admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:51:06 +00:00
parent d21c106d3c
commit 8fc9b6bc9e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 4882 additions and 4882 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2006/1xxx/CVE-2006-1480.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1480",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1480",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1608",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1608"
"name": "24160",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24160"
},
{
"name" : "17228",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17228"
"name": "webalbum-skin2-parameter-file-include(25443)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25443"
},
{
"name" : "ADV-2006-1108",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1108"
"name": "19400",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19400"
},
{
"name" : "24160",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24160"
"name": "17228",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17228"
},
{
"name" : "19400",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19400"
"name": "ADV-2006-1108",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1108"
},
{
"name" : "webalbum-skin2-parameter-file-include(25443)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25443"
"name": "1608",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1608"
}
]
}

206
2006/1xxx/CVE-2006-1528.json
View File

@ -1,181 +1,181 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1528",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-1528",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space."
"lang": "eng",
"value": "Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168791",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168791"
"name": "21555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21555"
},
{
"name" : "http://linux.bkbits.net:8080/linux-2.6/cset@43220081yu9ClBQNuqSSnW_9amW7iQ",
"refsource" : "CONFIRM",
"url" : "http://linux.bkbits.net:8080/linux-2.6/cset@43220081yu9ClBQNuqSSnW_9amW7iQ"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
},
{
"name" : "http://marc.info/?l=linux-scsi&m=112540053711489&w=2",
"refsource" : "MISC",
"url" : "http://marc.info/?l=linux-scsi&m=112540053711489&w=2"
"name": "RHSA-2006:0493",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
},
{
"name" : "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1",
"refsource" : "CONFIRM",
"url" : "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1"
"name": "SUSE-SA:2006:042",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
"name": "20716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20716"
},
{
"name" : "DSA-1183",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1183"
"name": "oval:org.mitre.oval:def:11037",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11037"
},
{
"name" : "DSA-1184",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1184"
"name": "21745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21745"
},
{
"name" : "MDKSA-2006:123",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:123"
"name": "SUSE-SA:2006:047",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html"
},
{
"name" : "RHSA-2006:0493",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
"name": "18101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18101"
},
{
"name" : "SUSE-SA:2006:042",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"
"name": "DSA-1183",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1183"
},
{
"name" : "SUSE-SA:2006:047",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_47_kernel.html"
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168791",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168791"
},
{
"name" : "USN-302-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-302-1"
"name": "USN-302-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-302-1"
},
{
"name" : "18101",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18101"
"name": "MDKSA-2006:123",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:123"
},
{
"name" : "oval:org.mitre.oval:def:11037",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11037"
"name": "22082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22082"
},
{
"name" : "ADV-2006-3330",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3330"
"name": "http://linux.bkbits.net:8080/linux-2.6/cset@43220081yu9ClBQNuqSSnW_9amW7iQ",
"refsource": "CONFIRM",
"url": "http://linux.bkbits.net:8080/linux-2.6/cset@43220081yu9ClBQNuqSSnW_9amW7iQ"
},
{
"name" : "20237",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20237"
"name": "kernel-sg-dos(28510)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28510"
},
{
"name" : "20716",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20716"
"name": "http://marc.info/?l=linux-scsi&m=112540053711489&w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=linux-scsi&m=112540053711489&w=2"
},
{
"name" : "21045",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21045"
"name": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1",
"refsource": "CONFIRM",
"url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1"
},
{
"name" : "21179",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21179"
"name": "ADV-2006-3330",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3330"
},
{
"name" : "21555",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21555"
"name": "21498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21498"
},
{
"name" : "21745",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21745"
"name": "21045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21045"
},
{
"name" : "22082",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22082"
"name": "20237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20237"
},
{
"name" : "22093",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22093"
"name": "22093",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22093"
},
{
"name" : "21498",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21498"
"name": "DSA-1184",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1184"
},
{
"name" : "kernel-sg-dos(28510)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28510"
"name": "21179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21179"
}
]
}

