diff --git a/2003/0xxx/CVE-2003-0181.json b/2003/0xxx/CVE-2003-0181.json index 3aaa2cbb8e5..75f2a45728e 100644 --- a/2003/0xxx/CVE-2003-0181.json +++ b/2003/0xxx/CVE-2003-0181.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0181", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0181", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030218 More Lotus Domino Advisories", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html" - }, - { - "name" : "http://www.nextgenss.com/advisories/lotus-60dos.txt", - "refsource" : "MISC", - "url" : "http://www.nextgenss.com/advisories/lotus-60dos.txt" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21104528", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21104528" - }, - { - "name" : "CA-2003-11", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2003-11.html" - }, - { - "name" : "6951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6951" - }, - { - "name" : "lotus-invalid-field-dos(11361)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.nextgenss.com/advisories/lotus-60dos.txt", + "refsource": "MISC", + "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt" + }, + { + "name": "CA-2003-11", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2003-11.html" + }, + { + "name": "6951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6951" + }, + { + "name": "lotus-invalid-field-dos(11361)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528" + }, + { + "name": "20030218 More Lotus Domino Advisories", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0283.json b/2003/0xxx/CVE-2003-0283.json index 187a225e03b..4bd882800ad 100644 --- a/2003/0xxx/CVE-2003-0283.json +++ b/2003/0xxx/CVE-2003-0283.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0283", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a \"<<\" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030509 A Phorum's bug...", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105251043821533&w=2" - }, - { - "name" : "20030509 Re: A Phorum's bug...", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105251421925394&w=2" - }, - { - "name" : "7545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/7545" - }, - { - "name" : "phorum-message-html-injection(11974)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a \"<<\" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "phorum-message-html-injection(11974)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11974" + }, + { + "name": "20030509 Re: A Phorum's bug...", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105251421925394&w=2" + }, + { + "name": "7545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/7545" + }, + { + "name": "20030509 A Phorum's bug...", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105251043821533&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0453.json b/2003/0xxx/CVE-2003-0453.json index 1a82d730ac7..f0aeb2aab01 100644 --- a/2003/0xxx/CVE-2003-0453.json +++ b/2003/0xxx/CVE-2003-0453.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain \"nprobes\" and \"max_ttl\" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030620 BAZARR FAREWELL", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105613905425563&w=2" - }, - { - "name" : "DSA-348", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2003/dsa-348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain \"nprobes\" and \"max_ttl\" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-348", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2003/dsa-348" + }, + { + "name": "20030620 BAZARR FAREWELL", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105613905425563&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0591.json b/2003/0xxx/CVE-2003-0591.json index 72afbc524eb..7b533736827 100644 --- a/2003/0xxx/CVE-2003-0591.json +++ b/2003/0xxx/CVE-2003-0591.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0591", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a duplicate number that was created during the refinement phase. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2003-0591", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a duplicate number that was created during the refinement phase. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0785.json b/2003/0xxx/CVE-2003-0785.json index 891393329ec..6b0fac3f44c 100644 --- a/2003/0xxx/CVE-2003-0785.json +++ b/2003/0xxx/CVE-2003-0785.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-389", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2003/dsa-389" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-389", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2003/dsa-389" + } + ] + } +} \ No newline at end of file diff --git a/2003/1xxx/CVE-2003-1073.json b/2003/1xxx/CVE-2003-1073.json index d47bdf0df0b..32e34a74d32 100644 --- a/2003/1xxx/CVE-2003-1073.json +++ b/2003/1xxx/CVE-2003-1073.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1073", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1073", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/308577" - }, - { - "name" : "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html" - }, - { - "name" : "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt", - "refsource" : "MISC", - "url" : "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt" - }, - { - "name" : "50161", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1" - }, - { - "name" : "N-070", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/n-070.shtml" - }, - { - "name" : "6692", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6692" - }, - { - "name" : "6693", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6693" - }, - { - "name" : "1005994", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1005994" - }, - { - "name" : "7960", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/7960/" - }, - { - "name" : "solaris-at-race-condition(11180)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11180" - }, - { - "name" : "solaris-at-directory-traversal(11179)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11179" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1005994", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1005994" + }, + { + "name": "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt", + "refsource": "MISC", + "url": "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt" + }, + { + "name": "solaris-at-race-condition(11180)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11180" + }, + { + "name": "solaris-at-directory-traversal(11179)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11179" + }, + { + "name": "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html" + }, + { + "name": "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/308577" + }, + { + "name": "7960", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/7960/" + }, + { + "name": "6693", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6693" + }, + { + "name": "6692", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6692" + }, + { + "name": "N-070", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/n-070.shtml" + }, + { + "name": "50161", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0252.json b/2004/0xxx/CVE-2004-0252.json index 5aa13666d54..cdaea7d2e53 100644 --- a/2004/0xxx/CVE-2004-0252.json +++ b/2004/0xxx/CVE-2004-0252.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0252", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0252", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040204 TYPSoft FTP Server 1.10 may be crashed", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107591511716707&w=2" - }, - { - "name" : "9573", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9573" - }, - { - "name" : "1008943", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/alerts/2004/Feb/1008943.html" - }, - { - "name" : "typsoft-empty-username-dos(15048)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040204 TYPSoft FTP Server 1.10 may be crashed", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107591511716707&w=2" + }, + { + "name": "typsoft-empty-username-dos(15048)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15048" + }, + { + "name": "9573", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9573" + }, + { + "name": "1008943", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/alerts/2004/Feb/1008943.