admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:02:36 +00:00
parent 9da289a828
commit 9035ae5493
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3683 additions and 3683 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2001/1xxx/CVE-2001-1081.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1081", "ID": "CVE-2001-1081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://freshmeat.net/releases/52020/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://freshmeat.net/releases/52020/" "lang": "eng",
}, "value": "Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages."
{ }
"name" : "[fm-news] 20010713 Newsletter for Friday, July 13th 2001", ]
"refsource" : "MLIST", },
"url" : "http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20010719 [VulnWatch] Changelog maddness (14 various broken apps)", "description": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2994", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/2994" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://freshmeat.net/releases/52020/",
"refsource": "CONFIRM",
"url": "http://freshmeat.net/releases/52020/"
},
{
"name": "20010719 [VulnWatch] Changelog maddness (14 various broken apps)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html"
},
{
"name": "[fm-news] 20010713 Newsletter for Friday, July 13th 2001",
"refsource": "MLIST",
"url": "http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html"
},
{
"name": "2994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2994"
}
]
}
}

120
2001/1xxx/CVE-2001-1358.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1358", "ID": "CVE-2001-1358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpheaven.net/projects/phpMyChat/changes.php3", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phpheaven.net/projects/phpMyChat/changes.php3" "lang": "eng",
} "value": "Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.phpheaven.net/projects/phpMyChat/changes.php3",
"refsource": "CONFIRM",
"url": "http://www.phpheaven.net/projects/phpMyChat/changes.php3"
}
]
}
}

170
2006/2xxx/CVE-2006-2017.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2017", "ID": "CVE-2006-2017",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://thekelleys.org.uk/dnsmasq/CHANGELOG" "lang": "eng",
}, "value": "Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request."
{ }
"name" : "17662", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17662" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1494", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1494" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24884", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24884" ]
}, },
{ "references": {
"name" : "19760", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19760" "name": "19760",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19760"
"name" : "dnsmasq-dhcp-dos(26005)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26005" "name": "ADV-2006-1494",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/1494"
} },
} {
"name": "24884",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24884"
},
{
"name": "dnsmasq-dhcp-dos(26005)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26005"
},
{
"name": "17662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17662"
},
{
"name": "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
}
]
}
}

220
2006/2xxx/CVE-2006-2908.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2006-2908", "ID": "CVE-2006-2908",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060612 Secunia Research: MyBB \"domecode()\" PHP Code ExecutionVulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/436767/100/0/threaded" "lang": "eng",
}, "value": "The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier."
{ }
"name" : "20060613 Proof of concept: mybb 1.1.2 remote code execution", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/437509/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://secunia.com/secunia_research/2006-40/advisory/", "description": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2006-40/advisory/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.514.es/download/mybibi.pl", ]
"refsource" : "MISC", }
"url" : "http://www.514.es/download/mybibi.pl" ]
}, },
{ "references": {
"name" : "18396", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18396" "name": "1086",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1086"
"name" : "ADV-2006-2288", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2288" "name": "1016270",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016270"
"name" : "26216", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26216" "name": "20060612 Secunia Research: MyBB \"domecode()\" PHP Code ExecutionVulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/436767/100/0/threaded"
"name" : "1016270", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016270" "name": "18396",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18396"
"name" : "20371", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20371" "name": "20371",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20371"
"name" : "1086", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1086" "name": "ADV-2006-2288",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/2288"
"name" : "mybb-domecode-code-execution(27046)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27046" "name": "26216",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/26216"
} },
} {
"name": "20060613 Proof of concept: mybb 1.1.2 remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437509/100/100/threaded"
},
{
"name": "mybb-domecode-code-execution(27046)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27046"
},
{
"name": "http://secunia.com/secunia_research/2006-40/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-40/advisory/"
},
{
"name": "http://www.514.es/download/mybibi.pl",
"refsource": "MISC",
"url": "http://www.514.es/download/mybibi.pl"
}
]
}
}