518
2006/1xxx/CVE-2006-1730.json
View File

@ -1,441 +1,441 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1730",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-1730",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow."
"lang": "eng",
"value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060415 ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431060/100/0/threaded"
"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html"
"name": "USN-275-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/275-1/"
},
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html"
"name": "ADV-2006-3748",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
"name": "RHSA-2006:0330",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
},
{
"name" : "DSA-1044",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1044"
"name": "SSRT061145",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
},
{
"name" : "DSA-1046",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1046"
"name": "19902",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19902"
},
{
"name" : "DSA-1051",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1051"
"name": "oval:org.mitre.oval:def:10055",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055"
},
{
"name" : "FEDORA-2006-410",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
"name": "20060404-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name" : "FEDORA-2006-411",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
"name": "USN-276-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/276-1/"
},
{
"name" : "FLSA:189137-1",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
"name": "HPSBUX02122",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
},
{
"name" : "FLSA:189137-2",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
"name": "19941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19941"
},
{
"name" : "GLSA-200604-12",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
"name": "19780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19780"
},
{
"name" : "GLSA-200604-18",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
"name": "RHSA-2006:0328",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
},
{
"name" : "GLSA-200605-09",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
"name": "VU#179014",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/179014"
},
{
"name" : "HPSBTU02118",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
"name": "19821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19821"
},
{
"name" : "SSRT061145",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
"name": "mozilla-css-letterspacing-overflow(25826)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25826"
},
{
"name" : "HPSBUX02122",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
"name": "GLSA-200604-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
},
{
"name" : "SSRT061158",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
"name": "21622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21622"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name": "19862",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19862"
},
{
"name" : "HPSBUX02156",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
"name": "MDKSA-2006:075",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
},
{
"name" : "SSRT061236",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"name" : "MDKSA-2006:075",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
"name": "19823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19823"
},
{
"name" : "MDKSA-2006:076",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
"name": "DSA-1051",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1051"
},
{
"name" : "MDKSA-2006:078",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
"name": "FEDORA-2006-410",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
},
{
"name" : "RHSA-2006:0328",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
"name": "720",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/720"
},
{
"name" : "RHSA-2006:0329",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
"name": "ADV-2006-3749",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3749"
},
{
"name" : "RHSA-2006:0330",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
"name": "USN-271-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/271-1/"
},
{
"name" : "SCOSA-2006.26",
"refsource" : "SCO",
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
"name": "19714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19714"
},
{
"name" : "20060404-01-U",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
"name": "RHSA-2006:0329",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
},
{
"name" : "102550",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
"name": "GLSA-200604-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
},
{
"name" : "228526",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
"name": "19811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19811"
},
{
"name" : "SUSE-SA:2006:022",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html"
"name": "1015918",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015918"
},
{
"name" : "SUSE-SA:2006:021",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
"name": "HPSBTU02118",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
},
{
"name" : "USN-275-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/275-1/"
"name": "19794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19794"
},
{
"name" : "USN-276-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/276-1/"
"name": "19746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19746"
},
{
"name" : "USN-271-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/271-1/"
"name": "21033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21033"
},
{
"name" : "TA06-107A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name" : "VU#179014",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/179014"
"name": "102550",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
},
{
"name" : "17516",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17516"
"name": "19696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19696"
},
{
"name" : "oval:org.mitre.oval:def:10055",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055"
"name": "19759",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19759"
},
{
"name" : "ADV-2006-1356",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1356"
"name": "SUSE-SA:2006:021",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
},
{
"name" : "ADV-2006-3391",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3391"
"name": "FLSA:189137-2",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
},
{
"name" : "ADV-2006-3748",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3748"
"name": "SSRT061181",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
},
{
"name" : "ADV-2006-3749",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3749"
"name": "ADV-2006-1356",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1356"
},
{
"name" : "ADV-2008-0083",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0083"
"name": "SSRT061236",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
},
{
"name" : "oval:org.mitre.oval:def:1614",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614"
"name": "1015916",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015916"
},
{
"name" : "1015915",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015915"
"name": "SSRT061158",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
},
{
"name" : "1015916",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015916"
"name": "oval:org.mitre.oval:def:1614",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614"
},
{
"name" : "1015917",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015917"
"name": "MDKSA-2006:078",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
},
{
"name" : "1015918",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015918"
"name": "19729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19729"
},
{
"name" : "19631",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19631"
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
},
{
"name" : "19649",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19649"
"name": "19649",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19649"
},
{
"name" : "19759",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19759"
"name": "20051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20051"
},
{
"name" : "19794",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19794"
"name": "19863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19863"
},
{
"name" : "19821",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19821"
"name": "1015915",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015915"
},
{
"name" : "19811",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19811"
"name": "HPSBUX02156",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
},
{
"name" : "19823",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19823"
"name": "SCOSA-2006.26",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
},
{
"name" : "19852",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19852"
"name": "TA06-107A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
},
{
"name" : "19862",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19862"
"name": "FLSA:189137-1",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
},
{
"name" : "19863",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19863"
"name": "17516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17516"
},
{
"name" : "19902",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19902"
"name": "228526",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
},
{
"name" : "19950",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19950"
"name": "FEDORA-2006-411",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
},
{
"name" : "19941",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19941"
"name": "19852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19852"
},
{
"name" : "19714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19714"
"name": "19721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19721"
},
{
"name" : "19721",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19721"
"name": "22066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22066"
},
{
"name" : "19746",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19746"
"name": "1015917",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015917"
},
{
"name" : "21033",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21033"
"name": "SUSE-SA:2006:022",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name" : "21622",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21622"
"name": "GLSA-200605-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
},
{
"name" : "19696",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19696"
"name": "ADV-2006-3391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3391"
},
{
"name" : "19729",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19729"
"name": "22065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22065"
},
{
"name" : "19780",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19780"
"name": "20060415 ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431060/100/0/threaded"
},
{
"name" : "20051",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20051"
"name": "19631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19631"
},
{
"name" : "22065",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22065"
"name": "19950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19950"
},
{
"name" : "22066",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22066"
"name": "MDKSA-2006:076",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
},
{
"name" : "720",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/720"
"name": "DSA-1046",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1046"
},
{
"name" : "mozilla-css-letterspacing-overflow(25826)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25826"
"name": "DSA-1044",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1044"
}
]
}

68
2006/5xxx/CVE-2006-5042.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5042",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5042",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in mosMedia (com_mosmedia) 1.0.8 and earlier for Joomla! has unspecified impact and attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in mosMedia (com_mosmedia) 1.0.8 and earlier for Joomla! has unspecified impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://forum.joomla.org/index.php/topic,78533.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.joomla.org/index.php/topic,78533.0.html"
"name": "http://forum.joomla.org/index.php/topic,79477.0.html",
"refsource": "CONFIRM",
"url": "http://forum.joomla.org/index.php/topic,79477.0.html"
},
{
"name" : "http://forum.joomla.org/index.php/topic,79477.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.joomla.org/index.php/topic,79477.0.html"
"name": "http://forum.joomla.org/index.php/topic,78533.0.html",
"refsource": "CONFIRM",
"url": "http://forum.joomla.org/index.php/topic,78533.0.html"
}
]
}

98
2006/5xxx/CVE-2006-5075.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5075",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5075",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client."
"lang": "eng",
"value": "The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
"name": "20224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20224"
},
{
"name" : "102563",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102563-1"
"name": "1016936",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016936"
},
{
"name" : "20224",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20224"
"name": "102563",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102563-1"
},
{
"name" : "ADV-2006-3792",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3792"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
},
{
"name" : "1016936",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016936"
"name": "22136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22136"
},
{
"name" : "22136",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22136"
"name": "solaris-ssl-client-dos(29185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29185"
},
{
"name" : "solaris-ssl-client-dos(29185)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29185"
"name": "ADV-2006-3792",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3792"
}
]
}

80
2006/5xxx/CVE-2006-5440.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5440",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5440",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2006-4103",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4103"
"name": "22459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22459"
},
{
"name" : "29845",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29845"
"name": "comdev-include-file-include(29220)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29220"
},
{
"name" : "22459",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22459"
"name": "29845",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29845"
},
{
"name" : "comdev-include-file-include(29220)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29220"
"name": "ADV-2006-4103",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4103"
}
]
}

92
2006/5xxx/CVE-2006-5602.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5602",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5602",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple memory leaks in xsupplicant before 1.2.6, and possibly other versions, allow attackers to cause a denial of service (memory consumption) via unspecified vectors."
"lang": "eng",
"value": "Multiple memory leaks in xsupplicant before 1.2.6, and possibly other versions, allow attackers to cause a denial of service (memory consumption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=421973&group_id=60236",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=421973&group_id=60236"
"name": "xsupplicant-unspecified-dos(29903)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29903"
},
{
"name" : "MDKSA-2006:189",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:189"
"name": "22612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22612"
},
{
"name" : "ADV-2006-4232",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4232"
"name": "ADV-2006-4232",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4232"
},
{
"name" : "22612",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22612"
"name": "http://sourceforge.net/project/shownotes.php?release_id=421973&group_id=60236",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=421973&group_id=60236"
},
{
"name" : "22641",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22641"
"name": "22641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22641"
},
{
"name" : "xsupplicant-unspecified-dos(29903)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29903"
"name": "MDKSA-2006:189",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:189"
}
]
}