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0500.json b/2004/0xxx/CVE-2004-0500.json index 9932c2e0fc7..c5f55752761 100644 --- a/2004/0xxx/CVE-2004-0500.json +++ b/2004/0xxx/CVE-2004-0500.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FEDORA-2004-278", - "refsource" : "FEDORA", - "url" : "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml" - }, - { - "name" : "FEDORA-2004-279", - "refsource" : "FEDORA", - "url" : "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml" - }, - { - "name" : "GLSA-200408-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml" - }, - { - "name" : "GLSA-200408-27", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml" - }, - { - "name" : "MDKSA-2004:081", - "refsource" : "MANDRAKE", - "url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081" - }, - { - "name" : "RHSA-2004:400", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-400.html" - }, - { - "name" : "SUSE-SA:2004:025", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2004_25_gaim.html" - }, - { - "name" : "http://gaim.sourceforge.net/security/?id=0", - "refsource" : "CONFIRM", - "url" : "http://gaim.sourceforge.net/security/?id=0" - }, - { - "name" : "10865", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10865" - }, - { - "name" : "oval:org.mitre.oval:def:9429", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429" - }, - { - "name" : "gaim-msn-bo(16920)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2004-278", + "refsource": "FEDORA", + "url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml" + }, + { + "name": "FEDORA-2004-279", + "refsource": "FEDORA", + "url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml" + }, + { + "name": "GLSA-200408-27", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml" + }, + { + "name": "SUSE-SA:2004:025", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html" + }, + { + "name": "MDKSA-2004:081", + "refsource": "MANDRAKE", + "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081" + }, + { + "name": "GLSA-200408-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml" + }, + { + "name": "http://gaim.sourceforge.net/security/?id=0", + "refsource": "CONFIRM", + "url": "http://gaim.sourceforge.net/security/?id=0" + }, + { + "name": "gaim-msn-bo(16920)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920" + }, + { + "name": "oval:org.mitre.oval:def:9429", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429" + }, + { + "name": "RHSA-2004:400", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-400.html" + }, + { + "name": "10865", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10865" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0617.json b/2004/0xxx/CVE-2004-0617.json index 87274ed66d4..6a302405be5 100644 --- a/2004/0xxx/CVE-2004-0617.json +++ b/2004/0xxx/CVE-2004-0617.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0617", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0617", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040622 ArbitroWeb v0.6 Javascript injection vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108794392303244&w=2" - }, - { - "name" : "10592", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10592" - }, - { - "name" : "arbitroweb-rawurl-xss(16481)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16481" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "10592", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10592" + }, + { + "name": "20040622 ArbitroWeb v0.6 Javascript injection vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108794392303244&w=2" + }, + { + "name": "arbitroweb-rawurl-xss(16481)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16481" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0731.json b/2004/0xxx/CVE-2004-0731.json index c6c8933f014..f80f7bc843f 100644 --- a/2004/0xxx/CVE-2004-0731.json +++ b/2004/0xxx/CVE-2004-0731.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0731", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0731", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040716 [waraxe-2004-SA#035 - Multiple security holes in PhpNuke - part 2]", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109002107329823&w=2" - }, - { - "name" : "http://www.waraxe.us/index.php?modname=sa&id=35", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/index.php?modname=sa&id=35" - }, - { - "name" : "phpnuke-search-module-xss(16721)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16721" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040716 [waraxe-2004-SA#035 - Multiple security holes in PhpNuke - part 2]", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109002107329823&w=2" + }, + { + "name": "http://www.waraxe.us/index.php?modname=sa&id=35", + "refsource": "MISC", + "url": "http://www.waraxe.us/index.php?modname=sa&id=35" + }, + { + "name": "phpnuke-search-module-xss(16721)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16721" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0796.json b/2004/0xxx/CVE-2004-0796.json index 6347f355812..3f3466d18aa 100644 --- a/2004/0xxx/CVE-2004-0796.json +++ b/2004/0xxx/CVE-2004-0796.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[spamassassin-announce] 20040805 [SA-Announce] SpamAssassin 2.64 is released!", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2" - }, - { - "name" : "FLSA:2268", - "refsource" : "FEDORA", - "url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2268" - }, - { - "name" : "GLSA-200408-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200408-06.xml" - }, - { - "name" : "MDKSA-2004:084", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:084" - }, - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337" - }, - { - "name" : "10957", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10957" - }, - { - "name" : "oval:org.mitre.oval:def:10413", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413" - }, - { - "name" : "spamassassin-dos(16938)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16938" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200408-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200408-06.xml" + }, + { + "name": "spamassassin-dos(16938)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16938" + }, + { + "name": "10957", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10957" + }, + { + "name": "MDKSA-2004:084", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:084" + }, + { + "name": "oval:org.mitre.oval:def:10413", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337", + "refsource": "CONFIRM", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337" + }, + { + "name": "[spamassassin-announce] 20040805 [SA-Announce] SpamAssassin 2.64 is released!", + "refsource": "MLIST", + "url": "http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2" + }, + { + "name": "FLSA:2268", + "refsource": "FEDORA", + "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2268" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0948.json b/2004/0xxx/CVE-2004-0948.json index 0219e19299d..d9c07468416 100644 --- a/2004/0xxx/CVE-2004-0948.json +++ b/2004/0xxx/CVE-2004-0948.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0948", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It was a duplicate assignment before public disclosure. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2004-0948", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It was a duplicate assignment before public disclosure. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2182.json b/2004/2xxx/CVE-2004-2182.json index bbc65f3cce4..c8643ad08e1 100644 --- a/2004/2xxx/CVE-2004-2182.json +++ b/2004/2xxx/CVE-2004-2182.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2182", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2182", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MPSB04-08", - "refsource" : "ALLAIRE", - "url" : "http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html" - }, - { - "name" : "11414", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11414" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11414", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11414" + }, + { + "name": "MPSB04-08", + "refsource": "ALLAIRE", + "url": "http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2522.json b/2004/2xxx/CVE-2004-2522.json index 75d612736a5..dbd808bfd28 100644 --- a/2004/2xxx/CVE-2004-2522.json +++ b/2004/2xxx/CVE-2004-2522.