190
2006/3xxx/CVE-2006-3679.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3679", "ID": "CVE-2006-3679",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FatWire Content Server 5.5.0 allows remote attackers to bypass access restrictions and obtain administrative privileges via unspecified attack vectors in the authentication process."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060712 S21Sec-032-en: Vulnerability in Fatwire Content Server", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/439896/100/0/threaded" "lang": "eng",
}, "value": "FatWire Content Server 5.5.0 allows remote attackers to bypass access restrictions and obtain administrative privileges via unspecified attack vectors in the authentication process."
{ }
"name" : "20060712 S21Sec-032-en: Vulnerability in Fatwire Content Server", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0242.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.s21sec.com/avisos/s21sec-032-en.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.s21sec.com/avisos/s21sec-032-en.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18958", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/18958" ]
}, },
{ "references": {
"name" : "ADV-2006-2771", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2771" "name": "http://www.s21sec.com/avisos/s21sec-032-en.txt",
}, "refsource": "MISC",
{ "url": "http://www.s21sec.com/avisos/s21sec-032-en.txt"
"name" : "27092", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/27092" "name": "20060712 S21Sec-032-en: Vulnerability in Fatwire Content Server",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0242.html"
"name" : "21020", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21020" "name": "18958",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18958"
"name" : "fatwire-administration-security-bypass(27702)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27702" "name": "ADV-2006-2771",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/2771"
} },
} {
"name": "21020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21020"
},
{
"name": "fatwire-administration-security-bypass(27702)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27702"
},
{
"name": "27092",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27092"
},
{
"name": "20060712 S21Sec-032-en: Vulnerability in Fatwire Content Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439896/100/0/threaded"
}
]
}
}

160
2006/3xxx/CVE-2006-3756.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3756", "ID": "CVE-2006-3756",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and earlier, and 1.3.11sr6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when validating comments in (1) lib-comment.php (1.4.0sr4) or (2) comment.php (0.3.11sr6)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.geeklog.net/article.php/geeklog-1.4.0sr5", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.geeklog.net/article.php/geeklog-1.4.0sr5" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and earlier, and 1.3.11sr6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when validating comments in (1) lib-comment.php (1.4.0sr4) or (2) comment.php (0.3.11sr6)."
{ }
"name" : "JVN#81108784", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/jp/JVN%2381108784/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2865", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2865" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21094", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/21094" ]
}, },
{ "references": {
"name" : "geeklog-comment-xss(27813)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27813" "name": "ADV-2006-2865",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/2865"
} },
} {
"name": "http://www.geeklog.net/article.php/geeklog-1.4.0sr5",
"refsource": "CONFIRM",
"url": "http://www.geeklog.net/article.php/geeklog-1.4.0sr5"
},
{
"name": "21094",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21094"
},
{
"name": "JVN#81108784",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2381108784/index.html"
},
{
"name": "geeklog-comment-xss(27813)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27813"
}
]
}
}

140
2006/6xxx/CVE-2006-6409.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6409", "ID": "CVE-2006-6409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/453654/100/0/threaded" "lang": "eng",
}, "value": "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
{ }
"name" : "http://www.quantenblog.net/security/virus-scanner-bypass", ]
"refsource" : "MISC", },
"url" : "http://www.quantenblog.net/security/virus-scanner-bypass" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21461", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21461" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "21461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"name": "http://www.quantenblog.net/security/virus-scanner-bypass",
"refsource": "MISC",
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
]
}
}

170
2006/6xxx/CVE-2006-6834.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6834", "ID": "CVE-2006-6834",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) \"unneeded legacy functions\" and (2) \"Several low level security fixes.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.joomla.org/content/view/2446/1/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.joomla.org/content/view/2446/1/" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) \"unneeded legacy functions\" and (2) \"Several low level security fixes.\""
{ }
"name" : "http://www.joomla.org/content/view/2495/78/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.joomla.org/content/view/2495/78/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#45006961", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2345006961/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21810", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/21810" ]
}, },
{ "references": {
"name" : "ADV-2006-5202", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5202" "name": "23563",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23563"
"name" : "23563", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23563" "name": "http://www.joomla.org/content/view/2495/78/",
} "refsource": "CONFIRM",
] "url": "http://www.joomla.org/content/view/2495/78/"
} },
} {
"name": "JVN#45006961",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2345006961/index.html"
},
{
"name": "http://www.joomla.org/content/view/2446/1/",
"refsource": "CONFIRM",
"url": "http://www.joomla.org/content/view/2446/1/"
},
{
"name": "ADV-2006-5202",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5202"
},
{
"name": "21810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21810"
}
]
}
}

