admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:04:12 +00:00
parent b43b44505f
commit 8d4dd1ec9b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3404 additions and 3404 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2003/0xxx/CVE-2003-0181.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0181",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0181",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
"lang": "eng",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030218 More Lotus Domino Advisories",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
"name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name" : "http://www.nextgenss.com/advisories/lotus-60dos.txt",
"refsource" : "MISC",
"url" : "http://www.nextgenss.com/advisories/lotus-60dos.txt"
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
"name": "6951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name" : "CA-2003-11",
"refsource" : "CERT",
"url" : "http://www.cert.org/advisories/CA-2003-11.html"
"name": "lotus-invalid-field-dos(11361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"name" : "6951",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6951"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name" : "lotus-invalid-field-dos(11361)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
"name": "20030218 More Lotus Domino Advisories",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
]
}

80
2003/0xxx/CVE-2003-0283.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0283",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0283",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a \"<<\" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a \"<<\" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030509 A Phorum's bug...",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105251043821533&w=2"
"name": "phorum-message-html-injection(11974)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11974"
},
{
"name" : "20030509 Re: A Phorum's bug...",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105251421925394&w=2"
"name": "20030509 Re: A Phorum's bug...",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105251421925394&w=2"
},
{
"name" : "7545",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/7545"
"name": "7545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7545"
},
{
"name" : "phorum-message-html-injection(11974)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11974"
"name": "20030509 A Phorum's bug...",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105251043821533&w=2"
}
]
}

68
2003/0xxx/CVE-2003-0453.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0453",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0453",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain \"nprobes\" and \"max_ttl\" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer overflow."
"lang": "eng",
"value": "traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain \"nprobes\" and \"max_ttl\" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030620 BAZARR FAREWELL",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105613905425563&w=2"
"name": "DSA-348",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-348"
},
{
"name" : "DSA-348",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-348"
"name": "20030620 BAZARR FAREWELL",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105613905425563&w=2"
}
]
}

22
2003/0xxx/CVE-2003-0591.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0591",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2003-0591",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a duplicate number that was created during the refinement phase. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a duplicate number that was created during the refinement phase. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

62
2003/0xxx/CVE-2003-0785.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0785",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0785",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering."
"lang": "eng",
"value": "ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "DSA-389",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-389"
"name": "DSA-389",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-389"
}
]
}

122
2003/1xxx/CVE-2003-1073.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1073",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1073",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place."
"lang": "eng",
"value": "A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/308577"
"name": "1005994",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1005994"
},
{
"name" : "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html"
"name": "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt",
"refsource": "MISC",
"url": "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt"
},
{
"name" : "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt",
"refsource" : "MISC",
"url" : "http://isec.pl/vulnerabilities/isec-0008-sun-at.txt"
"name": "solaris-at-race-condition(11180)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11180"
},
{
"name" : "50161",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1"
"name": "solaris-at-directory-traversal(11179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11179"
},
{
"name" : "N-070",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/n-070.shtml"
"name": "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html"
},
{
"name" : "6692",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6692"
"name": "20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/308577"
},
{
"name" : "6693",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6693"
"name": "7960",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7960/"
},
{
"name" : "1005994",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1005994"
"name": "6693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6693"
},
{
"name" : "7960",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/7960/"
"name": "6692",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6692"
},
{
"name" : "solaris-at-race-condition(11180)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11180"
"name": "N-070",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-070.shtml"
},
{
"name" : "solaris-at-directory-traversal(11179)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11179"
"name": "50161",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1"
}
]
}

80
2004/0xxx/CVE-2004-0252.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-0252",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0252",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name."
"lang": "eng",
"value": "TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20040204 TYPSoft FTP Server 1.10 may be crashed",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=107591511716707&w=2"
"name": "20040204 TYPSoft FTP Server 1.10 may be crashed",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107591511716707&w=2"
},
{
"name" : "9573",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/9573"
"name": "typsoft-empty-username-dos(15048)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15048"
},
{
"name" : "1008943",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/alerts/2004/Feb/1008943.html"
"name": "9573",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9573"
},
{
"name" : "typsoft-empty-username-dos(15048)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15048"
"name": "1008943",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2004/Feb/1008943.html"
}
]
}