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2522", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2522", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt", - "refsource" : "MISC", - "url" : "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt" - }, - { - "name" : "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0", - "refsource" : "CONFIRM", - "url" : "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0" - }, - { - "name" : "10731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10731" - }, - { - "name" : "7927", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7927" - }, - { - "name" : "1010703", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1010703" - }, - { - "name" : "12071", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/12071" - }, - { - "name" : "gattaca-web-xss(16701)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16701" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt", + "refsource": "MISC", + "url": "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt" + }, + { + "name": "12071", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/12071" + }, + { + "name": "gattaca-web-xss(16701)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16701" + }, + { + "name": "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0", + "refsource": "CONFIRM", + "url": "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0" + }, + { + "name": "7927", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7927" + }, + { + "name": "10731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10731" + }, + { + "name": "1010703", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1010703" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2676.json b/2004/2xxx/CVE-2004-2676.json index 899322998de..a242675a623 100644 --- a/2004/2xxx/CVE-2004-2676.json +++ b/2004/2xxx/CVE-2004-2676.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2676", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2676", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2004-14/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2004-14/advisory/" - }, - { - "name" : "12534", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/12534" - }, - { - "name" : "1012652", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1012652" - }, - { - "name" : "13187", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13187" - }, - { - "name" : "spy-sweeper-gain-privileges(18628)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://secunia.com/secunia_research/2004-14/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2004-14/advisory/" + }, + { + "name": "13187", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13187" + }, + { + "name": "spy-sweeper-gain-privileges(18628)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628" + }, + { + "name": "1012652", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1012652" + }, + { + "name": "12534", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/12534" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2096.json b/2008/2xxx/CVE-2008-2096.json index 7e0379e9f21..f1bb4695f85 100644 --- a/2008/2xxx/CVE-2008-2096.json +++ b/2008/2xxx/CVE-2008-2096.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2096", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2096", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080505 [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/491612/100/0/threaded" - }, - { - "name" : "5546", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5546" - }, - { - "name" : "29054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29054" - }, - { - "name" : "3857", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3857" - }, - { - "name" : "backlinkspider-catid-sql-injection(42189)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42189" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5546", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5546" + }, + { + "name": "20080505 [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/491612/100/0/threaded" + }, + { + "name": "backlinkspider-catid-sql-injection(42189)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42189" + }, + { + "name": "3857", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3857" + }, + { + "name": "29054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29054" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2152.json b/2008/2xxx/CVE-2008-2152.json index 697cf3bea6c..e9e2903db2f 100644 --- a/2008/2xxx/CVE-2008-2152.json +++ b/2008/2xxx/CVE-2008-2152.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2152", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2152", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080610 Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2008-2152.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2008-2152.html" - }, - { - "name" : "FEDORA-2008-5143", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00385.html" - }, - { - "name" : "FEDORA-2008-5239", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00473.html" - }, - { - "name" : "FEDORA-2008-5247", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00499.html" - }, - { - "name" : "GLSA-200807-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200807-05.xml" - }, - { - "name" : "MDVSA-2008:137", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:137" - }, - { - "name" : "MDVSA-2008:138", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:138" - }, - { - "name" : "RHSA-2008:0538", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0538.html" - }, - { - "name" : "RHSA-2008:0537", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0537.html" - }, - { - "name" : "237944", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1" - }, - { - "name" : "29622", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29622" - }, - { - "name" : "oval:org.mitre.oval:def:9787", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9787" - }, - { - "name" : "ADV-2008-1773", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1773" - }, - { - "name" : "ADV-2008-1804", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1804/references" - }, - { - "name" : "1020219", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020219" - }, - { - "name" : "30599", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30599" - }, - { - "name" : "30633", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30633" - }, - { - "name" : "30634", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30634" - }, - { - "name" : "30635", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30635" - }, - { - "name" : "31029", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31029" - }, - { - "name" : "openoffice-rtlallocatememory-bo(42957)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42957" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30635", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30635" + }, + { + "name": "RHSA-2008:0537", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0537.html" + }, + { + "name": "30633", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30633" + }, + { + "name": "237944", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1" + }, + { + "name": "FEDORA-2008-5143", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00385.html" + }, + { + "name": "1020219", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020219" + }, + { + "name": "FEDORA-2008-5247", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00499.html" + }, + { + "name": "GLSA-200807-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200807-05.xml" + }, + { + "name": "ADV-2008-1804", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1804/references" + }, + { + "name": "oval:org.mitre.oval:def:9787", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9787" + }, + { + "name": "MDVSA-2008:138", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:138" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2008-2152.