150
2006/6xxx/CVE-2006-6869.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6869", "ID": "CVE-2006-6869",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3057", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3057" "lang": "eng",
}, "value": "Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php."
{ }
"name" : "21837", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21837" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0017", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0017" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "mdforum-searchmdforum-file-include(31215)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31215" ]
} },
] "references": {
} "reference_data": [
} {
"name": "mdforum-searchmdforum-file-include(31215)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31215"
},
{
"name": "21837",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21837"
},
{
"name": "3057",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3057"
},
{
"name": "ADV-2007-0017",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0017"
}
]
}
}

140
2006/6xxx/CVE-2006-6898.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6898", "ID": "CVE-2006-6898",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote attackers to listen to and record conversations, aka the CarWhisperer attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455889/100/0/threaded" "lang": "eng",
}, "value": "Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote attackers to listen to and record conversations, aka the CarWhisperer attack."
{ }
"name" : "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf", ]
"refsource" : "MISC", },
"url" : "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37589", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37589" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "37589",
"refsource": "OSVDB",
"url": "http://osvdb.org/37589"
}
]
}
}

140
2006/6xxx/CVE-2006-6968.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6968", "ID": "CVE-2006-6968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum before 5.1.19 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phorum.org/phorum5/read.php?12,119757", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phorum.org/phorum5/read.php?12,119757" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum before 5.1.19 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "ADV-2007-0410", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/0410" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34729", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34729" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0410"
},
{
"name": "34729",
"refsource": "OSVDB",
"url": "http://osvdb.org/34729"
},
{
"name": "http://www.phorum.org/phorum5/read.php?12,119757",
"refsource": "CONFIRM",
"url": "http://www.phorum.org/phorum5/read.php?12,119757"
}
]
}
}

190
2006/7xxx/CVE-2006-7155.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7155", "ID": "CVE-2006-7155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html" "lang": "eng",
}, "value": "Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286."
{ }
"name" : "20070303 Novell BorderManager ISAKMP issue smells like a dupe", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2007-March/001410.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21014", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21014" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4471", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4471" ]
}, },
{ "references": {
"name" : "30338", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/30338" "name": "20070303 Novell BorderManager ISAKMP issue smells like a dupe",
}, "refsource": "VIM",
{ "url": "http://www.attrition.org/pipermail/vim/2007-March/001410.html"
"name" : "1017213", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017213" "name": "novell-bordermanager-isakmp-security-bypass(30218)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30218"
"name" : "22699", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22699" "name": "21014",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21014"
"name" : "novell-bordermanager-isakmp-security-bypass(30218)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30218" "name": "22699",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22699"
} },
} {
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html"
},
{
"name": "30338",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30338"
},
{
"name": "ADV-2006-4471",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4471"
},
{
"name": "1017213",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017213"
}
]
}
}

180
2011/0xxx/CVE-2011-0118.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0118", "ID": "CVE-2011-0118",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4554", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4554" "lang": "eng",
}, "value": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
{ }
"name" : "http://support.apple.com/kb/HT4564", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4564" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT4566", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4566" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2011-03-02-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2011-03-09-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html" "name": "http://support.apple.com/kb/HT4564",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4564"
"name" : "APPLE-SA-2011-03-09-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html" "name": "oval:org.mitre.oval:def:17327",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17327"
"name" : "oval:org.mitre.oval:def:17327", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17327" "name": "http://support.apple.com/kb/HT4566",
} "refsource": "CONFIRM",
] "url": "http://support.apple.com/kb/HT4566"
} },
} {
"name": "APPLE-SA-2011-03-02-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name": "APPLE-SA-2011-03-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT4554",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4554"
},
{
"name": "APPLE-SA-2011-03-09-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
}
]
}
}

170
2011/0xxx/CVE-2011-0258.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0258", "ID": "CVE-2011-0258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110831 ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/519483/100/0/threaded" "lang": "eng",
}, "value": "Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file."
{ }
"name" : "http://zerodayinitiative.com/advisories/ZDI-11-277/", ]
"refsource" : "MISC", },
"url" : "http://zerodayinitiative.com/advisories/ZDI-11-277/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT4826", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4826" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:15671", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15671" ]
}, },
{ "references": {
"name" : "8368", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8368" "name": "http://support.apple.com/kb/HT4826",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4826"
"name" : "quicktime-mp4v-bo(69518)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69518" "name": "8368",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/8368"
} },
} {
"name": "20110831 ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519483/100/0/threaded"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-11-277/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-11-277/"
},
{
"name": "oval:org.mitre.oval:def:15671",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15671"
},
{
"name": "quicktime-mp4v-bo(69518)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69518"
}
]
}
}