122
2004/0xxx/CVE-2004-0500.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-0500",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0500",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
"lang": "eng",
"value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "FEDORA-2004-278",
"refsource" : "FEDORA",
"url" : "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name" : "FEDORA-2004-279",
"refsource" : "FEDORA",
"url" : "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name" : "GLSA-200408-12",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name" : "GLSA-200408-27",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
"name": "SUSE-SA:2004:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name" : "MDKSA-2004:081",
"refsource" : "MANDRAKE",
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
"name": "MDKSA-2004:081",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name" : "RHSA-2004:400",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2004-400.html"
"name": "GLSA-200408-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"name" : "SUSE-SA:2004:025",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
"name": "http://gaim.sourceforge.net/security/?id=0",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name" : "http://gaim.sourceforge.net/security/?id=0",
"refsource" : "CONFIRM",
"url" : "http://gaim.sourceforge.net/security/?id=0"
"name": "gaim-msn-bo(16920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name" : "10865",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/10865"
"name": "oval:org.mitre.oval:def:9429",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name" : "oval:org.mitre.oval:def:9429",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name" : "gaim-msn-bo(16920)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
"name": "10865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10865"
}
]
}

74
2004/0xxx/CVE-2004-0617.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-0617",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0617",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20040622 ArbitroWeb v0.6 Javascript injection vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=108794392303244&w=2"
"name": "10592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10592"
},
{
"name" : "10592",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/10592"
"name": "20040622 ArbitroWeb v0.6 Javascript injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108794392303244&w=2"
},
{
"name" : "arbitroweb-rawurl-xss(16481)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16481"
"name": "arbitroweb-rawurl-xss(16481)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16481"
}
]
}

74
2004/0xxx/CVE-2004-0731.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-0731",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0731",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20040716 [waraxe-2004-SA#035 - Multiple security holes in PhpNuke - part 2]",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=109002107329823&w=2"
"name": "20040716 [waraxe-2004-SA#035 - Multiple security holes in PhpNuke - part 2]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109002107329823&w=2"
},
{
"name" : "http://www.waraxe.us/index.php?modname=sa&id=35",
"refsource" : "MISC",
"url" : "http://www.waraxe.us/index.php?modname=sa&id=35"
"name": "http://www.waraxe.us/index.php?modname=sa&id=35",
"refsource": "MISC",
"url": "http://www.waraxe.us/index.php?modname=sa&id=35"
},
{
"name" : "phpnuke-search-module-xss(16721)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16721"
"name": "phpnuke-search-module-xss(16721)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16721"
}
]
}

104
2004/0xxx/CVE-2004-0796.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-0796",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0796",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages."
"lang": "eng",
"value": "SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[spamassassin-announce] 20040805 [SA-Announce] SpamAssassin 2.64 is released!",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2"
"name": "GLSA-200408-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-06.xml"
},
{
"name" : "FLSA:2268",
"refsource" : "FEDORA",
"url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2268"
"name": "spamassassin-dos(16938)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16938"
},
{
"name" : "GLSA-200408-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200408-06.xml"
"name": "10957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10957"
},
{
"name" : "MDKSA-2004:084",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:084"
"name": "MDKSA-2004:084",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:084"
},
{
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337",
"refsource" : "CONFIRM",
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337"
"name": "oval:org.mitre.oval:def:10413",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413"
},
{
"name" : "10957",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/10957"
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337"
},
{
"name" : "oval:org.mitre.oval:def:10413",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413"
"name": "[spamassassin-announce] 20040805 [SA-Announce] SpamAssassin 2.64 is released!",
"refsource": "MLIST",
"url": "http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2"
},
{
"name" : "spamassassin-dos(16938)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16938"
"name": "FLSA:2268",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2268"
}
]
}

22
2004/0xxx/CVE-2004-0948.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-0948",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2004-0948",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It was a duplicate assignment before public disclosure. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It was a duplicate assignment before public disclosure. Notes: none."
}
]
}

