From 8c1f84f967c522e1b713efff62425431634bd8b4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:26:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2004/0xxx/CVE-2004-0706.json | 150 ++++----- 2004/1xxx/CVE-2004-1134.json | 140 ++++----- 2004/1xxx/CVE-2004-1520.json | 150 ++++----- 2004/1xxx/CVE-2004-1631.json | 150 ++++----- 2004/1xxx/CVE-2004-1897.json | 170 +++++----- 2008/2xxx/CVE-2008-2172.json | 160 +++++----- 2008/2xxx/CVE-2008-2225.json | 140 ++++----- 2008/2xxx/CVE-2008-2405.json | 170 +++++----- 2008/2xxx/CVE-2008-2896.json | 140 ++++----- 2008/3xxx/CVE-2008-3144.json | 480 ++++++++++++++--------------- 2008/3xxx/CVE-2008-3378.json | 160 +++++----- 2008/3xxx/CVE-2008-3535.json | 220 ++++++------- 2008/3xxx/CVE-2008-3632.json | 290 ++++++++--------- 2008/4xxx/CVE-2008-4761.json | 150 ++++----- 2008/6xxx/CVE-2008-6092.json | 150 ++++----- 2008/6xxx/CVE-2008-6113.json | 150 ++++----- 2008/6xxx/CVE-2008-6531.json | 160 +++++----- 2013/2xxx/CVE-2013-2105.json | 140 ++++----- 2013/2xxx/CVE-2013-2167.json | 34 +- 2013/2xxx/CVE-2013-2545.json | 34 +- 2017/11xxx/CVE-2017-11420.json | 130 ++++---- 2017/11xxx/CVE-2017-11487.json | 34 +- 2017/11xxx/CVE-2017-11955.json | 34 +- 2017/14xxx/CVE-2017-14167.json | 250 +++++++-------- 2017/14xxx/CVE-2017-14564.json | 120 ++++---- 2017/14xxx/CVE-2017-14981.json | 130 ++++---- 2017/15xxx/CVE-2017-15025.json | 140 ++++----- 2017/15xxx/CVE-2017-15045.json | 120 ++++---- 2017/15xxx/CVE-2017-15450.json | 34 +- 2017/15xxx/CVE-2017-15608.json | 130 ++++---- 2017/8xxx/CVE-2017-8107.json | 34 +- 2017/8xxx/CVE-2017-8976.json | 132 ++++---- 2017/9xxx/CVE-2017-9611.json | 160 +++++----- 2017/9xxx/CVE-2017-9841.json | 170 +++++----- 2017/9xxx/CVE-2017-9972.json | 34 +- 2018/0xxx/CVE-2018-0121.json | 130 ++++---- 2018/1000xxx/CVE-2018-1000095.json | 134 ++++---- 2018/1000xxx/CVE-2018-1000528.json | 156 +++++----- 2018/1000xxx/CVE-2018-1000639.json | 136 ++++---- 2018/1000xxx/CVE-2018-1000664.json | 126 ++++---- 2018/12xxx/CVE-2018-12023.json | 78 ++++- 2018/12xxx/CVE-2018-12250.json | 34 +- 2018/12xxx/CVE-2018-12595.json | 34 +- 2018/12xxx/CVE-2018-12766.json | 140 ++++----- 2018/13xxx/CVE-2018-13665.json | 130 ++++---- 2018/16xxx/CVE-2018-16167.json | 130 ++++---- 2018/16xxx/CVE-2018-16255.json | 34 +- 2018/16xxx/CVE-2018-16559.json | 34 +- 2018/4xxx/CVE-2018-4091.json | 140 ++++----- 2018/4xxx/CVE-2018-4409.json | 34 +- 2018/4xxx/CVE-2018-4755.json | 34 +- 2018/4xxx/CVE-2018-4816.json | 34 +- 52 files changed, 3301 insertions(+), 3227 deletions(-) diff --git a/2004/0xxx/CVE-2004-0706.json b/2004/0xxx/CVE-2004-0706.json index 6163365a587..a211711c521 100644 --- a/2004/0xxx/CVE-2004-0706.json +++ b/2004/0xxx/CVE-2004-0706.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040710 [BUGZILLA] Multiple vulnerabilities in Bugzilla 2.16.5 and 2.17.7", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108965446813639&w=2" - }, - { - "name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=235510", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=235510" - }, - { - "name" : "bugzilla-chart-view-password(16669)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16669" - }, - { - "name" : "10698", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10698" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=235510", + "refsource": "CONFIRM", + "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=235510" + }, + { + "name": "10698", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10698" + }, + { + "name": "20040710 [BUGZILLA] Multiple vulnerabilities in Bugzilla 2.16.5 and 2.17.7", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108965446813639&w=2" + }, + { + "name": "bugzilla-chart-view-password(16669)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16669" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1134.json b/2004/1xxx/CVE-2004-1134.json index 573dbb26df0..27ac31f2c09 100644 --- a/2004/1xxx/CVE-2004-1134.json +++ b/2004/1xxx/CVE-2004-1134.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1134", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1134", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041206 Multiple vulnerabilities in w3who ISAPI DLL", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=110234486823233&w=2" - }, - { - "name" : "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html", - "refsource" : "MISC", - "url" : "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html" - }, - { - "name" : "w3who-bo(18377)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20041206 Multiple vulnerabilities in w3who ISAPI DLL", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=110234486823233&w=2" + }, + { + "name": "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html", + "refsource": "MISC", + "url": "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html" + }, + { + "name": "w3who-bo(18377)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18377" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1520.json b/2004/1xxx/CVE-2004-1520.json index bd67d55271e..21dc833ace8 100644 --- a/2004/1xxx/CVE-2004-1520.json +++ b/2004/1xxx/CVE-2004-1520.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1520", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1520", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041112 IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110037283803560&w=2" - }, - { - "name" : "11675", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11675" - }, - { - "name" : "13200", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13200" - }, - { - "name" : "ipswitch-delete-bo(18058)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "13200", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13200" + }, + { + "name": "20041112 IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110037283803560&w=2" + }, + { + "name": "ipswitch-delete-bo(18058)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18058" + }, + { + "name": "11675", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11675" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1631.json b/2004/1xxx/CVE-2004-1631.json index 165f34fde93..6eabb640279 100644 --- a/2004/1xxx/CVE-2004-1631.json +++ b/2004/1xxx/CVE-2004-1631.