86
2006/5xxx/CVE-2006-5731.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5731",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5731",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in classes/index.php in Lithium CMS 4.04c and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the siteconf[curl] parameter, as demonstrated by a POST to news/comment.php containing PHP code, which is stored under db/comments/news/ and included by classes/index.php."
"lang": "eng",
"value": "Directory traversal vulnerability in classes/index.php in Lithium CMS 4.04c and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the siteconf[curl] parameter, as demonstrated by a POST to news/comment.php containing PHP code, which is stored under db/comments/news/ and included by classes/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2702",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2702"
"name": "2702",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2702"
},
{
"name" : "20871",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20871"
"name": "22593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22593"
},
{
"name" : "ADV-2006-4361",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4361"
"name": "lithiumcms-index-file-include(29966)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29966"
},
{
"name" : "22593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22593"
"name": "20871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20871"
},
{
"name" : "lithiumcms-index-file-include(29966)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29966"
"name": "ADV-2006-4361",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4361"
}
]
}

74
2007/2xxx/CVE-2007-2014.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2014",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2014",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include/blocks/week_events.php in MyNews 4.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter, a different vector than CVE-2007-0633."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in include/blocks/week_events.php in MyNews 4.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter, a different vector than CVE-2007-0633."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://hackberry.ath.cx/research/3.txt",
"refsource" : "MISC",
"url" : "http://hackberry.ath.cx/research/3.txt"
"name": "37425",
"refsource": "OSVDB",
"url": "http://osvdb.org/37425"
},
{
"name" : "ADV-2007-1317",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1317"
"name": "http://hackberry.ath.cx/research/3.txt",
"refsource": "MISC",
"url": "http://hackberry.ath.cx/research/3.txt"
},
{
"name" : "37425",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37425"
"name": "ADV-2007-1317",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1317"
}
]
}

92
2007/2xxx/CVE-2007-2076.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2076",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2076",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in Maian Gallery 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating \"this problem existed only briefly in v1.0.\""
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Maian Gallery 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating \"this problem existed only briefly in v1.0.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070414 Maian Gallery v1.0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465732/100/0/threaded"
"name": "maiangallery-pathtofolder-file-include(33692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33692"
},
{
"name" : "20070414 Re: Maian Gallery v1.0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465853/100/0/threaded"
"name": "20070414 Re: Maian Gallery v1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465853/100/0/threaded"
},
{
"name" : "20070415 Re: phpMyChat-0.14.5",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2007-04/0244.html"
"name": "20070415 Re: phpMyChat-0.14.5",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-04/0244.html"
},
{
"name" : "20070415 false: Maian Gallery v1.0",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2007-April/001530.html"
"name": "20070415 false: Maian Gallery v1.0",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2007-April/001530.html"
},
{
"name" : "34149",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34149"
"name": "20070414 Maian Gallery v1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465732/100/0/threaded"
},
{
"name" : "maiangallery-pathtofolder-file-include(33692)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33692"
"name": "34149",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34149"
}
]
}

116
2007/2xxx/CVE-2007-2118.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2118",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2118",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors, aka DB13. NOTE: as of 20070424, Oracle has not disputed reliable claims that this is a buffer overflow involving the \"mig utility.\""
"lang": "eng",
"value": "Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors, aka DB13. NOTE: as of 20070424, Oracle has not disputed reliable claims that this is a buffer overflow involving the \"mig utility.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf",
"refsource" : "MISC",
"url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf"
"name": "TA07-108A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-108A.html"
},
{
"name" : "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf",
"refsource" : "MISC",
"url" : "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html"
"name": "23532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23532"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html"
"name": "1017927",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017927"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
"name": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html"
},
{
"name" : "TA07-108A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-108A.html"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded"
},
{
"name" : "23532",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23532"
"name": "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf"
},
{
"name" : "ADV-2007-1426",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1426"
"name": "ADV-2007-1426",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1426"
},
{
"name" : "1017927",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017927"
"name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf",
"refsource": "MISC",
"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf"
}
]
}

134
2007/2xxx/CVE-2007-2314.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2314",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2314",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter to (a) configurer.php, (b) connect.php, (c) delete.php, (d) delete2.php, (e) index.php, (f) infos.php, (g) membres.php, (h) modif-infos.php, (i) modif-message.php, (j) modif.php, (k) uninstall.php, or (l) uninstall_table.php in admin/, different vectors than CVE-2007-2000. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter to (a) configurer.php, (b) connect.php, (c) delete.php, (d) delete2.php, (e) index.php, (f) infos.php, (g) membres.php, (h) modif-infos.php, (i) modif-message.php, (j) modif.php, (k) uninstall.php, or (l) uninstall_table.php in admin/, different vectors than CVE-2007-2000. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "34818",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34818"
"name": "34819",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34819"
},
{
"name" : "34819",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34819"
"name": "34820",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34820"
},
{
"name" : "34820",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34820"
"name": "34825",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34825"
},
{
"name" : "34821",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34821"
"name": "34829",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34829"
},
{
"name" : "34822",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34822"
"name": "34827",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34827"
},
{
"name" : "34823",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34823"
"name": "24862",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24862"
},
{
"name" : "34824",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34824"
"name": "34824",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34824"
},
{
"name" : "34825",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34825"
"name": "34826",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34826"
},
{
"name" : "34826",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34826"
"name": "34822",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34822"
},
{
"name" : "34827",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34827"
"name": "34823",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34823"
},
{
"name" : "34828",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34828"
"name": "34818",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34818"
},
{
"name" : "34829",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34829"
"name": "34821",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34821"
},
{
"name" : "24862",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24862"
"name": "34828",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34828"
}
]
}

68
2007/2xxx/CVE-2007-2474.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2474",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2474",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070425 sunshop v4 >> RFI",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/466850/100/0/threaded"
"name": "20070425 sunshop v4 >> RFI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466850/100/0/threaded"
},
{
"name" : "23662",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23662"
"name": "23662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23662"
}
]
}