68
2004/2xxx/CVE-2004-2182.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-2182",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2182",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server."
"lang": "eng",
"value": "Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MPSB04-08",
"refsource" : "ALLAIRE",
"url" : "http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html"
"name": "11414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11414"
},
{
"name" : "11414",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/11414"
"name": "MPSB04-08",
"refsource": "ALLAIRE",
"url": "http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html"
}
]
}

98
2004/2xxx/CVE-2004-2522.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-2522",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2522",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt",
"refsource" : "MISC",
"url" : "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt"
"name": "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt",
"refsource": "MISC",
"url": "http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt"
},
{
"name" : "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0",
"refsource" : "CONFIRM",
"url" : "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0"
"name": "12071",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12071"
},
{
"name" : "10731",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/10731"
"name": "gattaca-web-xss(16701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16701"
},
{
"name" : "7927",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/7927"
"name": "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0",
"refsource": "CONFIRM",
"url": "http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0"
},
{
"name" : "1010703",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1010703"
"name": "7927",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7927"
},
{
"name" : "12071",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/12071"
"name": "10731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10731"
},
{
"name" : "gattaca-web-xss(16701)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16701"
"name": "1010703",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010703"
}
]
}

86
2004/2xxx/CVE-2004-2676.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2004-2676",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2676",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges."
"lang": "eng",
"value": "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://secunia.com/secunia_research/2004-14/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2004-14/advisory/"
"name": "http://secunia.com/secunia_research/2004-14/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name" : "12534",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/12534"
"name": "13187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13187"
},
{
"name" : "1012652",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1012652"
"name": "spy-sweeper-gain-privileges(18628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name" : "13187",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/13187"
"name": "1012652",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012652"
},
{
"name" : "spy-sweeper-gain-privileges(18628)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
"name": "12534",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12534"
}
]
}

86
2008/2xxx/CVE-2008-2096.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-2096",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2096",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php."
"lang": "eng",
"value": "SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080505 [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/491612/100/0/threaded"
"name": "5546",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5546"
},
{
"name" : "5546",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5546"
"name": "20080505 [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491612/100/0/threaded"
},
{
"name" : "29054",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/29054"
"name": "backlinkspider-catid-sql-injection(42189)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42189"
},
{
"name" : "3857",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3857"
"name": "3857",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3857"
},
{
"name" : "backlinkspider-catid-sql-injection(42189)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42189"
"name": "29054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29054"
}
]
}

188
2008/2xxx/CVE-2008-2152.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-2152",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2152",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow."
"lang": "eng",
"value": "Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080610 Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714"
"name": "30635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30635"
},
{
"name" : "http://www.openoffice.org/security/cves/CVE-2008-2152.html",
"refsource" : "CONFIRM",
"url" : "http://www.openoffice.org/security/cves/CVE-2008-2152.html"
"name": "RHSA-2008:0537",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0537.html"
},
{
"name" : "FEDORA-2008-5143",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00385.html"
"name": "30633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30633"
},
{
"name" : "FEDORA-2008-5239",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00473.html"
"name": "237944",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1"
},
{
"name" : "FEDORA-2008-5247",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00499.html"
"name": "FEDORA-2008-5143",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00385.html"
},
{
"name" : "GLSA-200807-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200807-05.xml"
"name": "1020219",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020219"
},
{
"name" : "MDVSA-2008:137",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:137"
"name": "FEDORA-2008-5247",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00499.html"
},
{
"name" : "MDVSA-2008:138",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:138"
"name": "GLSA-200807-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200807-05.xml"
},
{
"name" : "RHSA-2008:0538",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0538.html"
"name": "ADV-2008-1804",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1804/references"
},
{
"name" : "RHSA-2008:0537",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0537.html"
"name": "oval:org.mitre.oval:def:9787",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9787"
},
{
"name" : "237944",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1"
"name": "MDVSA-2008:138",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:138"
},
{
"name" : "29622",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/29622"
"name": "http://www.openoffice.org/security/cves/CVE-2008-2152.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2008-2152.html"
},
{
"name" : "oval:org.mitre.oval:def:9787",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9787"
"name": "RHSA-2008:0538",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0538.html"
},
{
"name" : "ADV-2008-1773",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1773"
"name": "30634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30634"
},
{
"name" : "ADV-2008-1804",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1804/references"
"name": "30599",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30599"
},
{
"name" : "1020219",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1020219"
"name": "FEDORA-2008-5239",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00473.html"
},
{
"name" : "30599",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30599"
"name": "20080610 Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714"
},
{
"name" : "30633",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30633"
"name": "openoffice-rtlallocatememory-bo(42957)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42957"
},
{
"name" : "30634",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30634"
"name": "ADV-2008-1773",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1773"
},
{
"name" : "30635",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30635"
"name": "29622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29622"
},
{
"name" : "31029",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31029"
"name": "31029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31029"
},
{
"name" : "openoffice-rtlallocatememory-bo(42957)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42957"
"name": "MDVSA-2008:137",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:137"
}
]
}