160
2011/0xxx/CVE-2011-0400.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0400", "ID": "CVE-2011-0400",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://dev.piwik.org/trac/ticket/1795", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://dev.piwik.org/trac/ticket/1795" "lang": "eng",
}, "value": "Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session."
{ }
"name" : "http://piwik.org/blog/2011/01/piwik-1-1-2/", ]
"refsource" : "CONFIRM", },
"url" : "http://piwik.org/blog/2011/01/piwik-1-1-2/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45787", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45787" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "70382", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/70382" ]
}, },
{ "references": {
"name" : "piwik-cookie-weak-security(64639)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64639" "name": "45787",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/45787"
} },
} {
"name": "70382",
"refsource": "OSVDB",
"url": "http://osvdb.org/70382"
},
{
"name": "http://dev.piwik.org/trac/ticket/1795",
"refsource": "CONFIRM",
"url": "http://dev.piwik.org/trac/ticket/1795"
},
{
"name": "http://piwik.org/blog/2011/01/piwik-1-1-2/",
"refsource": "CONFIRM",
"url": "http://piwik.org/blog/2011/01/piwik-1-1-2/"
},
{
"name": "piwik-cookie-weak-security(64639)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64639"
}
]
}
}

460
2011/0xxx/CVE-2011-0871.json
View File

@ -1,232 +1,232 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-0871", "ID": "CVE-2011-0871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/css/P8/documents/100144512", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100144512" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html" ]
}, },
{ "references": {
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html"
"name" : "DSA-2311", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2311" "name": "SUSE-SU-2011:0863",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "HPSBUX02697", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" "name": "HPSBMU02799",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name" : "SSRT100591", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" "name": "RHSA-2011:1087",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1087.html"
"name" : "HPSBMU02797", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "TA11-201A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
"name" : "HPSBUX02777", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" "name": "SUSE-SA:2011:036",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html"
"name" : "SSRT100854", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" "name": "oval:org.mitre.oval:def:14112",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14112"
"name" : "SSRT100867", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "DSA-2311",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2311"
"name" : "HPSBMU02799", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "name": "RHSA-2011:1159",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
"name" : "MDVSA-2011:126", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:126" "name": "http://support.avaya.com/css/P8/documents/100144512",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100144512"
"name" : "RHSA-2011:0856", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0856.html" "name": "SUSE-SA:2011:032",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html"
"name" : "RHSA-2011:0857", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0857.html" "name": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html"
"name" : "RHSA-2011:0860", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0860.html" "name": "RHSA-2013:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name" : "RHSA-2011:0938", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0938.html" "name": "44818",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44818"
"name" : "RHSA-2011:1087", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1087.html" "name": "RHSA-2011:0856",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0856.html"
"name" : "RHSA-2011:1159", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1159.html" "name": "SUSE-SU-2011:0966",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html"
"name" : "RHSA-2011:1265", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1265.html" "name": "RHSA-2011:0938",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0938.html"
"name" : "RHSA-2013:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "name": "44930",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44930"
"name" : "SUSE-SA:2011:032", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html" "name": "SUSE-SA:2011:030",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html"
"name" : "SUSE-SA:2011:030", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html" "name": "SSRT100591",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2"
"name" : "SUSE-SA:2011:036", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html" "name": "MDVSA-2011:126",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:126"
"name" : "SUSE-SU-2011:0807", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html" "name": "SSRT100867",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
"name" : "SUSE-SU-2011:0863", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html" "name": "49198",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49198"
"name" : "SUSE-SU-2011:0966", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html" "name": "SUSE-SU-2011:0807",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html"
"name" : "openSUSE-SU-2011:0633", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html" "name": "openSUSE-SU-2011:0633",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html"
"name" : "TA11-201A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
"name" : "oval:org.mitre.oval:def:14112", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14112" "name": "HPSBUX02777",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2"
"name" : "44818", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44818" "name": "HPSBUX02697",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2"
"name" : "44930", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44930" "name": "SSRT100854",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2"
"name" : "49198", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49198" "name": "RHSA-2011:1265",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
} },
} {
"name": "RHSA-2011:0860",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0860.html"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"name": "RHSA-2011:0857",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0857.html"
}
]
}
}