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2008-2152.html" + }, + { + "name": "RHSA-2008:0538", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0538.html" + }, + { + "name": "30634", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30634" + }, + { + "name": "30599", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30599" + }, + { + "name": "FEDORA-2008-5239", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00473.html" + }, + { + "name": "20080610 Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714" + }, + { + "name": "openoffice-rtlallocatememory-bo(42957)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42957" + }, + { + "name": "ADV-2008-1773", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1773" + }, + { + "name": "29622", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29622" + }, + { + "name": "31029", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31029" + }, + { + "name": "MDVSA-2008:137", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:137" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2271.json b/2008/2xxx/CVE-2008-2271.json index dc6c1fe645b..b601657e2e5 100644 --- a/2008/2xxx/CVE-2008-2271.json +++ b/2008/2xxx/CVE-2008-2271.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2271", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the \"access content\" permission to list tables and obtain session IDs from the database." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/258547", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/258547" - }, - { - "name" : "29242", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29242" - }, - { - "name" : "ADV-2008-1541", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1541/references" - }, - { - "name" : "30257", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30257" - }, - { - "name" : "site-access-content-info-disclosure(42453)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42453" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the \"access content\" permission to list tables and obtain session IDs from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29242", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29242" + }, + { + "name": "http://drupal.org/node/258547", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/258547" + }, + { + "name": "site-access-content-info-disclosure(42453)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42453" + }, + { + "name": "ADV-2008-1541", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1541/references" + }, + { + "name": "30257", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30257" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2811.json b/2008/2xxx/CVE-2008-2811.json index 4756a5519f6..7d351ee252e 100644 --- a/2008/2xxx/CVE-2008-2811.json +++ b/2008/2xxx/CVE-2008-2811.json @@ -1,337 +1,337 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-2811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080708 rPSA-2008-0216-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/494080/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15" - }, - { - "name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=439735", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=439735" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2646", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2646" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216" - }, - { - "name" : "DSA-1607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1607" - }, - { - "name" : "DSA-1615", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1615" - }, - { - "name" : "DSA-1621", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1621" - }, - { - "name" : "DSA-1697", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1697" - }, - { - "name" : "FEDORA-2008-6127", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html" - }, - { - "name" : "FEDORA-2008-6193", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html" - }, - { - "name" : "FEDORA-2008-6196", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html" - }, - { - "name" : "FEDORA-2008-6706", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html" - }, - { - "name" : "FEDORA-2008-6737", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html" - }, - { - "name" : "GLSA-200808-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200808-03.xml" - }, - { - "name" : "MDVSA-2008:136", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136" - }, - { - "name" : "MDVSA-2008:155", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155" - }, - { - "name" : "RHSA-2008:0547", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0547.html" - }, - { - "name" : "RHSA-2008:0549", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0549.html" - }, - { - "name" : "RHSA-2008:0569", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0569.html" - }, - { - "name" : "RHSA-2008:0616", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2008-0616.html" - }, - { - "name" : "SSA:2008-191-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152" - }, - { - "name" : "SSA:2008-210-05", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484" - }, - { - "name" : "SSA:2008-191", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911" - }, - { - "name" : "256408", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" - }, - { - "name" : "SUSE-SA:2008:034", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html" - }, - { - "name" : "USN-619-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-619-1" - }, - { - "name" : "USN-629-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-629-1" - }, - { - "name" : "VU#607267", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/607267" - }, - { - "name" : "30038", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30038" - }, - { - "name" : "oval:org.mitre.oval:def:9865", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9865" - }, - { - "name" : "34501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34501" - }, - { - "name" : "31076", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31076" - }, - { - "name" : "ADV-2008-1993", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1993/references" - }, - { - "name" : "1020419", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020419" - }, - { - "name" : "30911", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30911" - }, - { - "name" : "30915", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30915" - }, - { - "name" : "30878", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30878" - }, - { - "name" : "30898", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30898" - }, - { - "name" : "30903", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30903" - }, - { - "name" : "30949", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30949" - }, - { - "name" : "31005", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31005" - }, - { - "name" : "31008", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31008" - }, - { - "name" : "31069", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31069" - }, - { - "name" : "31023", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31023" - }, - { - "name" : "31183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31183" - }, - { - "name" : "31195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31195" - }, - { - "name" : "31220", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31220" - }, - { - "name" : "31253", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31253" - }, - { - "name" : "31377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31377" - }, - { - "name" : "31286", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31286" - }, - { - "name" : "31403", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31403" - }, - { - "name" : "31021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31021" - }, - { - "name" : "33433", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33433" - }, - { - "name" : "ADV-2009-0977", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0977" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=439735", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=439735" + }, + { + "name": "SUSE-SA:2008:034", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html" + }, + { + "name": "RHSA-2008:0549", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html" + }, + { + "name": "DSA-1697", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1697" + }, + { + "name": "oval:org.mitre