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041024 Two Vulnerabilities in OpenWFE Web Client", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109876304705234&w=2" - }, - { - "name" : "11514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11514" - }, - { - "name" : "12970", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12970" - }, - { - "name" : "openwfe-rmi-obtain-information(17852)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11514" + }, + { + "name": "openwfe-rmi-obtain-information(17852)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17852" + }, + { + "name": "12970", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12970" + }, + { + "name": "20041024 Two Vulnerabilities in OpenWFE Web Client", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109876304705234&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1897.json b/2004/1xxx/CVE-2004-1897.json index 165bbb8f374..a715e3a9ffe 100644 --- a/2004/1xxx/CVE-2004-1897.json +++ b/2004/1xxx/CVE-2004-1897.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1897", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040405 Advisory: Multiple Vulnerabilities in Monit", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108119149103696&w=2" - }, - { - "name" : "http://www.tildeslash.com/monit/changes.html", - "refsource" : "MISC", - "url" : "http://www.tildeslash.com/monit/changes.html" - }, - { - "name" : "http://www.tildeslash.com/monit/secadv_20040305.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tildeslash.com/monit/secadv_20040305.txt" - }, - { - "name" : "10051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10051" - }, - { - "name" : "11304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11304" - }, - { - "name" : "monit-basic-auth-dos(15734)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.tildeslash.com/monit/changes.html", + "refsource": "MISC", + "url": "http://www.tildeslash.com/monit/changes.html" + }, + { + "name": "10051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10051" + }, + { + "name": "http://www.tildeslash.com/monit/secadv_20040305.txt", + "refsource": "CONFIRM", + "url": "http://www.tildeslash.com/monit/secadv_20040305.txt" + }, + { + "name": "20040405 Advisory: Multiple Vulnerabilities in Monit", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108119149103696&w=2" + }, + { + "name": "11304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11304" + }, + { + "name": "monit-basic-auth-dos(15734)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15734" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2172.json b/2008/2xxx/CVE-2008-2172.json index 0629122d78d..d6ac6c0cf10 100644 --- a/2008/2xxx/CVE-2008-2172.json +++ b/2008/2xxx/CVE-2008-2172.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Hitachi GR routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/MIMG-79UV2A", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/MIMG-79UV2A" - }, - { - "name" : "VU#929656", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/929656" - }, - { - "name" : "28999", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28999" - }, - { - "name" : "ADV-2008-1405", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1405" - }, - { - "name" : "30028", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30028" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Hitachi GR routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2008-1405", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1405" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MIMG-79UV2A", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/MIMG-79UV2A" + }, + { + "name": "30028", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30028" + }, + { + "name": "28999", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28999" + }, + { + "name": "VU#929656", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/929656" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2225.json b/2008/2xxx/CVE-2008-2225.json index e6cdcedca67..fb06d02e9fe 100644 --- a/2008/2xxx/CVE-2008-2225.json +++ b/2008/2xxx/CVE-2008-2225.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5555", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5555" - }, - { - "name" : "29093", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29093" - }, - { - "name" : "gamecmslite-index-sql-injection(42251)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "gamecmslite-index-sql-injection(42251)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42251" + }, + { + "name": "5555", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5555" + }, + { + "name": "29093", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29093" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2405.json b/2008/2xxx/CVE-2008-2405.json index 381eafa86fb..fb5aea8d68e 100644 --- a/2008/2xxx/CVE-2008-2405.json +++ b/2008/2xxx/CVE-2008-2405.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080603 Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=709" - }, - { - "name" : "238184", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1" - }, - { - "name" : "ADV-2008-1742", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1742/references" - }, - { - "name" : "1020190", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020190" - }, - { - "name" : "30523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30523" - }, - { - "name" : "sun-jsasp-command-execution(42829)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42829" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "238184", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1" + }, + { + "name": "ADV-2008-1742", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1742/references" + }, + { + "name": "30523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30523" + }, + { + "name": "20080603 Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=709" + }, + { + "name": "sun-jsasp-command-execution(42829)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42829" + }, + { + "name": "1020190", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020190" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2896.json b/2008/2xxx/CVE-2008-2896.json index a1701718d47..d8dc9affdb6 100644 --- a/2008/2xxx/CVE-2008-2896.json +++ b/2008/2xxx/CVE-2008-2896.