-012", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0299 and CVE-2014-0305." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-012", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4278.json b/2014/4xxx/CVE-2014-4278.json index ee1c8b8c02e..497bed5ecfa 100644 --- a/2014/4xxx/CVE-2014-4278.json +++ b/2014/4xxx/CVE-2014-4278.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4278", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Forms." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4278", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "70475", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70475" - }, - { - "name" : "1031042", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031042" - }, - { - "name" : "61781", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61781" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Forms." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "61781", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61781" + }, + { + "name": "70475", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70475" + }, + { + "name": "1031042", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031042" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8302.json b/2014/8xxx/CVE-2014-8302.json index 237323690da..a72cd28e7d8 100644 --- a/2014/8xxx/CVE-2014-8302.json +++ b/2014/8xxx/CVE-2014-8302.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.splunk.com/view/SP-CAAANHS", - "refsource" : "CONFIRM", - "url" : "http://www.splunk.com/view/SP-CAAANHS" - }, - { - "name" : "1030994", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1030994", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030994" + }, + { + "name": "http://www.splunk.com/view/SP-CAAANHS", + "refsource": "CONFIRM", + "url": "http://www.splunk.com/view/SP-CAAANHS" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8685.json b/2014/8xxx/CVE-2014-8685.json index d41e996c870..ac43654f35b 100644 --- a/2014/8xxx/CVE-2014-8685.json +++ b/2014/8xxx/CVE-2014-8685.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8685", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8685", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8765.json b/2014/8xxx/CVE-2014-8765.json index 994411c13e7..d0ac5c28eb3 100644 --- a/2014/8xxx/CVE-2014-8765.json +++ b/2014/8xxx/CVE-2014-8765.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Project Issue File Review module (PIFR) module 6.x-2.x before 6.x-2.17 for Drupal allow (1) remote attackers to inject arbitrary web script or HTML via a crafted patch, which triggers a PIFR client to test the patch and return the results to the PIFR_Server test results page or (2) remote authenticated users with the \"manage PIFR environments\" permission to inject arbitrary web script or HTML via vectors involving a PIFR_Server administrative page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2205767", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2205767" - }, - { - "name" : "https://www.drupal.org/node/2205755", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2205755" - }, - { - "name" : "65830", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65830" - }, - { - "name" : "57030", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57030" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Project Issue File Review module (PIFR) module 6.x-2.x before 6.x-2.17 for Drupal allow (1) remote attackers to inject arbitrary web script or HTML via a crafted patch, which triggers a PIFR client to test the patch and return the results to the PIFR_Server test results page or (2) remote authenticated users with the \"manage PIFR environments\" permission to inject arbitrary web script or HTML via vectors involving a PIFR_Server administrative page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2205767", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2205767" + }, + { + "name": "65830", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65830" + }, + { + "name": "https://www.drupal.org/node/2205755", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2205755" + }, + { + "name": "57030", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57030" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9119.json b/2014/9xxx/CVE-2014-9119.json index d8dc9e41ace..b140e69da61 100644 --- a/2014/9xxx/CVE-2014-9119.json +++ b/2014/9xxx/CVE-2014-9119.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9119", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9119", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20141216 CVE-2014-9119: DB Backup plugin for WordPress download.php file Parameter Remote Path Traversal File Access", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q4/1059" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/7726", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/7726" - }, - { - "name" : "dbbackup-wordpress-cve20149119-dir-traversal(99368)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99368" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "dbbackup-wordpress-cve20149119-dir-traversal(99368)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99368" + }, + { + "name": "[oss-security] 20141216 CVE-2014-9119: DB Backup plugin for WordPress download.php file Parameter Remote Path Traversal File Access", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q4/1059" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/7726", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/7726" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9179.json b/2014/9xxx/CVE-2014-9179.json index 4543b8489b2..88edc7d91a1 100644 --- a/2014/9xxx/CVE-2014-9179.json +++ b/2014/9xxx/CVE-2014-9179.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9179", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the \"URL (optional)\" field in a new ticket." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9179", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/129103/WordPress-SupportEzzy-Ticket-System-1.2.5-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129103/WordPress-SupportEzzy-Ticket-System-1.2.5-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the \"URL (optional)\" field in a new ticket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/129103/WordPress-SupportEzzy-Ticket-System-1.2.5-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129103/WordPress-SupportEzzy-Ticket-System-1.2.5-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9259.json b/2014/9xxx/CVE-2014-9259.json index d505842020c..f6fc3b066b0 100644 --- a/2014/9xxx/CVE-2014-9259.json +++ b/2014/9xxx/CVE-2014-9259.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9259", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9259", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9859.json b/2014/9xxx/CVE-2014-9859.json index 89a97a7e6f0..4a84e19da41 100644 --- a/2014/9xxx/CVE-2014-9859.json +++ b/2014/9xxx/CVE-2014-9859.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9859", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9859", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9963.json b/2014/9xxx/CVE-2014-9963.json index 43fb9fd5956..2ab33b3a87a 100644 --- a/2014/9xxx/CVE-2014-9963.json +++ b/2014/9xxx/CVE-2014-9963.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2014-9963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2014-9963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3131.json b/2016/3xxx/CVE-2016-3131.json index 8b7dd89f9e6..7771ef97151 100644 --- a/2016/3xxx/CVE-2016-3131.json +++ b/2016/3xxx/CVE-2016-3131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3131", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3131", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3233.json b/2016/3xxx/CVE-2016-3233.json index b69f2ddc132..eb9d403223b 100644 --- a/2016/3xxx/CVE-2016-3233.json +++ b/2016/3xxx/CVE-2016-3233.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3233", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-070", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-070" - }, - { - "name" : "1036093", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036093" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-070", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-070" + }, + { + "name": "1036093", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036093" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6149.json b/2016/6xxx/CVE-2016-6149.json index d81d109a67b..c2a3417385f 100644 --- a/2016/6xxx/CVE-2016-6149.json +++ b/2016/6xxx/CVE-2016-6149.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6149", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6149", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160819 Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information disclosure in EXPORT", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Aug/97" - }, - { - "name" : "20160822 Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information disclosure in EXPORT", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Aug/108" - }, - { - "name" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-january-2016", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-january-2016" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/sap-hana-information-disclosure-export", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/sap-hana-information-disclosure-export" - }, - { - "name" : "http://packetstormsecurity.com/files/138456/SAP-HANA-SPS09-1.00.091.00.1418659308-EXPORT-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138456/SAP-HANA-SPS09-1.00.091.00.1418659308-EXPORT-Information-Disclosure.html" - }, - { - "name" : "92061", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92061" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160822 Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information disclosure in EXPORT", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Aug/108" + }, + { + "name": "http://packetstormsecurity.com/files/138456/SAP-HANA-SPS09-1.00.091.00.1418659308-EXPORT-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138456/SAP-HANA-SPS09-1.00.091.00.1418659308-EXPORT-Information-Disclosure.html" + }, + { + "name": "https://www.onapsis.com/research/security-advisories/sap-hana-information-disclosure-export", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/sap-hana-information-disclosure-export" + }, + { + "name": "https://www.onapsis.com/blog/analyzing-sap-security-notes-january-2016", + "refsource": "MISC", + "url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-january-2016" + }, + { + "name": "92061", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92061" + }, + { + "name": "20160819 Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information disclosure in EXPORT", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Aug/97" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6402.json b/2016/6xxx/CVE-2016-6402.json index ce7aaf239da..9f73a73bac0 100644 --- a/2016/6xxx/CVE-2016-6402.json +++ b/2016/6xxx/CVE-2016-6402.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6402", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-6402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs" - }, - { - "name" : "92956", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92956" - }, - { - "name" : "1036831", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036831" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036831", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036831" + }, + { + "name": "92956", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92956" + }, + { + "name": "20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7259.json b/2016/7xxx/CVE-2016-7259.json index deb789e5e16..724ecddb471 100644 --- a/2016/7xxx/CVE-2016-7259.json +++ b/2016/7xxx/CVE-2016-7259.