86
2008/2xxx/CVE-2008-2271.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-2271",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2271",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the \"access content\" permission to list tables and obtain session IDs from the database."
"lang": "eng",
"value": "The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the \"access content\" permission to list tables and obtain session IDs from the database."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://drupal.org/node/258547",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/258547"
"name": "29242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29242"
},
{
"name" : "29242",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/29242"
"name": "http://drupal.org/node/258547",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/258547"
},
{
"name" : "ADV-2008-1541",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1541/references"
"name": "site-access-content-info-disclosure(42453)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42453"
},
{
"name" : "30257",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30257"
"name": "ADV-2008-1541",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1541/references"
},
{
"name" : "site-access-content-info-disclosure(42453)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42453"
"name": "30257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30257"
}
]
}

392
2008/2xxx/CVE-2008-2811.json
View File

@ -1,336 +1,336 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-2811",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-2811",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines."
"lang": "eng",
"value": "The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080708 rPSA-2008-0216-1 firefox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=439735",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=439735"
},
{
"name" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
"name": "SUSE-SA:2008:034",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
},
{
"name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html"
"name": "RHSA-2008:0549",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=439735",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=439735"
"name": "DSA-1697",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1697"
},
{
"name" : "https://issues.rpath.com/browse/RPL-2646",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-2646"
"name": "oval:org.mitre.oval:def:9865",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9865"
},
{
"name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
"name": "31021",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31021"
},
{
"name" : "DSA-1607",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1607"
"name": "30898",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30898"
},
{
"name" : "DSA-1615",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1615"
"name": "31403",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31403"
},
{
"name" : "DSA-1621",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1621"
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0216",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
},
{
"name" : "DSA-1697",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1697"
"name": "https://issues.rpath.com/browse/RPL-2646",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2646"
},
{
"name" : "FEDORA-2008-6127",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
"name": "30949",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30949"
},
{
"name" : "FEDORA-2008-6193",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
"name": "SSA:2008-191-03",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152"
},
{
"name" : "FEDORA-2008-6196",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
"name": "ADV-2009-0977",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0977"
},
{
"name" : "FEDORA-2008-6706",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html"
"name": "31069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31069"
},
{
"name" : "FEDORA-2008-6737",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html"
"name": "31008",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31008"
},
{
"name" : "GLSA-200808-03",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200808-03.xml"
"name": "31377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31377"
},
{
"name" : "MDVSA-2008:136",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
"name": "RHSA-2008:0616",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
},
{
"name" : "MDVSA-2008:155",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-33.html"
},
{
"name" : "RHSA-2008:0547",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
"name": "ADV-2008-1993",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1993/references"
},
{
"name" : "RHSA-2008:0549",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
"name": "31023",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31023"
},
{
"name" : "RHSA-2008:0569",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
"name": "MDVSA-2008:155",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
},
{
"name" : "RHSA-2008:0616",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
"name": "30038",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30038"
},
{
"name" : "SSA:2008-191-03",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152"
"name": "30915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30915"
},
{
"name" : "SSA:2008-210-05",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484"
"name": "DSA-1607",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1607"
},
{
"name" : "SSA:2008-191",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911"
"name": "GLSA-200808-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200808-03.xml"
},
{
"name" : "256408",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
"name": "31005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31005"
},
{
"name" : "SUSE-SA:2008:034",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
"name": "33433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33433"
},
{
"name" : "USN-619-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-619-1"
"name": "FEDORA-2008-6127",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
},
{
"name" : "USN-629-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-629-1"
"name": "1020419",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020419"
},
{
"name" : "VU#607267",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/607267"
"name": "31253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31253"
},
{
"name" : "30038",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/30038"
"name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
},
{
"name" : "oval:org.mitre.oval:def:9865",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9865"
"name": "FEDORA-2008-6737",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html"
},
{
"name" : "34501",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34501"
"name": "31183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31183"
},
{
"name" : "31076",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31076"
"name": "30903",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30903"
},
{
"name" : "ADV-2008-1993",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1993/references"
"name": "RHSA-2008:0547",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
},
{
"name" : "1020419",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1020419"
"name": "FEDORA-2008-6193",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
},
{
"name" : "30911",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30911"
"name": "USN-629-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-629-1"
},
{
"name" : "30915",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30915"
"name": "256408",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
},
{
"name" : "30878",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30878"
"name": "SSA:2008-191",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911"
},
{
"name" : "30898",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30898"
"name": "VU#607267",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/607267"
},
{
"name" : "30903",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30903"
"name": "SSA:2008-210-05",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484"
},
{
"name" : "30949",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30949"
"name": "DSA-1615",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1615"
},
{
"name" : "31005",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31005"
"name": "FEDORA-2008-6706",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html"
},
{
"name" : "31008",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31008"
"name": "31220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31220"
},
{
"name" : "31069",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31069"
"name": "31195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31195"
},
{
"name" : "31023",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31023"
"name": "31076",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31076"
},
{
"name" : "31183",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31183"
"name": "USN-619-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-619-1"
},
{
"name" : "31195",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31195"
"name": "30911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30911"
},
{
"name" : "31220",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31220"
"name": "RHSA-2008:0569",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
},
{
"name" : "31253",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31253"
"name": "30878",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30878"
},
{
"name" : "31377",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31377"
"name": "DSA-1621",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1621"
},
{
"name" : "31286",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31286"
"name": "20080708 rPSA-2008-0216-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
},
{
"name" : "31403",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31403"
"name": "31286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31286"
},
{
"name" : "31021",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31021"
"name": "FEDORA-2008-6196",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
},
{
"name" : "33433",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33433"
"name": "34501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34501"
},
{
"name" : "ADV-2009-0977",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0977"
"name": "MDVSA-2008:136",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
}
]
}