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2896", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5871", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5871" - }, - { - "name" : "29843", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29843" - }, - { - "name" : "fireant-index-file-include(43229)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43229" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "fireant-index-file-include(43229)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43229" + }, + { + "name": "5871", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5871" + }, + { + "name": "29843", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29843" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3144.json b/2008/3xxx/CVE-2008-3144.json index 8028628a97d..0c4327d5d54 100644 --- a/2008/3xxx/CVE-2008-3144.json +++ b/2008/3xxx/CVE-2008-3144.json @@ -1,242 +1,242 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3144", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3144", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080813 rPSA-2008-0243-1 idle python", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/495445/100/0/threaded" - }, - { - "name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=232137", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=232137" - }, - { - "name" : "http://bugs.python.org/issue2588", - "refsource" : "CONFIRM", - "url" : "http://bugs.python.org/issue2588" - }, - { - "name" : "http://bugs.python.org/issue2589", - "refsource" : "CONFIRM", - "url" : "http://bugs.python.org/issue2589" - }, - { - "name" : "http://svn.python.org/view?rev=63728&view=rev", - "refsource" : "CONFIRM", - "url" : "http://svn.python.org/view?rev=63728&view=rev" - }, - { - "name" : "http://svn.python.org/view?rev=63734&view=rev", - "refsource" : "CONFIRM", - "url" : "http://svn.python.org/view?rev=63734&view=rev" - }, - { - "name" : "http://svn.python.org/view?rev=63883&view=rev", - "refsource" : "CONFIRM", - "url" : "http://svn.python.org/view?rev=63883&view=rev" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0243", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0243" - }, - { - "name" : "http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900" - }, - { - "name" : "http://support.apple.com/kb/HT3438", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3438" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" - }, - { - "name" : "APPLE-SA-2009-02-12", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" - }, - { - "name" : "DSA-1667", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1667" - }, - { - "name" : "GLSA-200807-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200807-16.xml" - }, - { - "name" : "MDVSA-2008:163", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:163" - }, - { - "name" : "MDVSA-2008:164", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:164" - }, - { - "name" : "SSA:2008-217-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289" - }, - { - "name" : "SUSE-SR:2008:017", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" - }, - { - "name" : "USN-632-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-632-1" - }, - { - "name" : "30491", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30491" - }, - { - "name" : "oval:org.mitre.oval:def:10170", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10170" - }, - { - "name" : "oval:org.mitre.oval:def:7725", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7725" - }, - { - "name" : "32793", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32793" - }, - { - "name" : "37471", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37471" - }, - { - "name" : "ADV-2008-2288", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2288" - }, - { - "name" : "31358", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31358" - }, - { - "name" : "31305", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31305" - }, - { - "name" : "31332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31332" - }, - { - "name" : "31365", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31365" - }, - { - "name" : "31518", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31518" - }, - { - "name" : "31687", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31687" - }, - { - "name" : "31473", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31473" - }, - { - "name" : "33937", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33937" - }, - { - "name" : "ADV-2009-3316", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3316" - }, - { - "name" : "python-multiple-bo(44173)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44173" - }, - { - "name" : "python-pyosvsnprintf-bo(44171)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080813 rPSA-2008-0243-1 idle python", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/495445/100/0/threaded" + }, + { + "name": "SUSE-SR:2008:017", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" + }, + { + "name": "ADV-2008-2288", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2288" + }, + { + "name": "32793", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32793" + }, + { + "name": "python-multiple-bo(44173)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44173" + }, + { + "name": "30491", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30491" + }, + { + "name": "33937", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33937" + }, + { + "name": "37471", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37471" + }, + { + "name": "http://bugs.python.org/issue2589", + "refsource": "CONFIRM", + "url": "http://bugs.python.org/issue2589" + }, + { + "name": "31687", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31687" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" + }, + { + "name": "GLSA-200807-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200807-16.xml" + }, + { + "name": "http://support.apple.com/kb/HT3438", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3438" + }, + { + "name": "APPLE-SA-2009-02-12", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" + }, + { + "name": "31358", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31358" + }, + { + "name": "31332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31332" + }, + { + "name": "USN-632-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-632-1" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=232137", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=232137" + }, + { + "name": "MDVSA-2008:164", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:164" + }, + { + "name": "http://svn.python.org/view?rev=63734&view=rev", + "refsource": "CONFIRM", + "url": "http://svn.python.org/view?rev=63734&view=rev" + }, + { + "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" + }, + { + "name": "http://bugs.python.org/issue2588", + "refsource": "CONFIRM", + "url": "http://bugs.python.org/issue2588" + }, + { + "name": "31518", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31518" + }, + { + "name": "python-pyosvsnprintf-bo(44171)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44171" + }, + { + "name": "31305", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31305" + }, + { + "name": "31365", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31365" + }, + { + "name": "http://svn.python.org/view?rev=63728&view=rev", + "refsource": "CONFIRM", + "url": "http://svn.python.org/view?rev=63728&view=rev" + }, + { + "name": "oval:org.mitre.oval:def:7725", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7725" + }, + { + "name": "http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900" + }, + { + "name": "31473", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31473" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0243", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0243" + }, + { + "name": "DSA-1667", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1667" + }, + { + "name": "MDVSA-2008:163", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:163" + }, + { + "name": "http://svn.python.org/view?rev=63883&view=rev", + "refsource": "CONFIRM", + "url": "http://svn.python.org/view?rev=63883&view=rev" + }, + { + "name": "SSA:2008-217-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289" + }, + { + "name": "ADV-2009-3316", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3316" + }, + { + "name": "oval:org.mitre.oval:def:10170", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10170" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3378.json b/2008/3xxx/CVE-2008-3378.json index 04ca9089760..b08f5869b3f 100644 --- a/2008/3xxx/CVE-2008-3378.json +++ b/2008/3xxx/CVE-2008-3378.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3378", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3378", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6133", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6133" - }, - { - "name" : "30374", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30374" - }, - { - "name" : "31252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31252" - }, - { - "name" : "4071", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4071" - }, - { - "name" : "fizzmedia-comment-sql-injection(44023)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44023" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6133", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6133" + }, + { + "name": "31252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31252" + }, + { + "name": "fizzmedia-comment-sql-injection(44023)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44023" + }, + { + "name": "30374", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30374" + }, + { + "name": "4071", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4071" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3535.json b/2008/3xxx/CVE-2008-3535.json index 8f762e44c55..9a61391e172 100644 --- a/2008/3xxx/CVE-2008-3535.json +++ b/2008/3xxx/CVE-2008-3535.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3535", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3535", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[linux-kernel] 20080730 2.6.27-rc1: IP: iov_iter_advance+0x2e/0x90", - "refsource" : "MLIST", - "url" : "http://www.lkml.org/lkml/2008/7/30/446" - }, - { - "name" : "http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c", - "refsource" : "CONFIRM", - "url" : "http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2" - }, - { - "name" : "DSA-1636", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1636" - }, - { - "name" : "RHSA-2008:0857", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0857.html" - }, - { - "name" : "USN-659-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-659-1" - }, - { - "name" : "31132", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31132" - }, - { - "name" : "31881", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31881" - }, - { - "name" : "32190", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32190" - }, - { - "name" : "32393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32393" - }, - { - "name" : "linux-kernel-ioviteradvance-dos(44492)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44492" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32190", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32190" + }, + { + "name": "32393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32393" + }, + { + "name": "DSA-1636", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1636" + }, + { + "name": "31132", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31132" + }, + { + "name": "linux-kernel-ioviteradvance-dos(44492)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44492" + }, + { + "name": "31881", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31881" + }, + { + "name": "USN-659-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-659-1" + }, + { + "name": "RHSA-2008:0857", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html" + }, + { + "name": "[linux-kernel] 20080730 2.6.27-rc1: IP: iov_iter_advance+0x2e/0x90", + "refsource": "MLIST", + "url": "http://www.lkml.org/lkml/2008/7/30/446" + }, + { + "name": "http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c", + "refsource": "CONFIRM", + "url": "http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3632.json b/2008/3xxx/CVE-2008-3632.json index 40c36933b7e..328ddab6c81 100644 --- a/2008/3xxx/CVE-2008-3632.json +++ b/2008/3xxx/CVE-2008-3632.