.oval:def:9865", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9865" + }, + { + "name": "31021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31021" + }, + { + "name": "30898", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30898" + }, + { + "name": "31403", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31403" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0216", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2646", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2646" + }, + { + "name": "30949", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30949" + }, + { + "name": "SSA:2008-191-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152" + }, + { + "name": "ADV-2009-0977", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0977" + }, + { + "name": "31069", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31069" + }, + { + "name": "31008", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31008" + }, + { + "name": "31377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31377" + }, + { + "name": "RHSA-2008:0616", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html" + }, + { + "name": "ADV-2008-1993", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1993/references" + }, + { + "name": "31023", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31023" + }, + { + "name": "MDVSA-2008:155", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155" + }, + { + "name": "30038", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30038" + }, + { + "name": "30915", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30915" + }, + { + "name": "DSA-1607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1607" + }, + { + "name": "GLSA-200808-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml" + }, + { + "name": "31005", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31005" + }, + { + "name": "33433", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33433" + }, + { + "name": "FEDORA-2008-6127", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html" + }, + { + "name": "1020419", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020419" + }, + { + "name": "31253", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31253" + }, + { + "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15" + }, + { + "name": "FEDORA-2008-6737", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html" + }, + { + "name": "31183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31183" + }, + { + "name": "30903", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30903" + }, + { + "name": "RHSA-2008:0547", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html" + }, + { + "name": "FEDORA-2008-6193", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html" + }, + { + "name": "USN-629-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-629-1" + }, + { + "name": "256408", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" + }, + { + "name": "SSA:2008-191", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911" + }, + { + "name": "VU#607267", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/607267" + }, + { + "name": "SSA:2008-210-05", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484" + }, + { + "name": "DSA-1615", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1615" + }, + { + "name": "FEDORA-2008-6706", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html" + }, + { + "name": "31220", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31220" + }, + { + "name": "31195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31195" + }, + { + "name": "31076", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31076" + }, + { + "name": "USN-619-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-619-1" + }, + { + "name": "30911", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30911" + }, + { + "name": "RHSA-2008:0569", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html" + }, + { + "name": "30878", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30878" + }, + { + "name": "DSA-1621", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1621" + }, + { + "name": "20080708 rPSA-2008-0216-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded" + }, + { + "name": "31286", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31286" + }, + { + "name": "FEDORA-2008-6196", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html" + }, + { + "name": "34501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34501" + }, + { + "name": "MDVSA-2008:136", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2992.json b/2008/2xxx/CVE-2008-2992.json index 07561d58bc1..b78f79d6529 100644 --- a/2008/2xxx/CVE-2008-2992.json +++ b/2008/2xxx/CVE-2008-2992.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081104 CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/498032/100/0/threaded" - }, - { - "name" : "20081104 Secunia Research: Adobe Acrobat/Reader \"util.printf()\" Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/498027/100/0/threaded" - }, - { - "name" : "20081104 ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/498055/100/0/threaded" - }, - { - "name" : "6994", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6994" - }, - { - "name" : "7006", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7006" - }, - { - "name" : "http://secunia.com/secunia_research/2008-14/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2008-14/" - }, - { - "name" : "http://www.coresecurity.com/content/adobe-reader-buffer-overflow", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/content/adobe-reader-buffer-overflow" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-072/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-072/" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb08-19.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb08-19.html" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609" - }, - { - "name" : "RHSA-2008:0974", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0974.html" - }, - { - "name" : "249366", - "refsource" : "SUNALERT", - "url" : "http://download.oracle.com/sunalerts/1019937.1.html" - }, - { - "name" : "SUSE-SR:2008:026", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html" - }, - { - "name" : "TA08-309A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-309A.html" - }, - { - "name" : "VU#593409", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/593409" - }, - { - "name" : "32091", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32091" - }, - { - "name" : "30035", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30035" - }, - { - "name" : "1021140", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021140" - }, - { - "name" : "35163", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35163" - }, - { - "name" : "ADV-2008-3001", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/3001" - }, - { - "name" : "ADV-2009-0098", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0098" - }, - { - "name" : "49520", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/49520" - }, - { - "name" : "29773", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29773" - }, - { - "name" : "32872", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32872" - }, - { - "name" : "32700", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32700" - }, - { - "name" : "4549", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4549" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30035", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30035" + }, + { + "name": "32700", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32700" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609" + }, + { + "name": "20081104 Secunia Research: Adobe Acrobat/Reader \"util.printf()\" Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/498027/100/0/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2008-14/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2008-14/" + }, + { + "name": "32091", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32091" + }, + { + "name": "49520", + "refsource": "OSVDB", + "url": "http://osvdb.org/49520" + }, + { + "name": "35163", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35163" + }, + { + "name": "249366", + "refsource": "SUNALERT", + "url": "http://download.oracle.com/sunalerts/1019937.1.html" + }, + { + "name": "32872", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32872" + }, + { + "name": "7006", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7006" + }, + { + "name": "4549", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4549" + }, + { + "name": "http://www.coresecurity.com/content/adobe-reader-buffer-overflow", + "refsource": "MISC", + "url": "http://www.coresecurity.com/content/adobe-reader-buffer-overflow" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-072/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-072/" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb08-19.