218
2008/2xxx/CVE-2008-2992.json
View File

@ -1,191 +1,191 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-2992",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2992",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104."
"lang": "eng",
"value": "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20081104 CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/498032/100/0/threaded"
"name": "30035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30035"
},
{
"name" : "20081104 Secunia Research: Adobe Acrobat/Reader \"util.printf()\" Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/498027/100/0/threaded"
"name": "32700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32700"
},
{
"name" : "20081104 ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/498055/100/0/threaded"
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609"
},
{
"name" : "6994",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/6994"
"name": "20081104 Secunia Research: Adobe Acrobat/Reader \"util.printf()\" Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498027/100/0/threaded"
},
{
"name" : "7006",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/7006"
"name": "http://secunia.com/secunia_research/2008-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2008-14/"
},
{
"name" : "http://secunia.com/secunia_research/2008-14/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2008-14/"
"name": "32091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32091"
},
{
"name" : "http://www.coresecurity.com/content/adobe-reader-buffer-overflow",
"refsource" : "MISC",
"url" : "http://www.coresecurity.com/content/adobe-reader-buffer-overflow"
"name": "49520",
"refsource": "OSVDB",
"url": "http://osvdb.org/49520"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-072/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-072/"
"name": "35163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35163"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb08-19.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb08-19.html"
"name": "249366",
"refsource": "SUNALERT",
"url": "http://download.oracle.com/sunalerts/1019937.1.html"
},
{
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801",
"refsource" : "CONFIRM",
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801"
"name": "32872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32872"
},
{
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609",
"refsource" : "CONFIRM",
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609"
"name": "7006",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7006"
},
{
"name" : "RHSA-2008:0974",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0974.html"
"name": "4549",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4549"
},
{
"name" : "249366",
"refsource" : "SUNALERT",
"url" : "http://download.oracle.com/sunalerts/1019937.1.html"
"name": "http://www.coresecurity.com/content/adobe-reader-buffer-overflow",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/adobe-reader-buffer-overflow"
},
{
"name" : "SUSE-SR:2008:026",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-072/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-072/"
},
{
"name" : "TA08-309A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-309A.html"
"name": "http://www.adobe.com/support/security/bulletins/apsb08-19.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb08-19.html"
},
{
"name" : "VU#593409",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/593409"
"name": "20081104 ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498055/100/0/threaded"
},
{
"name" : "32091",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/32091"
"name": "6994",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6994"
},
{
"name" : "30035",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/30035"
"name": "ADV-2009-0098",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0098"
},
{
"name" : "1021140",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1021140"
"name": "29773",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29773"
},
{
"name" : "35163",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35163"
"name": "TA08-309A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-309A.html"
},
{
"name" : "ADV-2008-3001",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/3001"
"name": "1021140",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021140"
},
{
"name" : "ADV-2009-0098",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0098"
"name": "20081104 CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498032/100/0/threaded"
},
{
"name" : "49520",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/49520"
"name": "ADV-2008-3001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3001"
},
{
"name" : "29773",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29773"
"name": "SUSE-SR:2008:026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name" : "32872",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/32872"
"name": "RHSA-2008:0974",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0974.html"
},
{
"name" : "32700",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/32700"
"name": "VU#593409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/593409"
},
{
"name" : "4549",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/4549"
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801"
}
]
}