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT3129", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3129" - }, - { - "name" : "http://support.apple.com/kb/HT3026", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3026" - }, - { - "name" : "http://support.apple.com/kb/HT3613", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3613" - }, - { - "name" : "APPLE-SA-2008-09-09", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" - }, - { - "name" : "APPLE-SA-2008-09-12", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" - }, - { - "name" : "APPLE-SA-2009-06-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" - }, - { - "name" : "SUSE-SR:2008:019", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html" - }, - { - "name" : "USN-676-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-676-1" - }, - { - "name" : "31092", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31092" - }, - { - "name" : "35379", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35379" - }, - { - "name" : "32860", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32860" - }, - { - "name" : "ADV-2008-2558", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2558" - }, - { - "name" : "ADV-2008-2525", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2525" - }, - { - "name" : "1020847", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020847" - }, - { - "name" : "31900", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31900" - }, - { - "name" : "31823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31823" - }, - { - "name" : "32099", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32099" - }, - { - "name" : "ADV-2009-1522", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1522" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32860", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32860" + }, + { + "name": "ADV-2008-2525", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2525" + }, + { + "name": "APPLE-SA-2009-06-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" + }, + { + "name": "ADV-2009-1522", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1522" + }, + { + "name": "USN-676-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-676-1" + }, + { + "name": "http://support.apple.com/kb/HT3026", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3026" + }, + { + "name": "http://support.apple.com/kb/HT3129", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3129" + }, + { + "name": "1020847", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020847" + }, + { + "name": "35379", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35379" + }, + { + "name": "APPLE-SA-2008-09-12", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" + }, + { + "name": "31823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31823" + }, + { + "name": "ADV-2008-2558", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2558" + }, + { + "name": "31900", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31900" + }, + { + "name": "31092", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31092" + }, + { + "name": "http://support.apple.com/kb/HT3613", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3613" + }, + { + "name": "APPLE-SA-2008-09-09", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" + }, + { + "name": "32099", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32099" + }, + { + "name": "SUSE-SR:2008:019", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4761.json b/2008/4xxx/CVE-2008-4761.json index ef4f40eaf04..0abd18310ac 100644 --- a/2008/4xxx/CVE-2008-4761.json +++ b/2008/4xxx/CVE-2008-4761.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php in Kayako eSupport 3.20.2 allows remote attackers to inject arbitrary web script or HTML via the jsMakeSrc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue is probably in the HTMLArea HTMLTidy (HTML Tidy) plugin, not eSupport." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20081027 XSS in HTML Tidy plugin used in WYSIWYG HTML editors", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2008/10/27/6" - }, - { - "name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/31908.html", - "refsource" : "MISC", - "url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/31908.html" - }, - { - "name" : "31908", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31908" - }, - { - "name" : "esupport-htmltidylogic-xss(46097)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php in Kayako eSupport 3.20.2 allows remote attackers to inject arbitrary web script or HTML via the jsMakeSrc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue is probably in the HTMLArea HTMLTidy (HTML Tidy) plugin, not eSupport." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://downloads.securityfocus.com/vulnerabilities/exploits/31908.html", + "refsource": "MISC", + "url": "http://downloads.securityfocus.com/vulnerabilities/exploits/31908.html" + }, + { + "name": "[oss-security] 20081027 XSS in HTML Tidy plugin used in WYSIWYG HTML editors", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2008/10/27/6" + }, + { + "name": "31908", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31908" + }, + { + "name": "esupport-htmltidylogic-xss(46097)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46097" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6092.json b/2008/6xxx/CVE-2008-6092.json index c69e7a08a21..a2a08b61127 100644 --- a/2008/6xxx/CVE-2008-6092.json +++ b/2008/6xxx/CVE-2008-6092.