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb08-19.html" + }, + { + "name": "20081104 ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/498055/100/0/threaded" + }, + { + "name": "6994", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6994" + }, + { + "name": "ADV-2009-0098", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0098" + }, + { + "name": "29773", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29773" + }, + { + "name": "TA08-309A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-309A.html" + }, + { + "name": "1021140", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021140" + }, + { + "name": "20081104 CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/498032/100/0/threaded" + }, + { + "name": "ADV-2008-3001", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/3001" + }, + { + "name": "SUSE-SR:2008:026", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html" + }, + { + "name": "RHSA-2008:0974", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0974.html" + }, + { + "name": "VU#593409", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/593409" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6506.json b/2008/6xxx/CVE-2008-6506.json index 28c8e59919f..339e6e63ba9 100644 --- a/2008/6xxx/CVE-2008-6506.json +++ b/2008/6xxx/CVE-2008-6506.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20090206 CVE request: phpbb < 3.0.4", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/02/06/2" - }, - { - "name" : "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565" - }, - { - "name" : "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303" - }, - { - "name" : "32842", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32842" - }, - { - "name" : "50806", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/50806" - }, - { - "name" : "33166", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33166" - }, - { - "name" : "phpbb-account-activation-security-bypass(47370)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565", + "refsource": "CONFIRM", + "url": "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565" + }, + { + "name": "33166", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33166" + }, + { + "name": "32842", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32842" + }, + { + "name": "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303", + "refsource": "CONFIRM", + "url": "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303" + }, + { + "name": "[oss-security] 20090206 CVE request: phpbb < 3.0.4", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/02/06/2" + }, + { + "name": "50806", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/50806" + }, + { + "name": "phpbb-account-activation-security-bypass(47370)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47370" + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1225.json b/2012/1xxx/CVE-2012-1225.json index 0057fd4099b..04535cbede5 100644 --- a/2012/1xxx/CVE-2012-1225.json +++ b/2012/1xxx/CVE-2012-1225.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-1225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20120210 Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2012-02/0056.html" - }, - { - "name" : "51956", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/51956" - }, - { - "name" : "79011", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/79011" - }, - { - "name" : "47969", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47969" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "47969", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47969" + }, + { + "name": "20120210 Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0056.html" + }, + { + "name": "51956", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/51956" + }, + { + "name": "79011", + "refsource": "OSVDB", + "url": "http://osvdb.org/79011" + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1253.json b/2012/1xxx/CVE-2012-1253.json index 4a15e10dc29..dcdb96ce35b 100644 --- a/2012/1xxx/CVE-2012-1253.json +++ b/2012/1xxx/CVE-2012-1253.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1253", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2012-1253", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/" - }, - { - "name" : "JVN#21422837", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN21422837/index.html" - }, - { - "name" : "JVNDB-2012-000050", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000050" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#21422837", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN21422837/index.html" + }, + { + "name": "JVNDB-2012-000050", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000050" + }, + { + "name": "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/" + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1489.json b/2012/1xxx/CVE-2012-1489.json index f9fdc0215d8..bc07d1a3fe4 100644 --- a/2012/1xxx/CVE-2012-1489.json +++ b/2012/1xxx/CVE-2012-1489.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1489", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-1489", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1756.json b/2012/1xxx/CVE-2012-1756.json index b3e0f306266..65f78c4eea6 100644 --- a/2012/1xxx/CVE-2012-1756.json +++ b/2012/1xxx/CVE-2012-1756.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1756", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2012-1756", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "54524", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54524" - }, - { - "name" : "83978", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/83978" - }, - { - "name" : "1027263", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027263" - }, - { - "name" : "mysql-server1-dos(77063)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77063" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1027263", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027263" + }, + { + "name": "54524", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54524" + }, + { + "name": "83978", + "refsource": "OSVDB", + "url": "http://osvdb.org/83978" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + }, + { + "name": "mysql-server1-dos(77063)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77063" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5427.json b/2012/5xxx/CVE-2012-5427.json index 51022750dd2..5bea42dfc5e 100644 --- a/2012/5xxx/CVE-2012-5427.json +++ b/2012/5xxx/CVE-2012-5427.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2012-5427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf", + "refsource": "CONFIRM", + "url": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5620.json b/2012/5xxx/CVE-2012-5620.json index 2fdac3c52be..de5b3f0facd 100644 --- a/2012/5xxx/CVE-2012-5620.json +++ b/2012/5xxx/CVE-2012-5620.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5620", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5620", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5752.json b/2012/5xxx/CVE-2012-5752.json index 1dbd1ea539f..3aaf5369470 100644 --- a/2012/5xxx/CVE-2012-5752.json +++ b/2012/5xxx/CVE-2012-5752.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5752", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5752", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5957.json b/2012/5xxx/CVE-2012-5957.json index bd82d917a94..af5768eb0fe 100644 --- a/2012/5xxx/CVE-2012-5957.json +++ b/2012/5xxx/CVE-2012-5957.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5957", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5957", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11200.json b/2017/11xxx/CVE-2017-11200.json index 857a3233bb8..9809bfcfac9 100644 --- a/2017/11xxx/CVE-2017-11200.json +++ b/2017/11xxx/CVE-2017-11200.