98
2008/6xxx/CVE-2008-6506.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-6506",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6506",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090206 CVE request: phpbb < 3.0.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/02/06/2"
"name": "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565",
"refsource": "CONFIRM",
"url": "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565"
},
{
"name" : "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565",
"refsource" : "CONFIRM",
"url" : "http://www.phpbb.com/community/viewtopic.php?f=14&t=1352565"
"name": "33166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33166"
},
{
"name" : "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303",
"refsource" : "CONFIRM",
"url" : "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303"
"name": "32842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32842"
},
{
"name" : "32842",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/32842"
"name": "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303",
"refsource": "CONFIRM",
"url": "http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v303"
},
{
"name" : "50806",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/50806"
"name": "[oss-security] 20090206 CVE request: phpbb < 3.0.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/2"
},
{
"name" : "33166",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33166"
"name": "50806",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/50806"
},
{
"name" : "phpbb-account-activation-security-bypass(47370)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47370"
"name": "phpbb-account-activation-security-bypass(47370)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47370"
}
]
}

80
2012/1xxx/CVE-2012-1225.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1225",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1225",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20120210 Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-02/0056.html"
"name": "47969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47969"
},
{
"name" : "51956",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51956"
"name": "20120210 Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0056.html"
},
{
"name" : "79011",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/79011"
"name": "51956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51956"
},
{
"name" : "47969",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47969"
"name": "79011",
"refsource": "OSVDB",
"url": "http://osvdb.org/79011"
}
]
}

74
2012/1xxx/CVE-2012-1253.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1253",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-1253",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/"
"name": "JVN#21422837",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN21422837/index.html"
},
{
"name" : "JVN#21422837",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN21422837/index.html"
"name": "JVNDB-2012-000050",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000050"
},
{
"name" : "JVNDB-2012-000050",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000050"
"name": "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/"
}
]
}

22
2012/1xxx/CVE-2012-1489.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1489",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1489",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2012/1xxx/CVE-2012-1756.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1756",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1756",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
"name": "1027263",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027263"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"name": "54524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54524"
},
{
"name" : "54524",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/54524"
"name": "83978",
"refsource": "OSVDB",
"url": "http://osvdb.org/83978"
},
{
"name" : "83978",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/83978"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name" : "1027263",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027263"
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "mysql-server1-dos(77063)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77063"
"name": "mysql-server1-dos(77063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77063"
}
]
}

62
2012/5xxx/CVE-2012-5427.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5427",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5427",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518."
"lang": "eng",
"value": "Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf"
"name": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf"
}
]
}