150
2011/2xxx/CVE-2011-2770.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2770", "ID": "CVE-2011-2770",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://osdir.com/ml/general/2011-11/msg09394.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://osdir.com/ml/general/2011-11/msg09394.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages."
{ }
"name" : "DSA-2335", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2011/dsa-2335" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76912", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/76912" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "46760", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/46760" ]
} },
] "references": {
} "reference_data": [
} {
"name": "46760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46760"
},
{
"name": "http://osdir.com/ml/general/2011-11/msg09394.html",
"refsource": "MISC",
"url": "http://osdir.com/ml/general/2011-11/msg09394.html"
},
{
"name": "DSA-2335",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2335"
},
{
"name": "76912",
"refsource": "OSVDB",
"url": "http://osvdb.org/76912"
}
]
}
}

200
2011/3xxx/CVE-2011-3107.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3107", "ID": "CVE-2011-3107",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=124625", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=124625" "lang": "eng",
}, "value": "Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201205-04", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201205-04.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "53679", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/53679" ]
}, },
{ "references": {
"name" : "82252", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/82252" "name": "GLSA-201205-04",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201205-04.xml"
"name" : "oval:org.mitre.oval:def:15409", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15409" "name": "http://code.google.com/p/chromium/issues/detail?id=124625",
}, "refsource": "CONFIRM",
{ "url": "http://code.google.com/p/chromium/issues/detail?id=124625"
"name" : "1027098", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027098" "name": "82252",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/82252"
"name" : "49277", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49277" "name": "oval:org.mitre.oval:def:15409",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15409"
"name" : "49306", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49306" "name": "53679",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/53679"
} },
} {
"name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html"
},
{
"name": "1027098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027098"
},
{
"name": "49306",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49306"
},
{
"name": "49277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49277"
}
]
}
}

160
2011/3xxx/CVE-2011-3122.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3122", "ID": "CVE-2011-3122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to \"Media security.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://wordpress.org/news/2011/05/wordpress-3-1-3/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://wordpress.org/news/2011/05/wordpress-3-1-3/" "lang": "eng",
}, "value": "Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to \"Media security.\""
{ }
"name" : "DSA-2470", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2012/dsa-2470" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "47995", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/47995" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49138", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49138" ]
}, },
{ "references": {
"name" : "wordpress-media-unspecified(69175)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69175" "name": "47995",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/47995"
} },
} {
"name": "49138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49138"
},
{
"name": "http://wordpress.org/news/2011/05/wordpress-3-1-3/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/news/2011/05/wordpress-3-1-3/"
},
{
"name": "DSA-2470",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2470"
},
{
"name": "wordpress-media-unspecified(69175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69175"
}
]
}
}

160
2011/3xxx/CVE-2011-3130.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3130", "ID": "CVE-2011-3130",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to \"Taxonomy query hardening,\" possibly involving SQL injection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://wordpress.org/news/2011/05/wordpress-3-1-3/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://wordpress.org/news/2011/05/wordpress-3-1-3/" "lang": "eng",
}, "value": "wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to \"Taxonomy query hardening,\" possibly involving SQL injection."
{ }
"name" : "DSA-2470", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2012/dsa-2470" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "47995", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/47995" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49138", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49138" ]
}, },
{ "references": {
"name" : "wordpress-taxonomy-unspecified(69169)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69169" "name": "47995",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/47995"
} },
} {
"name": "49138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49138"
},
{
"name": "http://wordpress.org/news/2011/05/wordpress-3-1-3/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/news/2011/05/wordpress-3-1-3/"
},
{
"name": "DSA-2470",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2470"
},
{
"name": "wordpress-taxonomy-unspecified(69169)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69169"
}
]
}
}