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11200", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11200", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection", - "refsource" : "MISC", - "url" : "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection", + "refsource": "MISC", + "url": "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11429.json b/2017/11xxx/CVE-2017-11429.json index 5cd487820a5..a82382ad756 100644 --- a/2017/11xxx/CVE-2017-11429.json +++ b/2017/11xxx/CVE-2017-11429.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11429", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11429", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3844.json b/2017/3xxx/CVE-2017-3844.json index 9d1bdc2baec..2a94c0c03bd 100644 --- a/2017/3xxx/CVE-2017-3844.json +++ b/2017/3xxx/CVE-2017-3844.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2017-3844", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Prime Collaboration Assurance", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco Prime Collaboration Assurance" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc86238. Known Affected Releases: 11.5(0)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Directory Listing Unauthorized Access Vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2017-3844", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Prime Collaboration Assurance", + "version": { + "version_data": [ + { + "version_value": "Cisco Prime Collaboration Assurance" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2" - }, - { - "name" : "96247", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96247" - }, - { - "name" : "1037843", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037843" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc86238. Known Affected Releases: 11.5(0)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Directory Listing Unauthorized Access Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2" + }, + { + "name": "96247", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96247" + }, + { + "name": "1037843", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037843" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7026.json b/2017/7xxx/CVE-2017-7026.json index ccdfe35dc76..4706e5d902c 100644 --- a/2017/7xxx/CVE-2017-7026.json +++ b/2017/7xxx/CVE-2017-7026.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-7026", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-7026", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207922", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207922" - }, - { - "name" : "https://support.apple.com/HT207923", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207923" - }, - { - "name" : "https://support.apple.com/HT207924", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207924" - }, - { - "name" : "https://support.apple.com/HT207925", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207925" - }, - { - "name" : "99883", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99883" - }, - { - "name" : "1038950", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038950" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207924", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207924" + }, + { + "name": "https://support.apple.com/HT207925", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207925" + }, + { + "name": "https://support.apple.com/HT207923", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207923" + }, + { + "name": "99883", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99883" + }, + { + "name": "1038950", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038950" + }, + { + "name": "https://support.apple.com/HT207922", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207922" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7893.json b/2017/7xxx/CVE-2017-7893.json index a47f6ad6706..c0ef09e84c8 100644 --- a/2017/7xxx/CVE-2017-7893.json +++ b/2017/7xxx/CVE-2017-7893.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-7893", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-7893", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", - "refsource" : "CONFIRM", - "url" : "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", + "refsource": "CONFIRM", + "url": "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8673.json b/2017/8xxx/CVE-2017-8673.json index a26d84a81f9..1aac31b50e5 100644 --- a/2017/8xxx/CVE-2017-8673.json +++ b/2017/8xxx/CVE-2017-8673.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-8673", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows RDP", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Windows 10 1703" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka \"Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-8673", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows RDP", + "version": { + "version_data": [ + { + "version_value": "Microsoft Windows 10 1703" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673" - }, - { - "name" : "100079", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100079" - }, - { - "name" : "1039107", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039107" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka \"Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673" + }, + { + "name": "1039107", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039107" + }, + { + "name": "100079", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100079" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8966.json b/2017/8xxx/CVE-2017-8966.json index 48b3ca5d8af..a47e0f83f15 100644 --- a/2017/8xxx/CVE-2017-8966.json +++ b/2017/8xxx/CVE-2017-8966.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "DATE_PUBLIC" : "2017-10-27T00:00:00", - "ID" : "CVE-2017-8966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Intelligent Management Center (iMC) PLAT", - "version" : { - "version_data" : [ - { - "version_value" : "7.3 E0504P2" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Deserialization of Untrusted Data" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "DATE_PUBLIC": "2017-10-27T00:00:00", + "ID": "CVE-2017-8966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intelligent Management Center (iMC) PLAT", + "version": { + "version_data": [ + { + "version_value": "7.3 E0504P2" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" - }, - { - "name" : "1039684", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039684" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Deserialization of Untrusted Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" + }, + { + "name": "1039684", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039684" + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10106.json b/2018/10xxx/CVE-2018-10106.json index 7376f0b8a38..9371771bf24 100644 --- a/2018/10xxx/CVE-2018-10106.json +++ b/2018/10xxx/CVE-2018-10106.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10106", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md", - "refsource" : "MISC", - "url" : "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md", + "refsource": "MISC", + "url": "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10154.json b/2018/10xxx/CVE-2018-10154.json index c09e79044d5..fe633aa0f0c 100644 --- a/2018/10xxx/CVE-2018-10154.json +++ b/2018/10xxx/CVE-2018-10154.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10154", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-10154", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10638.json b/2018/10xxx/CVE-2018-10638.json index 117b252c194..5a0ff25ca7d 100644 --- a/2018/10xxx/CVE-2018-10638.json +++ b/2018/10xxx/CVE-2018-10638.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10638", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10638", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10667.json b/2018/10xxx/CVE-2018-10667.json index ba62ab8e989..01f6cf29598 100644 --- a/2018/10xxx/CVE-2018-10667.json +++ b/2018/10xxx/CVE-2018-10667.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10667", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10667", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10781.json b/2018/10xxx/CVE-2018-10781.json index 79c0327d4c4..67fd8007b65 100644 --- a/2018/10xxx/CVE-2018-10781.json +++ b/2018/10xxx/CVE-2018-10781.