104
2007/2xxx/CVE-2007-2577.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2577",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2577",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to execute arbitrary SQL commands via (1) the mode parameter to feeds.php, the (2) form[cat] parameter to (a) news/list/index.php or (b) certain news/details/id_*/action_create/index.php files, or (3) the form[mods][] parameter to search/list/action_search/index.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to execute arbitrary SQL commands via (1) the mode parameter to feeds.php, the (2) form[cat] parameter to (a) news/list/index.php or (b) certain news/details/id_*/action_create/index.php files, or (3) the form[mods][] parameter to search/list/action_search/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070505 ACP3 (v4.0b3) - Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/467746/100/0/threaded"
"name": "36185",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36185"
},
{
"name" : "23834",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23834"
"name": "2686",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2686"
},
{
"name" : "36184",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/36184"
"name": "23834",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23834"
},
{
"name" : "36185",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/36185"
"name": "36186",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36186"
},
{
"name" : "36186",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/36186"
"name": "20070505 ACP3 (v4.0b3) - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467746/100/0/threaded"
},
{
"name" : "36187",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/36187"
"name": "acp3-index-feeds-sql-injection(34111)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34111"
},
{
"name" : "2686",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2686"
"name": "36184",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36184"
},
{
"name" : "acp3-index-feeds-sql-injection(34111)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34111"
"name": "36187",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36187"
}
]
}

68
2007/2xxx/CVE-2007-2910.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2910",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2910",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.6.7 PL1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the vb_367_xss_fix_plugin.xml update, a related issue to CVE-2007-2909."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.6.7 PL1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the vb_367_xss_fix_plugin.xml update, a related issue to CVE-2007-2909."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.vbulletin.com/forum/showthread.php?postid=1355012",
"refsource" : "CONFIRM",
"url" : "http://www.vbulletin.com/forum/showthread.php?postid=1355012"
"name": "35157",
"refsource": "OSVDB",
"url": "http://osvdb.org/35157"
},
{
"name" : "35157",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35157"
"name": "http://www.vbulletin.com/forum/showthread.php?postid=1355012",
"refsource": "CONFIRM",
"url": "http://www.vbulletin.com/forum/showthread.php?postid=1355012"
}
]
}

92
2007/6xxx/CVE-2007-6319.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6319",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6319",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
"name": "3671",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3671"
},
{
"name" : "26792",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26792"
"name": "1019436",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019436"
},
{
"name" : "ADV-2008-0618",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0618"
"name": "29019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29019"
},
{
"name" : "1019436",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019436"
"name": "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
},
{
"name" : "29019",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29019"
"name": "ADV-2008-0618",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0618"
},
{
"name" : "3671",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3671"
"name": "26792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26792"
}
]
}

110
2007/6xxx/CVE-2007-6528.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6528",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6528",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071224 [ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/485482/100/0/threaded"
"name": "3484",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3484"
},
{
"name" : "4942",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4942"
"name": "http://tikiwiki.org/ReleaseProcess199",
"refsource": "CONFIRM",
"url": "http://tikiwiki.org/ReleaseProcess199"
},
{
"name" : "http://tikiwiki.org/ReleaseProcess199",
"refsource" : "CONFIRM",
"url" : "http://tikiwiki.org/ReleaseProcess199"
"name": "27008",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27008"
},
{
"name" : "GLSA-200801-10",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200801-10.xml"
"name": "20071224 [ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485482/100/0/threaded"
},
{
"name" : "27008",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27008"
"name": "28225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28225"
},
{
"name" : "41178",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41178"
"name": "28602",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28602"
},
{
"name" : "28225",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28225"
"name": "41178",
"refsource": "OSVDB",
"url": "http://osvdb.org/41178"
},
{
"name" : "28602",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28602"
"name": "GLSA-200801-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200801-10.xml"
},
{
"name" : "3484",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3484"
"name": "4942",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4942"
}
]
}

134
2010/0xxx/CVE-2010-0043.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0043",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-0043",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image."
"lang": "eng",
"value": "ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4070",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4070"
"name": "APPLE-SA-2010-03-11-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
},
{
"name" : "http://support.apple.com/kb/HT4077",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4077"
"name": "http://support.apple.com/kb/HT4225",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4225"
},
{
"name" : "http://support.apple.com/kb/HT4225",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4225"
"name": "1023706",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023706"
},
{
"name" : "http://support.apple.com/kb/HT4105",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4105"
"name": "39135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39135"
},
{
"name" : "APPLE-SA-2010-03-11-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name" : "APPLE-SA-2010-03-29-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
"name": "http://support.apple.com/kb/HT4105",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4105"
},
{
"name" : "APPLE-SA-2010-03-30-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html"
"name": "http://support.apple.com/kb/HT4070",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4070"
},
{
"name" : "APPLE-SA-2010-06-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
"name": "oval:org.mitre.oval:def:6901",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6901"
},
{
"name" : "38671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38671"
"name": "38673",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38673"
},
{
"name" : "38673",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38673"
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name" : "oval:org.mitre.oval:def:6901",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6901"
"name": "APPLE-SA-2010-03-30-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html"
},
{
"name" : "1023706",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023706"
"name": "APPLE-SA-2010-06-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name" : "39135",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39135"
"name": "38671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38671"
}
]
}

98
2010/0xxx/CVE-2010-0220.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0220",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0220",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array."
"lang": "eng",
"value": "The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://isc.sans.org/diary.html?storyid=7897",
"refsource" : "MISC",
"url" : "http://isc.sans.org/diary.html?storyid=7897"
"name": "http://isc.sans.org/diary.html?storyid=7897",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?storyid=7897"
},
{
"name" : "http://hg.mozilla.org/mozilla-central/rev/51396f6c9f20",
"refsource" : "CONFIRM",
"url" : "http://hg.mozilla.org/mozilla-central/rev/51396f6c9f20"
"name": "MDVSA-2010:000",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:000"
},
{
"name" : "http://www.mozilla.com/en-US/firefox/3.5.7/releasenotes/",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.com/en-US/firefox/3.5.7/releasenotes/"
"name": "firefox-nsobserverlist-dos(55550)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55550"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=507114",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=507114"
"name": "http://hg.mozilla.org/mozilla-central/rev/51396f6c9f20",
"refsource": "CONFIRM",
"url": "http://hg.mozilla.org/mozilla-central/rev/51396f6c9f20"
},
{
"name" : "MDVSA-2010:000",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:000"
"name": "oval:org.mitre.oval:def:8292",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8292"
},
{
"name" : "oval:org.mitre.oval:def:8292",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8292"
"name": "http://www.mozilla.com/en-US/firefox/3.5.7/releasenotes/",
"refsource": "CONFIRM",
"url": "http://www.mozilla.com/en-US/firefox/3.5.7/releasenotes/"
},
{
"name" : "firefox-nsobserverlist-dos(55550)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55550"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=507114",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=507114"
}
]
}