260
2011/3xxx/CVE-2011-3550.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-3550", "ID": "CVE-2011-3550",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT."
{ }
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBUX02730", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT100710", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" ]
}, },
{ "references": {
"name" : "HPSBMU02797", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "50226",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/50226"
"name" : "SSRT100867", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "HPSBMU02799",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name" : "HPSBMU02799", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "name": "48308",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48308"
"name" : "RHSA-2011:1384", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1384.html" "name": "HPSBUX02730",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"
"name" : "RHSA-2013:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "name": "oval:org.mitre.oval:def:14162",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14162"
"name" : "SUSE-SU-2012:0114", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html" "name": "SUSE-SU-2012:0114",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
"name" : "50226", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/50226" "name": "RHSA-2013:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name" : "oval:org.mitre.oval:def:14162", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14162" "name": "SSRT100710",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"
"name" : "1026215", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026215" "name": "RHSA-2011:1384",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
"name" : "48308", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48308" "name": "oracle-jre-awt-unspecified(70843)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70843"
"name" : "oracle-jre-awt-unspecified(70843)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70843" "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
} },
} {
"name": "SSRT100867",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
},
{
"name": "1026215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}

280
2011/4xxx/CVE-2011-4107.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4107", "ID": "CVE-2011-4107",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20111102 PhpMyAdmin Arbitrary File Reading", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2011/Nov/21" "lang": "eng",
}, "value": "The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack."
{ }
"name" : "[oss-security] 20111103 CVE Request -- phpMyAdmin -- Arbitrary local file read flaw by loading XML strings / importing XML files", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2011/11/03/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20111103 Re: CVE Request -- phpMyAdmin -- Arbitrary local file read flaw by loading XML strings / importing XML files", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/11/03/5" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt" ]
}, },
{ "references": {
"name" : "http://www.wooyun.org/bugs/wooyun-2010-03185", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.wooyun.org/bugs/wooyun-2010-03185" "name": "phpmyadmin-xml-info-disclosure(71108)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71108"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=751112", },
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=751112" "name": "46447",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46447"
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php", },
"refsource" : "CONFIRM", {
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php" "name": "76798",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/76798"
"name" : "DSA-2391", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2391" "name": "FEDORA-2011-15846",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html"
"name" : "FEDORA-2011-15831", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html" "name": "[oss-security] 20111103 Re: CVE Request -- phpMyAdmin -- Arbitrary local file read flaw by loading XML strings / importing XML files",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2011/11/03/5"
"name" : "FEDORA-2011-15841", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html" "name": "20111102 PhpMyAdmin Arbitrary File Reading",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2011/Nov/21"
"name" : "FEDORA-2011-15846", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html" "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php"
"name" : "MDVSA-2011:198", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:198" "name": "DSA-2391",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2012/dsa-2391"
"name" : "50497", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/50497" "name": "FEDORA-2011-15831",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html"
"name" : "76798", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/76798" "name": "50497",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/50497"
"name" : "46447", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46447" "name": "MDVSA-2011:198",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:198"
"name" : "8533", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8533" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=751112",
}, "refsource": "MISC",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=751112"
"name" : "phpmyadmin-xml-info-disclosure(71108)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71108" "name": "8533",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/8533"
} },
} {
"name": "[oss-security] 20111103 CVE Request -- phpMyAdmin -- Arbitrary local file read flaw by loading XML strings / importing XML files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/03/3"
},
{
"name": "http://www.wooyun.org/bugs/wooyun-2010-03185",
"refsource": "MISC",
"url": "http://www.wooyun.org/bugs/wooyun-2010-03185"
},
{
"name": "http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt"
},
{
"name": "FEDORA-2011-15841",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html"
}
]
}
}

130
2011/4xxx/CVE-2011-4187.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4187", "ID": "CVE-2011-4187",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.novell.com/support/viewContent.do?externalId=7008708", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/viewContent.do?externalId=7008708" "lang": "eng",
}, "value": "Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173."
{ }
"name" : "http://www.novell.com/support/viewContent.do?externalId=7010143", ]
"refsource" : "CONFIRM", },
"url" : "http://www.novell.com/support/viewContent.do?externalId=7010143" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7010143",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7010143"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7008708",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7008708"
}
]
}
}

170
2011/4xxx/CVE-2011-4642.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4642", "ID": "CVE-2011-4642",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18245", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/18245/" "lang": "eng",
}, "value": "mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172."
{ }
"name" : "http://www.sec-1.com/blog/?p=233", ]
"refsource" : "MISC", },
"url" : "http://www.sec-1.com/blog/?p=233" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.splunk.com/view/SP-CAAAGMM", ]
"refsource" : "CONFIRM", }
"url" : "http://www.splunk.com/view/SP-CAAAGMM" ]
}, },
{ "references": {
"name" : "1026451", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026451" "name": "http://www.splunk.com/view/SP-CAAAGMM",
}, "refsource": "CONFIRM",
{ "url": "http://www.splunk.com/view/SP-CAAAGMM"
"name" : "47232", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47232" "name": "1026451",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1026451"
} },
} {
"name": "http://www.sec-1.com/blog/?p=233",
"refsource": "MISC",
"url": "http://www.sec-1.com/blog/?p=233"
},
{
"name": "47232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47232"
},
{
"name": "http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf",
"refsource": "MISC",
"url": "http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf"
},
{
"name": "18245",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18245/"
}
]
}
}