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10781", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10781", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10916.json b/2018/10xxx/CVE-2018-10916.json index 9e03fb8476e..2eb54222567 100644 --- a/2018/10xxx/CVE-2018-10916.json +++ b/2018/10xxx/CVE-2018-10916.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "lpardo@redhat.com", - "ID" : "CVE-2018-10916", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "lftp", - "version" : { - "version_data" : [ - { - "version_value" : "up to and including 4.8.3" - } - ] - } - } - ] - }, - "vendor_name" : "[UNKNOWN]" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", - "version" : "3.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2018-10916", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "lftp", + "version": { + "version_data": [ + { + "version_value": "up to and including 4.8.3" + } + ] + } + } + ] + }, + "vendor_name": "[UNKNOWN]" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916" - }, - { - "name" : "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992", - "refsource" : "CONFIRM", - "url" : "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992" - }, - { - "name" : "https://github.com/lavv17/lftp/issues/452", - "refsource" : "CONFIRM", - "url" : "https://github.com/lavv17/lftp/issues/452" - }, - { - "name" : "USN-3731-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3731-2/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/lavv17/lftp/issues/452", + "refsource": "CONFIRM", + "url": "https://github.com/lavv17/lftp/issues/452" + }, + { + "name": "USN-3731-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3731-2/" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916" + }, + { + "name": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992", + "refsource": "CONFIRM", + "url": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12267.json b/2018/12xxx/CVE-2018-12267.json index 1321b9d2d2a..5eef419df76 100644 --- a/2018/12xxx/CVE-2018-12267.json +++ b/2018/12xxx/CVE-2018-12267.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12267", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12267", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12276.json b/2018/12xxx/CVE-2018-12276.json index 53843885418..d982fb29e96 100644 --- a/2018/12xxx/CVE-2018-12276.json +++ b/2018/12xxx/CVE-2018-12276.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12276", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12276", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12559.json b/2018/12xxx/CVE-2018-12559.json index 0ae09016a68..986db295dfa 100644 --- a/2018/12xxx/CVE-2018-12559.json +++ b/2018/12xxx/CVE-2018-12559.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12559", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing directory traversal sequences such as a home/../usr substring." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12559", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openwall.com/lists/oss-security/2018/06/18/1", - "refsource" : "MISC", - "url" : "http://www.openwall.com/lists/oss-security/2018/06/18/1" - }, - { - "name" : "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3", - "refsource" : "MISC", - "url" : "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing directory traversal sequences such as a home/../usr substring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3", + "refsource": "MISC", + "url": "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3" + }, + { + "name": "http://www.openwall.com/lists/oss-security/2018/06/18/1", + "refsource": "MISC", + "url": "http://www.openwall.com/lists/oss-security/2018/06/18/1" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13275.json b/2018/13xxx/CVE-2018-13275.json index 2888f6fa2ef..0375e56ff7d 100644 --- a/2018/13xxx/CVE-2018-13275.json +++ b/2018/13xxx/CVE-2018-13275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13275", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-13275", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13366.json b/2018/13xxx/CVE-2018-13366.json index 75694674a58..c8f2c9356c1 100644 --- a/2018/13xxx/CVE-2018-13366.json +++ b/2018/13xxx/CVE-2018-13366.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13366", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13366", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13475.json b/2018/13xxx/CVE-2018-13475.json index 2687e83a02a..623b8ac0dce 100644 --- a/2018/13xxx/CVE-2018-13475.json +++ b/2018/13xxx/CVE-2018-13475.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13475", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" - }, - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" + }, + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13801.json b/2018/13xxx/CVE-2018-13801.json index bafe81b9372..0211bacd96d 100644 --- a/2018/13xxx/CVE-2018-13801.json +++ b/2018/13xxx/CVE-2018-13801.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "productcert@siemens.com", - "DATE_PUBLIC" : "2018-10-09T00:00:00", - "ID" : "CVE-2018-13801", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ROX II", - "version" : { - "version_data" : [ - { - "version_value" : "All versions < V2.12.1" - } - ] - } - } - ] - }, - "vendor_name" : "Siemens AG" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-264: Permissions, Privileges, and Access Controls" - } + "CVE_data_meta": { + "ASSIGNER": "productcert@siemens.com", + "DATE_PUBLIC": "2018-10-09T00:00:00", + "ID": "CVE-2018-13801", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ROX II", + "version": { + "version_data": [ + { + "version_value": "All versions < V2.12.1" + } + ] + } + } + ] + }, + "vendor_name": "Siemens AG" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03" - }, - { - "name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf", - "refsource" : "CONFIRM", - "url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf" - }, - { - "name" : "105545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105545" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-264: Permissions, Privileges, and Access Controls" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03" + }, + { + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf", + "refsource": "CONFIRM", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf" + }, + { + "name": "105545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105545" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13978.json b/2018/13xxx/CVE-2018-13978.json index 7f53079cb05..72ae9324a37 100644 --- a/2018/13xxx/CVE-2018-13978.json +++ b/2018/13xxx/CVE-2018-13978.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13978", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13978", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17137.json b/2018/17xxx/CVE-2018-17137.json index 56455c2cc3d..384466d5e81 100644 --- a/2018/17xxx/CVE-2018-17137.json +++ b/2018/17xxx/CVE-2018-17137.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17137", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17137", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/GitHubAssessments/CVE_Assessment_04_2018", - "refsource" : "MISC", - "url" : "https://github.com/GitHubAssessments/CVE_Assessment_04_2018" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/GitHubAssessments/CVE_Assessment_04_2018", + "refsource": "MISC", + "url": "https://github.com/GitHubAssessments/CVE_Assessment_04_2018" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17744.json b/2018/17xxx/CVE-2018-17744.json index 3c18872a453..18b69c3d71f 100644 --- a/2018/17xxx/CVE-2018-17744.json +++ b/2018/17xxx/CVE-2018-17744.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17744", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17744", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9226.json b/2018/9xxx/CVE-2018-9226.json index a61fd7e996d..4c1bb3e2168 100644 --- a/2018/9xxx/CVE-2018-9226.json +++ b/2018/9xxx/CVE-2018-9226.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9226", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9226", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file