80
2010/0xxx/CVE-2010-0707.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0707",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0707",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "11516",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11516"
"name": "38662",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38662"
},
{
"name" : "62478",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/62478"
"name": "11516",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11516"
},
{
"name" : "38662",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38662"
"name": "timeclock-adduser-csrf(56410)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56410"
},
{
"name" : "timeclock-adduser-csrf(56410)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56410"
"name": "62478",
"refsource": "OSVDB",
"url": "http://osvdb.org/62478"
}
]
}

62
2010/0xxx/CVE-2010-0915.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0915",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0915",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Advanced Product Catalog component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Advanced Product Catalog component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}
]
}

98
2010/0xxx/CVE-2010-0969.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0969",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0969",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
"lang": "eng",
"value": "Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[unbound-users] 20100311 Unbound 1.4.3 release",
"refsource" : "MLIST",
"url" : "http://www.unbound.net/pipermail/unbound-users/2010-March/001057.html"
"name": "62903",
"refsource": "OSVDB",
"url": "http://osvdb.org/62903"
},
{
"name" : "[oss-security] 20100312 CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/03/12/3"
"name": "[oss-security] 20100312 CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/12/3"
},
{
"name" : "[oss-security] 20100316 Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126876222231747&w=2"
"name": "38888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38888"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=309117",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=309117"
"name": "[unbound-users] 20100311 Unbound 1.4.3 release",
"refsource": "MLIST",
"url": "http://www.unbound.net/pipermail/unbound-users/2010-March/001057.html"
},
{
"name" : "38701",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38701"
"name": "[oss-security] 20100316 Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126876222231747&w=2"
},
{
"name" : "62903",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/62903"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=309117",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=309117"
},
{
"name" : "38888",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38888"
"name": "38701",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38701"
}
]
}

68
2010/1xxx/CVE-2010-1014.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1014",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1014",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
"name": "38823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38823"
},
{
"name" : "38823",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38823"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
}
]
}

86
2010/1xxx/CVE-2010-1035.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1035",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-1035",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in HP Virtual Machine Manager (VMM) before 6.0 allow remote authenticated users to execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in HP Virtual Machine Manager (VMM) before 6.0 allow remote authenticated users to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBMA02494",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/510881/100/0/threaded"
"name": "HPSBMA02494",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/510881/100/0/threaded"
},
{
"name" : "SSRT090168",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/510881/100/0/threaded"
"name": "39637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39637"
},
{
"name" : "39637",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39637"
"name": "39583",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39583"
},
{
"name" : "1023913",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023913"
"name": "SSRT090168",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/510881/100/0/threaded"
},
{
"name" : "39583",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39583"
"name": "1023913",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023913"
}
]
}

134
2010/1xxx/CVE-2010-1087.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1087",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1087",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible."
"lang": "eng",
"value": "The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
"name": "oval:org.mitre.oval:def:10442",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10442"
},
{
"name" : "[oss-security] 20100303 CVE request: kernel: NFS: Fix an Oops when truncating a file",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/03/03/1"
"name": "39569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39569"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9f557cd8073104b39528794d44e129331ded649f",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9f557cd8073104b39528794d44e129331ded649f"
"name": "SUSE-SA:2010:031",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=567184",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=567184"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9f557cd8073104b39528794d44e129331ded649f",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9f557cd8073104b39528794d44e129331ded649f"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=567184",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=567184"
},
{
"name" : "DSA-2053",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2053"
"name": "40645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40645"
},
{
"name" : "SUSE-SA:2010:031",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
"name": "[oss-security] 20100303 CVE request: kernel: NFS: Fix an Oops when truncating a file",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/03/1"
},
{
"name" : "39569",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39569"
"name": "43315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43315"
},
{
"name" : "oval:org.mitre.oval:def:10442",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10442"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "39830",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39830"
"name": "DSA-2053",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"name" : "40645",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40645"
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "43315",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43315"
"name": "39830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39830"
},
{
"name" : "ADV-2010-1857",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1857"
"name": "ADV-2010-1857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1857"
}
]
}

74
2010/1xxx/CVE-2010-1705.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1705",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1705",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter."
"lang": "eng",
"value": "SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "12443",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/12443"
"name": "12443",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12443"
},
{
"name" : "39646",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39646"
"name": "39646",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39646"
},
{
"name" : "ADV-2010-1028",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1028"
"name": "ADV-2010-1028",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1028"
}
]
}

92
2010/1xxx/CVE-2010-1743.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1743",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1743",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "12458",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/12458"
"name": "scratcher-projects-sql-injection(58234)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58234"
},
{
"name" : "http://packetstormsecurity.org/1004-exploits/scratcher-sqlxss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1004-exploits/scratcher-sqlxss.txt"
"name": "12458",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12458"
},
{
"name" : "39827",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39827"
"name": "http://packetstormsecurity.org/1004-exploits/scratcher-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1004-exploits/scratcher-sqlxss.txt"
},
{
"name" : "64220",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/64220"
"name": "39631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39631"
},
{
"name" : "39631",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39631"
"name": "64220",
"refsource": "OSVDB",
"url": "http://osvdb.org/64220"
},
{
"name" : "scratcher-projects-sql-injection(58234)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58234"
"name": "39827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39827"
}
]
}

80
2010/4xxx/CVE-2010-4191.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4191",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4191",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306."
"lang": "eng",
"value": "Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-01.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-01.html"
"name": "46325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46325"
},
{
"name" : "46325",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46325"
"name": "ADV-2011-0335",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0335"
},
{
"name" : "1025056",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025056"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"
},
{
"name" : "ADV-2011-0335",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0335"
"name": "1025056",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025056"
}
]
}

80
2010/4xxx/CVE-2010-4511.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4511",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4511",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the \"dynamic publishing error message.\""
"lang": "eng",
"value": "Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the \"dynamic publishing error message.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html"
"name": "45380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45380"
},
{
"name" : "45380",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45380"
"name": "movable-type-unspecified(64129)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64129"
},
{
"name" : "69751",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69751"
"name": "69751",
"refsource": "OSVDB",
"url": "http://osvdb.org/69751"
},
{
"name" : "movable-type-unspecified(64129)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64129"
"name": "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html",
"refsource": "CONFIRM",
"url": "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html"
}
]
}

68
2010/4xxx/CVE-2010-4763.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4763",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4763",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ACL-customer-status Ticket Type setting in Open Ticket Request System (OTRS) before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the (1) Status, (2) Service, and (3) Queue via selections."
"lang": "eng",
"value": "The ACL-customer-status Ticket Type setting in Open Ticket Request System (OTRS) before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the (1) Status, (2) Service, and (3) Queue via selections."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.otrs.org/show_bug.cgi?id=4399",
"refsource" : "CONFIRM",
"url" : "http://bugs.otrs.org/show_bug.cgi?id=4399"
"name": "http://bugs.otrs.org/show_bug.cgi?id=4399",
"refsource": "CONFIRM",
"url": "http://bugs.otrs.org/show_bug.cgi?id=4399"
},
{
"name" : "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807",
"refsource" : "CONFIRM",
"url" : "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807"
"name": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807",
"refsource": "CONFIRM",
"url": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807"
}
]
}