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161214 Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539919/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/140172/Microsoft-Windows-Type-1-Font-Processing-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/140172/Microsoft-Windows-Type-1-Font-Processing-Privilege-Escalation.html" - }, - { - "name" : "http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html", - "refsource" : "MISC", - "url" : "http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html" - }, - { - "name" : "MS16-151", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-151" - }, - { - "name" : "94771", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94771" - }, - { - "name" : "1037452", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037452" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html", + "refsource": "MISC", + "url": "http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html" + }, + { + "name": "MS16-151", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-151" + }, + { + "name": "1037452", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037452" + }, + { + "name": "20161214 Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539919/100/0/threaded" + }, + { + "name": "94771", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94771" + }, + { + "name": "http://packetstormsecurity.com/files/140172/Microsoft-Windows-Type-1-Font-Processing-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/140172/Microsoft-Windows-Type-1-Font-Processing-Privilege-Escalation.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7289.json b/2016/7xxx/CVE-2016-7289.json index 8a3e44e1627..3bd363d450a 100644 --- a/2016/7xxx/CVE-2016-7289.json +++ b/2016/7xxx/CVE-2016-7289.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://fortiguard.com/advisory/FG-VD-16-068", - "refsource" : "MISC", - "url" : "http://fortiguard.com/advisory/FG-VD-16-068" - }, - { - "name" : "MS16-148", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148" - }, - { - "name" : "94718", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94718" - }, - { - "name" : "1037441", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94718", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94718" + }, + { + "name": "MS16-148", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148" + }, + { + "name": "http://fortiguard.com/advisory/FG-VD-16-068", + "refsource": "MISC", + "url": "http://fortiguard.com/advisory/FG-VD-16-068" + }, + { + "name": "1037441", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037441" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7559.json b/2016/7xxx/CVE-2016-7559.json index 5d57058a1d5..4c88ce4b458 100644 --- a/2016/7xxx/CVE-2016-7559.json +++ b/2016/7xxx/CVE-2016-7559.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7559", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7559", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7713.json b/2016/7xxx/CVE-2016-7713.json index 3e5e2b7cb1e..f9200196a44 100644 --- a/2016/7xxx/CVE-2016-7713.json +++ b/2016/7xxx/CVE-2016-7713.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7713", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7713", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7727.json b/2016/7xxx/CVE-2016-7727.json index d615a7aec2f..9192f21a899 100644 --- a/2016/7xxx/CVE-2016-7727.json +++ b/2016/7xxx/CVE-2016-7727.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7727", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7727", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8021.json b/2016/8xxx/CVE-2016-8021.json index bd5c4bfa731..d0927487efc 100644 --- a/2016/8xxx/CVE-2016-8021.json +++ b/2016/8xxx/CVE-2016-8021.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "ID" : "CVE-2016-8021", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VirusScan Enterprise Linux (VSEL)", - "version" : { - "version_data" : [ - { - "version_value" : "2.0.3 (and earlier)" - } - ] - } - } - ] - }, - "vendor_name" : "Intel" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper verification of cryptographic signature vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "ID": "CVE-2016-8021", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VirusScan Enterprise Linux (VSEL)", + "version": { + "version_data": [ + { + "version_value": "2.0.3 (and earlier)" + } + ] + } + } + ] + }, + "vendor_name": "Intel" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40911", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40911/" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181" - }, - { - "name" : "94823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94823" - }, - { - "name" : "1037433", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037433" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper verification of cryptographic signature vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94823" + }, + { + "name": "1037433", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037433" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181" + }, + { + "name": "40911", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40911/" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8082.json b/2016/8xxx/CVE-2016-8082.json index 546ef803be0..e456b747c40 100644 --- a/2016/8xxx/CVE-2016-8082.json +++ b/2016/8xxx/CVE-2016-8082.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8082", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8082", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file