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6092", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6092", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6649", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6649" - }, - { - "name" : "31527", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31527" - }, - { - "name" : "32076", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32076" - }, - { - "name" : "rankingscript-admin-security-bypass(45604)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31527", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31527" + }, + { + "name": "32076", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32076" + }, + { + "name": "rankingscript-admin-security-bypass(45604)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45604" + }, + { + "name": "6649", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6649" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6113.json b/2008/6xxx/CVE-2008-6113.json index 17e723e2153..1dd0fb7d836 100644 --- a/2008/6xxx/CVE-2008-6113.json +++ b/2008/6xxx/CVE-2008-6113.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6113", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the (1) username and (2) profile page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6113", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=640424", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=640424" - }, - { - "name" : "32409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32409" - }, - { - "name" : "32722", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32722" - }, - { - "name" : "semanticscuttle-unspecified-xss(46754)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46754" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the (1) username and (2) profile page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32722", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32722" + }, + { + "name": "semanticscuttle-unspecified-xss(46754)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46754" + }, + { + "name": "32409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32409" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=640424", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=640424" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6531.json b/2008/6xxx/CVE-2008-6531.json index e520bb77df4..1ed9e430c75 100644 --- a/2008/6xxx/CVE-2008-6531.json +++ b/2008/6xxx/CVE-2008-6531.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6531", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka \"WebWork 1 Parameter Injection Hole.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6531", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2008-12-09", - "refsource" : "CONFIRM", - "url" : "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2008-12-09" - }, - { - "name" : "32746", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32746" - }, - { - "name" : "52707", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/52707" - }, - { - "name" : "33084", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33084" - }, - { - "name" : "jira-webwork1-security-bypass(47211)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47211" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka \"WebWork 1 Parameter Injection Hole.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33084", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33084" + }, + { + "name": "52707", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/52707" + }, + { + "name": "32746", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32746" + }, + { + "name": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2008-12-09", + "refsource": "CONFIRM", + "url": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2008-12-09" + }, + { + "name": "jira-webwork1-security-bypass(47211)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47211" + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2105.json b/2013/2xxx/CVE-2013-2105.json index 93cf793fdb0..949594e698c 100644 --- a/2013/2xxx/CVE-2013-2105.json +++ b/2013/2xxx/CVE-2013-2105.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2105", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-2105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20130518 Re: Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/05/18/4" - }, - { - "name" : "http://vapid.dhs.org/advisories/show_in_browser.html", - "refsource" : "MISC", - "url" : "http://vapid.dhs.org/advisories/show_in_browser.html" - }, - { - "name" : "showinbrowser-cve20132105-symlink(84378)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/84378" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20130518 Re: Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/05/18/4" + }, + { + "name": "http://vapid.dhs.org/advisories/show_in_browser.html", + "refsource": "MISC", + "url": "http://vapid.dhs.org/advisories/show_in_browser.html" + }, + { + "name": "showinbrowser-cve20132105-symlink(84378)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84378" + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2167.json b/2013/2xxx/CVE-2013-2167.json index 82f37866c15..69e50a6ae5c 100644 --- a/2013/2xxx/CVE-2013-2167.json +++ b/2013/2xxx/CVE-2013-2167.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2167", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-2167", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2545.json b/2013/2xxx/CVE-2013-2545.json index 727a7b93c02..b78160c989b 100644 --- a/2013/2xxx/CVE-2013-2545.json +++ b/2013/2xxx/CVE-2013-2545.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2545", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-2545", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11420.json b/2017/11xxx/CVE-2017-11420.json index 2c39baa1875..2e2fe487ff7 100644 --- a/2017/11xxx/CVE-2017-11420.json +++ b/2017/11xxx/CVE-2017-11420.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openwall.com/lists/oss-security/2017/07/13/1", - "refsource" : "MISC", - "url" : "http://www.openwall.com/lists/oss-security/2017/07/13/1" - }, - { - "name" : "https://asuswrt.lostrealm.ca/changelog", - "refsource" : "CONFIRM", - "url" : "https://asuswrt.lostrealm.ca/changelog" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://asuswrt.lostrealm.ca/changelog", + "refsource": "CONFIRM", + "url": "https://asuswrt.lostrealm.ca/changelog" + }, + { + "name": "http://www.openwall.com/lists/oss-security/2017/07/13/1", + "refsource": "MISC", + "url": "http://www.openwall.com/lists/oss-security/2017/07/13/1" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11487.json b/2017/11xxx/CVE-2017-11487.json index 595826248b3..408e120c265 100644 --- a/2017/11xxx/CVE-2017-11487.json +++ b/2017/11xxx/CVE-2017-11487.