92
2010/5xxx/CVE-2010-5326.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5326",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5326",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a \"Detour\" attack."
"lang": "eng",
"value": "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a \"Detour\" attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://service.sap.com/sap/support/notes/1445998",
"refsource" : "MISC",
"url" : "http://service.sap.com/sap/support/notes/1445998"
"name": "90533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90533"
},
{
"name" : "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions",
"refsource" : "MISC",
"url" : "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions"
"name": "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications",
"refsource": "MISC",
"url": "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications"
},
{
"name" : "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications",
"refsource" : "MISC",
"url" : "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications"
"name": "http://service.sap.com/sap/support/notes/1445998",
"refsource": "MISC",
"url": "http://service.sap.com/sap/support/notes/1445998"
},
{
"name" : "TA16-132A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/ncas/alerts/TA16-132A"
"name": "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions",
"refsource": "MISC",
"url": "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions"
},
{
"name" : "48925",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48925"
"name": "TA16-132A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA16-132A"
},
{
"name" : "90533",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90533"
"name": "48925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48925"
}
]
}

86
2014/0xxx/CVE-2014-0263.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0263",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-0263",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure that is encountered with Internet Explorer, aka \"Microsoft Graphics Component Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure that is encountered with Internet Explorer, aka \"Microsoft Graphics Component Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-007",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-007"
"name": "56781",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56781"
},
{
"name" : "65393",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65393"
"name": "MS14-007",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-007"
},
{
"name" : "103160",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/103160"
"name": "103160",
"refsource": "OSVDB",
"url": "http://osvdb.org/103160"
},
{
"name" : "1029743",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029743"
"name": "65393",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65393"
},
{
"name" : "56781",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56781"
"name": "1029743",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029743"
}
]
}

80
2014/0xxx/CVE-2014-0333.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0333",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0333",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero."
"lang": "eng",
"value": "The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ftp://ftp.simplesystems.org/pub/png/src/libpng16/patch-libpng16-vu684412.diff",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.simplesystems.org/pub/png/src/libpng16/patch-libpng16-vu684412.diff"
"name": "ftp://ftp.simplesystems.org/pub/png/src/libpng16/patch-libpng16-vu684412.diff",
"refsource": "CONFIRM",
"url": "ftp://ftp.simplesystems.org/pub/png/src/libpng16/patch-libpng16-vu684412.diff"
},
{
"name" : "https://sourceforge.net/projects/libpng/files/libpng16/patch-libpng16-vu684412.diff",
"refsource" : "CONFIRM",
"url" : "https://sourceforge.net/projects/libpng/files/libpng16/patch-libpng16-vu684412.diff"
"name": "https://sourceforge.net/projects/libpng/files/libpng16/patch-libpng16-vu684412.diff",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/projects/libpng/files/libpng16/patch-libpng16-vu684412.diff"
},
{
"name" : "openSUSE-SU-2014:0358",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00029.html"
"name": "openSUSE-SU-2014:0358",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00029.html"
},
{
"name" : "VU#684412",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/684412"
"name": "VU#684412",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/684412"
}
]
}

110
2014/0xxx/CVE-2014-0551.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0551",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0551",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555."
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
"name": "GLSA-201409-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-05.xml"
},
{
"name" : "GLSA-201409-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201409-05.xml"
"name": "61089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61089"
},
{
"name" : "SUSE-SU-2014:1124",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
"name": "openSUSE-SU-2014:1130",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
},
{
"name" : "openSUSE-SU-2014:1110",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
"name": "adobe-flash-cve20140551-code-exec(95821)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95821"
},
{
"name" : "openSUSE-SU-2014:1130",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
"name": "openSUSE-SU-2014:1110",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
},
{
"name" : "69702",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69702"
"name": "69702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69702"
},
{
"name" : "1030822",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030822"
"name": "SUSE-SU-2014:1124",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
},
{
"name" : "61089",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61089"
"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
},
{
"name" : "adobe-flash-cve20140551-code-exec(95821)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95821"
"name": "1030822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030822"
}
]
}

62
2014/0xxx/CVE-2014-0646.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0646",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-0646",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files."
"lang": "eng",
"value": "The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140430 ESA-2014-029: RSA Access Manager Sensitive Information Disclosure Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0191.html"
"name": "20140430 ESA-2014-029: RSA Access Manager Sensitive Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0191.html"
}
]
}

98
2014/0xxx/CVE-2014-0653.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0653",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0653",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340."
"lang": "eng",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
"name": "20140107 Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
},
{
"name" : "20140107 Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
"name": "cisco-asa-cve20140653-sec-bypass(90165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
},
{
"name" : "64708",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64708"
"name": "64708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64708"
},
{
"name" : "101834",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/101834"
"name": "56366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56366"
},
{
"name" : "1029570",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029570"
"name": "1029570",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029570"
},
{
"name" : "56366",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56366"
"name": "101834",
"refsource": "OSVDB",
"url": "http://osvdb.org/101834"
},
{
"name" : "cisco-asa-cve20140653-sec-bypass(90165)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
}
]
}

92
2014/1xxx/CVE-2014-1517.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1517",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1517",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a \"login CSRF\" issue."
"lang": "eng",
"value": "The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a \"login CSRF\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.mozilla.org/?p=bugzilla/bugzilla.git;a=commit;h=0e390970ba51b14a5dc780be7c6f0d6d7baa67e3",
"refsource" : "CONFIRM",
"url" : "http://git.mozilla.org/?p=bugzilla/bugzilla.git;a=commit;h=0e390970ba51b14a5dc780be7c6f0d6d7baa67e3"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=713926",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=713926"
},
{
"name" : "http://www.bugzilla.org/security/4.0.11/",
"refsource" : "CONFIRM",
"url" : "http://www.bugzilla.org/security/4.0.11/"
"name": "http://www.bugzilla.org/security/4.0.11/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/4.0.11/"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=713926",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=713926"
"name": "FEDORA-2014-5414",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/132281.html"
},
{
"name" : "FEDORA-2014-5414",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/132281.html"
"name": "http://git.mozilla.org/?p=bugzilla/bugzilla.git;a=commit;h=0e390970ba51b14a5dc780be7c6f0d6d7baa67e3",
"refsource": "CONFIRM",
"url": "http://git.mozilla.org/?p=bugzilla/bugzilla.git;a=commit;h=0e390970ba51b14a5dc780be7c6f0d6d7baa67e3"
},
{
"name" : "FEDORA-2014-5433",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/132309.html"
"name": "FEDORA-2014-5433",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/132309.html"
},
{
"name" : "1030128",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030128"
"name": "1030128",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030128"
}
]
}