22
2012/5xxx/CVE-2012-5620.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5620",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5620",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2012/5xxx/CVE-2012-5752.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5752",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5752",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2012/5xxx/CVE-2012-5957.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5957",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5957",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2017/11xxx/CVE-2017-11200.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-11200",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11200",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter."
"lang": "eng",
"value": "SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection",
"refsource" : "MISC",
"url" : "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection"
"name": "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection",
"refsource": "MISC",
"url": "http://lorexxar.cn/2017/07/11/Some%20Vulnerability%20for%20FineCMS%20through%202017.7.11/#Authenticated-SQL-injection"
}
]
}

22
2017/11xxx/CVE-2017-11429.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-11429",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11429",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2017/3xxx/CVE-2017-3844.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"ID" : "CVE-2017-3844",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3844",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cisco Prime Collaboration Assurance",
"version" : {
"version_data" : [
"product_name": "Cisco Prime Collaboration Assurance",
"version": {
"version_data": [
{
"version_value" : "Cisco Prime Collaboration Assurance"
"version_value": "Cisco Prime Collaboration Assurance"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc86238. Known Affected Releases: 11.5(0)."
"lang": "eng",
"value": "A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc86238. Known Affected Releases: 11.5(0)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Directory Listing Unauthorized Access Vulnerability"
"lang": "eng",
"value": "Directory Listing Unauthorized Access Vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2",
"refsource" : "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2"
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2"
},
{
"name" : "96247",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96247"
"name": "96247",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96247"
},
{
"name" : "1037843",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037843"
"name": "1037843",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037843"
}
]
}

92
2017/7xxx/CVE-2017-7026.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-7026",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-7026",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207922",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207922"
"name": "https://support.apple.com/HT207924",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207924"
},
{
"name" : "https://support.apple.com/HT207923",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207923"
"name": "https://support.apple.com/HT207925",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207925"
},
{
"name" : "https://support.apple.com/HT207924",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207924"
"name": "https://support.apple.com/HT207923",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207923"
},
{
"name" : "https://support.apple.com/HT207925",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207925"
"name": "99883",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99883"
},
{
"name" : "99883",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99883"
"name": "1038950",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038950"
},
{
"name" : "1038950",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038950"
"name": "https://support.apple.com/HT207922",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207922"
}
]
}

62
2017/7xxx/CVE-2017-7893.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7893",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7893",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master."
"lang": "eng",
"value": "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html",
"refsource" : "CONFIRM",
"url" : "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html"
"name": "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html",
"refsource": "CONFIRM",
"url": "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html"
}
]
}

76
2017/8xxx/CVE-2017-8673.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00",
"ID" : "CVE-2017-8673",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-8673",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows RDP",
"version" : {
"version_data" : [
"product_name": "Windows RDP",
"version": {
"version_data": [
{
"version_value" : "Microsoft Windows 10 1703"
"version_value": "Microsoft Windows 10 1703"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka \"Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability.\""
"lang": "eng",
"value": "The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka \"Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8673"
},
{
"name" : "100079",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100079"
"name": "1039107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039107"
},
{
"name" : "1039107",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039107"
"name": "100079",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100079"
}
]
}

70
2017/8xxx/CVE-2017-8966.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-10-27T00:00:00",
"ID" : "CVE-2017-8966",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-10-27T00:00:00",
"ID": "CVE-2017-8966",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Intelligent Management Center (iMC) PLAT",
"version" : {
"version_data" : [
"product_name": "Intelligent Management Center (iMC) PLAT",
"version": {
"version_data": [
{
"version_value" : "7.3 E0504P2"
"version_value": "7.3 E0504P2"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found."
"lang": "eng",
"value": "A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Deserialization of Untrusted Data"
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us"
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us"
},
{
"name" : "1039684",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039684"
"name": "1039684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039684"
}
]
}

62
2018/10xxx/CVE-2018-10106.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request."
"lang": "eng",
"value": "D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md",
"refsource" : "MISC",
"url" : "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md"
"name": "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md",
"refsource": "MISC",
"url": "https://github.com/iceMatcha/Some-Vulnerabilities-of-D-link-Dir815/blob/master/Vulnerabilities_Summary.md"
}
]
}

22
2018/10xxx/CVE-2018-10154.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10154",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-10154",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}