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11487", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-11487", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11955.json b/2017/11xxx/CVE-2017-11955.json index 1a3f563116f..8711a9160c7 100644 --- a/2017/11xxx/CVE-2017-11955.json +++ b/2017/11xxx/CVE-2017-11955.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11955", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11955", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14167.json b/2017/14xxx/CVE-2017-14167.json index ff55c20418b..5ba5eab4816 100644 --- a/2017/14xxx/CVE-2017-14167.json +++ b/2017/14xxx/CVE-2017-14167.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14167", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14167", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20170907 CVE-2017-14167 Qemu: i386: multiboot OOB access while loading guest kernel image", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/09/07/2" - }, - { - "name" : "[qemu-devel] 20170905 [PATCH] multiboot: validate multiboot header address values", - "refsource" : "MLIST", - "url" : "https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01032.html" - }, - { - "name" : "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" - }, - { - "name" : "DSA-3991", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3991" - }, - { - "name" : "RHSA-2017:3368", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3368" - }, - { - "name" : "RHSA-2017:3369", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3369" - }, - { - "name" : "RHSA-2017:3466", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3466" - }, - { - "name" : "RHSA-2017:3470", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3470" - }, - { - "name" : "RHSA-2017:3471", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3471" - }, - { - "name" : "RHSA-2017:3472", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3472" - }, - { - "name" : "RHSA-2017:3473", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3473" - }, - { - "name" : "RHSA-2017:3474", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3474" - }, - { - "name" : "USN-3575-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3575-1/" - }, - { - "name" : "100694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100694" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "100694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100694" + }, + { + "name": "RHSA-2017:3473", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3473" + }, + { + "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" + }, + { + "name": "DSA-3991", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3991" + }, + { + "name": "RHSA-2017:3470", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3470" + }, + { + "name": "RHSA-2017:3472", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3472" + }, + { + "name": "RHSA-2017:3474", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3474" + }, + { + "name": "USN-3575-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3575-1/" + }, + { + "name": "[oss-security] 20170907 CVE-2017-14167 Qemu: i386: multiboot OOB access while loading guest kernel image", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/09/07/2" + }, + { + "name": "RHSA-2017:3471", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3471" + }, + { + "name": "RHSA-2017:3368", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3368" + }, + { + "name": "RHSA-2017:3466", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3466" + }, + { + "name": "[qemu-devel] 20170905 [PATCH] multiboot: validate multiboot header address values", + "refsource": "MLIST", + "url": "https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01032.html" + }, + { + "name": "RHSA-2017:3369", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3369" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14564.json b/2017/14xxx/CVE-2017-14564.json index eba6393d10c..82cac8117d9 100644 --- a/2017/14xxx/CVE-2017-14564.json +++ b/2017/14xxx/CVE-2017-14564.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14564", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at STDUXPSFile!DllUnregisterServer+0x0000000000028657.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14564", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14564", - "refsource" : "MISC", - "url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14564" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at STDUXPSFile!DllUnregisterServer+0x0000000000028657.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14564", + "refsource": "MISC", + "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14564" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14981.json b/2017/14xxx/CVE-2017-14981.json index 11d47e2290b..49444c834e0 100644 --- a/2017/14xxx/CVE-2017-14981.json +++ b/2017/14xxx/CVE-2017-14981.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14981", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data (url in /mods/_standard/rss_feeds/edit_feed.php). An attacker could inject arbitrary HTML and script code into a browser in the context of the vulnerable website." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14981", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/atutor/ATutor/commit/9292360c8b3898d0990983269f110cef21729090", - "refsource" : "CONFIRM", - "url" : "https://github.com/atutor/ATutor/commit/9292360c8b3898d0990983269f110cef21729090" - }, - { - "name" : "https://github.com/atutor/ATutor/issues/135", - "refsource" : "CONFIRM", - "url" : "https://github.com/atutor/ATutor/issues/135" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data (url in /mods/_standard/rss_feeds/edit_feed.php). An attacker could inject arbitrary HTML and script code into a browser in the context of the vulnerable website." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/atutor/ATutor/issues/135", + "refsource": "CONFIRM", + "url": "https://github.com/atutor/ATutor/issues/135" + }, + { + "name": "https://github.com/atutor/ATutor/commit/9292360c8b3898d0990983269f110cef21729090", + "refsource": "CONFIRM", + "url": "https://github.com/atutor/ATutor/commit/9292360c8b3898d0990983269f110cef21729090" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15025.json b/2017/15xxx/CVE-2017-15025.json index 814716eb9cd..7ec15543d81 100644 --- a/2017/15xxx/CVE-2017-15025.json +++ b/2017/15xxx/CVE-2017-15025.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22186", - "refsource" : "MISC", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22186" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48", - "refsource" : "MISC", - "url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22186", + "refsource": "MISC", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22186" + }, + { + "name": "https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48", + "refsource": "MISC", + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15045.json b/2017/15xxx/CVE-2017-15045.json index 10752ab2f69..c7da76b5305 100644 --- a/2017/15xxx/CVE-2017-15045.json +++ b/2017/15xxx/CVE-2017-15045.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LAME 3.99.5 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceforge.net/p/lame/bugs/478/", - "refsource" : "MISC", - "url" : "https://sourceforge.net/p/lame/bugs/478/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LAME 3.99.5 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/lame/bugs/478/", + "refsource": "MISC", + "url": "https://sourceforge.net/p/lame/bugs/478/" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15450.json b/2017/15xxx/CVE-2017-15450.json index e4af68d9958..aea369e351e 100644 --- a/2017/15xxx/CVE-2017-15450.json +++ b/2017/15xxx/CVE-2017-15450.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15450", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-15450", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15608.json b/2017/15xxx/CVE-2017-15608.json index 352e6972aae..4c5aa61116f 100644 --- a/2017/15xxx/CVE-2017-15608.json +++ b/2017/15xxx/CVE-2017-15608.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://inedo.com/blog/proget-50-beta5-released", - "refsource" : "CONFIRM", - "url" : "https://inedo.com/blog/proget-50-beta5-released" - }, - { - "name" : "https://inedo.myjetbrains.com/youtrack/issue/PG-1118", - "refsource" : "CONFIRM", - "url" : "https://inedo.myjetbrains.com/youtrack/issue/PG-1118" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://inedo.myjetbrains.com/youtrack/issue/PG-1118", + "refsource": "CONFIRM", + "url": "https://inedo.myjetbrains.com/youtrack/issue/PG-1118" + }, + { + "name": "https://inedo.com/blog/proget-50-beta5-released", + "refsource": "CONFIRM", + "url": "https://inedo.com/blog/proget-50-beta5-released" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8107.json b/2017/8xxx/CVE-2017-8107.json index 76cddfaa113..d7e7bd48637 100644 --- a/2017/8xxx/CVE-2017-8107.json +++ b/2017/8xxx/CVE-2017-8107.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8107", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8107", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8976.json b/2017/8xxx/CVE-2017-8976.json index 8a37990e9e6..fa86428fdec 100644 --- a/2017/8xxx/CVE-2017-8976.json +++ b/2017/8xxx/CVE-2017-8976.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "DATE_PUBLIC" : "2018-01-03T00:00:00", - "ID" : "CVE-2017-8976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Moonshot Provisioning Manager Appliance", - "version" : { - "version_data" : [ - { - "version_value" : "v1.20" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "DATE_PUBLIC": "2018-01-03T00:00:00", + "ID": "CVE-2017-8976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Moonshot Provisioning Manager Appliance", + "version": { + "version_data": [ + { + "version_value": "v1.20" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us" - }, - { - "name" : "102410", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102410" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us" + }, + { + "name": "102410", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102410" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9611.json b/2017/9xxx/CVE-2017-9611.json index 10fc0603ec0..6ffadf23184 100644 --- a/2017/9xxx/CVE-2017-9611.json +++ b/2017/9xxx/CVE-2017-9611.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9611", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9611", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe", - "refsource" : "CONFIRM", - "url" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe" - }, - { - "name" : "https://bugs.ghostscript.com/show_bug.cgi?id=698024", - "refsource" : "CONFIRM", - "url" : "https://bugs.ghostscript.com/show_bug.cgi?id=698024" - }, - { - "name" : "DSA-3986", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3986" - }, - { - "name" : "GLSA-201811-12", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201811-12" - }, - { - "name" : "99975", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99975" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201811-12", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201811-12" + }, + { + "name": "https://bugs.ghostscript.com/show_bug.cgi?id=698024", + "refsource": "CONFIRM", + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=698024" + }, + { + "name": "DSA-3986", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3986" + }, + { + "name": "99975", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99975" + }, + { + "name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe", + "refsource": "CONFIRM", + "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9841.json b/2017/9xxx/CVE-2017-9841.json index 7d78c5c846c..eb551677d56 100644 --- a/2017/9xxx/CVE-2017-9841.json +++ b/2017/9xxx/CVE-2017-9841.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9841", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a \"