80
2014/1xxx/CVE-2014-1680.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1680",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1680",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory."
"lang": "eng",
"value": "Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/125059",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/125059"
"name": "bandzip-dll-cve20141680-code-exec(90966)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90966"
},
{
"name" : "http://www.bandisoft.com/bandizip/history",
"refsource" : "MISC",
"url" : "http://www.bandisoft.com/bandizip/history"
"name": "102979",
"refsource": "OSVDB",
"url": "http://osvdb.org/102979"
},
{
"name" : "102979",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102979"
"name": "http://www.bandisoft.com/bandizip/history",
"refsource": "MISC",
"url": "http://www.bandisoft.com/bandizip/history"
},
{
"name" : "bandzip-dll-cve20141680-code-exec(90966)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90966"
"name": "http://packetstormsecurity.com/files/125059",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125059"
}
]
}

22
2014/4xxx/CVE-2014-4315.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4315",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-4315",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA who allocated this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA who allocated this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

80
2014/4xxx/CVE-2014-4853.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4853",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4853",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name of an uploaded file."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name of an uploaded file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/127330/OpenDocMan-1.2.7.2-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127330/OpenDocMan-1.2.7.2-Cross-Site-Scripting.html"
"name": "https://github.com/opendocman/opendocman/issues/163",
"refsource": "MISC",
"url": "https://github.com/opendocman/opendocman/issues/163"
},
{
"name" : "http://www.opendocman.com/opendocman-v1-2-7-3-release-notes",
"refsource" : "MISC",
"url" : "http://www.opendocman.com/opendocman-v1-2-7-3-release-notes"
"name": "https://github.com/opendocman/opendocman/commit/d202ef3def8674be61a3e4ccbe28beba4953b7ce",
"refsource": "CONFIRM",
"url": "https://github.com/opendocman/opendocman/commit/d202ef3def8674be61a3e4ccbe28beba4953b7ce"
},
{
"name" : "https://github.com/opendocman/opendocman/issues/163",
"refsource" : "MISC",
"url" : "https://github.com/opendocman/opendocman/issues/163"
"name": "http://www.opendocman.com/opendocman-v1-2-7-3-release-notes",
"refsource": "MISC",
"url": "http://www.opendocman.com/opendocman-v1-2-7-3-release-notes"
},
{
"name" : "https://github.com/opendocman/opendocman/commit/d202ef3def8674be61a3e4ccbe28beba4953b7ce",
"refsource" : "CONFIRM",
"url" : "https://github.com/opendocman/opendocman/commit/d202ef3def8674be61a3e4ccbe28beba4953b7ce"
"name": "http://packetstormsecurity.com/files/127330/OpenDocMan-1.2.7.2-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127330/OpenDocMan-1.2.7.2-Cross-Site-Scripting.html"
}
]
}

80
2014/9xxx/CVE-2014-9000.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9000",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9000",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB Runtime 3.5.1, but it originates in MMC."
"lang": "eng",
"value": "Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB Runtime 3.5.1, but it originates in MMC."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20141022 Mulesoft ESB Authenticated Privilege Escalation",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Oct/98"
"name": "20141024 Re: Mulesoft ESB Authenticated Privilege Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/107"
},
{
"name" : "20141024 Re: Mulesoft ESB Authenticated Privilege Escalation",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Oct/107"
"name": "20141022 Mulesoft ESB Authenticated Privilege Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/98"
},
{
"name" : "http://packetstormsecurity.com/files/128799",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128799"
"name": "http://packetstormsecurity.com/files/128799",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128799"
},
{
"name" : "http://www.mulesoft.org/documentation/display/current/Mule+Enterprise+Management+Console+Security+Update",
"refsource" : "CONFIRM",
"url" : "http://www.mulesoft.org/documentation/display/current/Mule+Enterprise+Management+Console+Security+Update"
"name": "http://www.mulesoft.org/documentation/display/current/Mule+Enterprise+Management+Console+Security+Update",
"refsource": "CONFIRM",
"url": "http://www.mulesoft.org/documentation/display/current/Mule+Enterprise+Management+Console+Security+Update"
}
]
}

80
2014/9xxx/CVE-2014-9317.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9317",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9317",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file."
"lang": "eng",
"value": "The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8"
},
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8"
"name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"
},
{
"name" : "https://www.ffmpeg.org/security.html",
"refsource" : "CONFIRM",
"url" : "https://www.ffmpeg.org/security.html"
"name": "GLSA-201603-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-06"
},
{
"name" : "GLSA-201603-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-06"
"name": "https://www.ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "https://www.ffmpeg.org/security.html"
}
]
}

80
2014/9xxx/CVE-2014-9501.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9501",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9501",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Poll Chart Block module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a poll node title."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Poll Chart Block module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a poll node title."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150103 CVE requests: Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/03/2"
"name": "[oss-security] 20150103 Re: CVE requests: Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/04/6"
},
{
"name" : "[oss-security] 20150103 Re: CVE requests: Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/04/6"
"name": "https://www.drupal.org/node/2390897",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2390897"
},
{
"name" : "https://www.drupal.org/node/2390897",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2390897"
"name": "https://www.drupal.org/node/2390097",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2390097"
},
{
"name" : "https://www.drupal.org/node/2390097",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2390097"
"name": "[oss-security] 20150103 CVE requests: Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/2"
}
]
}

80
2014/9xxx/CVE-2014-9641.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9641",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9641",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call."
"lang": "eng",
"value": "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "35962",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35962"
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name" : "http://www.greyhathacker.net/?p=818",
"refsource" : "MISC",
"url" : "http://www.greyhathacker.net/?p=818"
"name": "35962",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"name" : "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx",
"refsource" : "CONFIRM",
"url" : "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
"name": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name" : "115514",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/115514"
"name": "115514",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/115514"
}
]
}