22
2018/10xxx/CVE-2018-10638.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10638",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10638",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/10xxx/CVE-2018-10667.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10667",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10667",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/10xxx/CVE-2018-10781.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10781",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10781",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

88
2018/10xxx/CVE-2018-10916.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "lpardo@redhat.com",
"ID" : "CVE-2018-10916",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-10916",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "lftp",
"version" : {
"version_data" : [
"product_name": "lftp",
"version": {
"version_data": [
{
"version_value" : "up to and including 4.8.3"
"version_value": "up to and including 4.8.3"
}
]
}
}
]
},
"vendor_name" : "[UNKNOWN]"
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system."
"lang": "eng",
"value": "It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system."
}
]
},
"impact" : {
"cvss" : [
"impact": {
"cvss": [
[
{
"vectorString" : "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version" : "3.0"
"vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-20"
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916"
"name": "https://github.com/lavv17/lftp/issues/452",
"refsource": "CONFIRM",
"url": "https://github.com/lavv17/lftp/issues/452"
},
{
"name" : "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992",
"refsource" : "CONFIRM",
"url" : "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992"
"name": "USN-3731-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3731-2/"
},
{
"name" : "https://github.com/lavv17/lftp/issues/452",
"refsource" : "CONFIRM",
"url" : "https://github.com/lavv17/lftp/issues/452"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916"
},
{
"name" : "USN-3731-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3731-2/"
"name": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992",
"refsource": "CONFIRM",
"url": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992"
}
]
}

22
2018/12xxx/CVE-2018-12267.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12267",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12267",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/12xxx/CVE-2018-12276.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12276",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12276",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/12xxx/CVE-2018-12559.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12559",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12559",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing directory traversal sequences such as a home/../usr substring."
"lang": "eng",
"value": "An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing directory traversal sequences such as a home/../usr substring."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.openwall.com/lists/oss-security/2018/06/18/1",
"refsource" : "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2018/06/18/1"
"name": "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3",
"refsource": "MISC",
"url": "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3"
},
{
"name" : "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3",
"refsource" : "MISC",
"url" : "https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3"
"name": "http://www.openwall.com/lists/oss-security/2018/06/18/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2018/06/18/1"
}
]
}

22
2018/13xxx/CVE-2018-13275.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13275",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-13275",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}

22
2018/13xxx/CVE-2018-13366.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13366",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13366",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/13xxx/CVE-2018-13475.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
"lang": "eng",
"value": "The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource" : "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
},
{
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken",
"refsource" : "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken"
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/VSCToken"
}
]
}

76
2018/13xxx/CVE-2018-13801.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "productcert@siemens.com",
"DATE_PUBLIC" : "2018-10-09T00:00:00",
"ID" : "CVE-2018-13801",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"DATE_PUBLIC": "2018-10-09T00:00:00",
"ID": "CVE-2018-13801",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "ROX II",
"version" : {
"version_data" : [
"product_name": "ROX II",
"version": {
"version_data": [
{
"version_value" : "All versions < V2.12.1"
"version_value": "All versions < V2.12.1"
}
]
}
}
]
},
"vendor_name" : "Siemens AG"
"vendor_name": "Siemens AG"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system."
"lang": "eng",
"value": "A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-264: Permissions, Privileges, and Access Controls"
"lang": "eng",
"value": "CWE-264: Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03"
},
{
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf",
"refsource" : "CONFIRM",
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
},
{
"name" : "105545",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105545"
"name": "105545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105545"
}
]
}

22
2018/13xxx/CVE-2018-13978.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13978",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13978",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/17xxx/CVE-2018-17137.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17137",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17137",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions."
"lang": "eng",
"value": "Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/GitHubAssessments/CVE_Assessment_04_2018",
"refsource" : "MISC",
"url" : "https://github.com/GitHubAssessments/CVE_Assessment_04_2018"
"name": "https://github.com/GitHubAssessments/CVE_Assessment_04_2018",
"refsource": "MISC",
"url": "https://github.com/GitHubAssessments/CVE_Assessment_04_2018"
}
]
}

22
2018/17xxx/CVE-2018-17744.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17744",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17744",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/9xxx/CVE-2018-9226.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9226",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9226",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}