80
2016/3xxx/CVE-2016-3166.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3166",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3166",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers."
"lang": "eng",
"value": "CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160224 CVE requests for Drupal core (SA-CORE-2016-001)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/02/24/19"
"name": "[oss-security] 20160224 CVE requests for Drupal core (SA-CORE-2016-001)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/24/19"
},
{
"name" : "[oss-security] 20160315 Re: CVE requests for Drupal core (SA-CORE-2016-001)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/03/15/10"
"name": "[oss-security] 20160315 Re: CVE requests for Drupal core (SA-CORE-2016-001)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/10"
},
{
"name" : "https://www.drupal.org/SA-CORE-2016-001",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/SA-CORE-2016-001"
"name": "DSA-3498",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3498"
},
{
"name" : "DSA-3498",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3498"
"name": "https://www.drupal.org/SA-CORE-2016-001",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2016-001"
}
]
}

68
2016/3xxx/CVE-2016-3381.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3381",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3381",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3363."
"lang": "eng",
"value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3363."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-107",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107"
"name": "1036785",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036785"
},
{
"name" : "1036785",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036785"
"name": "MS16-107",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107"
}
]
}

80
2016/3xxx/CVE-2016-3385.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3385",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3385",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20161011 Microsoft Internet Explorer VBScript Join/Filter Function Type Confusion Vulnerability",
"refsource" : "IDEFENSE",
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1229"
"name": "MS16-118",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118"
},
{
"name" : "MS16-118",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118"
"name": "1036992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036992"
},
{
"name" : "93397",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93397"
"name": "93397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93397"
},
{
"name" : "1036992",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036992"
"name": "20161011 Microsoft Internet Explorer VBScript Join/Filter Function Type Confusion Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1229"
}
]
}

92
2016/3xxx/CVE-2016-3574.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3574",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3574",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, and CVE-2016-3596."
"lang": "eng",
"value": "Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, and CVE-2016-3596."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988009",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988009"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988009",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988009"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988718",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988718"
"name": "91914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91914"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91914"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988718",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988718"
},
{
"name" : "1036370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036370"
"name": "1036370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036370"
}
]
}

68
2016/6xxx/CVE-2016-6671.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6671",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6671",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file."
"lang": "eng",
"value": "The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160812 [CVE-2016-6671] ffmpeg buffer overflow when decoding swf",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/08/12/6"
"name": "[oss-security] 20160812 [CVE-2016-6671] ffmpeg buffer overflow when decoding swf",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/12/6"
},
{
"name" : "92447",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92447"
"name": "92447",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92447"
}
]
}

86
2016/7xxx/CVE-2016-7518.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7518",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-7518",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file."
"lang": "eng",
"value": "The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/22/2"
"name": "https://github.com/ImageMagick/ImageMagick/issues/81",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/81"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447"
"name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378745",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378745"
"name": "93130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93130"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/81",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/81"
"name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447"
},
{
"name" : "93130",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93130"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378745",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378745"
}
]
}

22
2016/7xxx/CVE-2016-7698.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7698",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7698",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

22
2016/7xxx/CVE-2016-7766.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7766",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7766",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

98
2016/7xxx/CVE-2016-7865.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@adobe.com",
"ID" : "CVE-2016-7865",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7865",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Adobe Flash Player 23.0.0.205 and earlier, 11.2.202.643 and earlier",
"version" : {
"version_data" : [
"product_name": "Adobe Flash Player 23.0.0.205 and earlier, 11.2.202.643 and earlier",
"version": {
"version_data": [
{
"version_value" : "Adobe Flash Player 23.0.0.205 and earlier, 11.2.202.643 and earlier"
"version_value": "Adobe Flash Player 23.0.0.205 and earlier, 11.2.202.643 and earlier"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution."
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Type Confusion"
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-598",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-598"
"name": "MS16-141",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-141"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-37.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-37.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-37.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-37.html"
},
{
"name" : "GLSA-201611-18",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-18"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-598",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-598"
},
{
"name" : "MS16-141",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-141"
"name": "RHSA-2016:2676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2676.html"
},
{
"name" : "RHSA-2016:2676",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2676.html"
"name": "94151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94151"
},
{
"name" : "94151",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94151"
"name": "1037240",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037240"
},
{
"name" : "1037240",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037240"
"name": "GLSA-201611-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-18"
}
]
}

22
2016/8xxx/CVE-2016-8150.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8150",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8150",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/8xxx/CVE-2016-8581.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8581",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8581",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator."
"lang": "eng",
"value": "A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40683",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40683/"
"name": "93862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93862"
},
{
"name" : "https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities",
"refsource" : "CONFIRM",
"url" : "https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities"
"name": "40683",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40683/"
},
{
"name" : "93862",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93862"
"name": "https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities",
"refsource": "CONFIRM",
"url": "https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities"
}
]
}

68
2016/8xxx/CVE-2016-8584.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8584",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8584",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value."
"lang": "eng",
"value": "Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/142227/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-Session-Generation-Authentication-Bypass.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/142227/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-Session-Generation-Authentication-Bypass.html"
"name": "98333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98333"
},
{
"name" : "98333",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98333"
"name": "http://packetstormsecurity.com/files/142227/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-Session-Generation-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/142227/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-Session-Generation-Authentication-Bypass.html"
}
]
}

22
2016/9xxx/CVE-2016-9477.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9477",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9477",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

80
2016/9xxx/CVE-2016-9575.json
View File

@ -1,78 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"DATE_PUBLIC" : "2016-12-14T00:00:00",
"ID" : "CVE-2016-9575",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2016-12-14T00:00:00",
"ID": "CVE-2016-9575",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "ipa",
"version" : {
"version_data" : [
"product_name": "ipa",
"version": {
"version_data": [
{
"version_value" : "4.2.x"
"version_value": "4.2.x"
},
{
"version_value" : "4.3.x before 4.3.3"
"version_value": "4.3.x before 4.3.3"
},
{
"version_value" : "4.4.x before 4.4.3"
"version_value": "4.4.x before 4.4.3"
}
]
}
}
]
},
"vendor_name" : "FreeIPA"
"vendor_name": "FreeIPA"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently use such certificates for other attacks."
"lang": "eng",
"value": "Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently use such certificates for other attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-863"
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1395311",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1395311"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1395311",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395311"
},
{
"name" : "RHSA-2017:0001",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0001.html"
"name": "95068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95068"
},
{
"name" : "95068",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95068"
"name": "RHSA-2017:0001",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0001.html"
}
]
}

68
2016/9xxx/CVE-2016-9837.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9837",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9837",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request."
"lang": "eng",
"value": "An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html",
"refsource" : "CONFIRM",
"url" : "https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html"
"name": "https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html",
"refsource": "CONFIRM",
"url": "https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html"
},
{
"name" : "94892",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94892"
"name": "94892",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94892"
}
]
}