210
2013/1xxx/CVE-2013-1912.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1912", "ID": "CVE-2013-1912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted pipelined HTTP requests that prevent request realignment from occurring."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130403 CVE-2013-1912 : haproxy may crash on TCP content inspection rules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/04/03/1" "lang": "eng",
}, "value": "Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted pipelined HTTP requests that prevent request realignment from occurring."
{ }
"name" : "DSA-2711", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2013/dsa-2711" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2013-4807", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103730.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2013-4827", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103770.html" ]
}, },
{ "references": {
"name" : "FEDORA-2013-6253", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103794.html" "name": "FEDORA-2013-6253",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103794.html"
"name" : "RHSA-2013:0729", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0729.html" "name": "RHSA-2013:0868",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-0868.html"
"name" : "RHSA-2013:0868", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0868.html" "name": "52725",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/52725"
"name" : "USN-1800-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1800-1" "name": "FEDORA-2013-4807",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103730.html"
"name" : "58820", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/58820" "name": "DSA-2711",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2013/dsa-2711"
"name" : "52725", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52725" "name": "FEDORA-2013-4827",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103770.html"
} },
} {
"name": "58820",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58820"
},
{
"name": "USN-1800-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1800-1"
},
{
"name": "[oss-security] 20130403 CVE-2013-1912 : haproxy may crash on TCP content inspection rules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/1"
},
{
"name": "RHSA-2013:0729",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0729.html"
}
]
}
}

34
2013/5xxx/CVE-2013-5239.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5239", "ID": "CVE-2013-5239",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2013/5xxx/CVE-2013-5417.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-5417", "ID": "CVE-2013-5417",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?&uid=swg21651880", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?&uid=swg21651880" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data."
{ }
"name" : "PM93323", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM93323" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PM93944", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM93944" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "63780", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/63780" ]
}, },
{ "references": {
"name" : "was-cve20135417-response-xss(87479)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87479" "name": "63780",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/63780"
} },
} {
"name": "was-cve20135417-response-xss(87479)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87479"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?&uid=swg21651880",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?&uid=swg21651880"
},
{
"name": "PM93323",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM93323"
},
{
"name": "PM93944",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM93944"
}
]
}
}

200
2013/5xxx/CVE-2013-5672.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5672", "ID": "CVE-2013-5672",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add a testimonial via an iNIC_testimonial_save action; (2) add a listing template via an iNIC_testimonial_save_listing_template action; (3) add a widget template via an iNIC_testimonial_save_widget action; insert cross-site scripting (XSS) sequences via the (4) project_name, (5) project_url, (6) client_name, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, or (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, or (18) widget_template parameter to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130901 IndiaNIC Testimonail WP plugin - Multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add a testimonial via an iNIC_testimonial_save action; (2) add a listing template via an iNIC_testimonial_save_listing_template action; (3) add a widget template via an iNIC_testimonial_save_widget action; insert cross-site scripting (XSS) sequences via the (4) project_name, (5) project_url, (6) client_name, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, or (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, or (18) widget_template parameter to wp-admin/admin-ajax.php."
{ }
"name" : "28054", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/28054" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20130901 IndiaNIC Testimonial WP plugin - Multiple vulnerabilities", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2013/Sep/5" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20130901 Re: [CVE Request] IndiaNIC Testimonial 2.2 WP plugin", ]
"refsource" : "MLIST", }
"url" : "http://seclists.org/oss-sec/2013/q3/531" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/123036", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/123036" "name": "62109",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/62109"
"name" : "62109", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/62109" "name": "20130901 IndiaNIC Testimonial WP plugin - Multiple vulnerabilities",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2013/Sep/5"
"name" : "96792", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/96792" "name": "[oss-security] 20130901 Re: [CVE Request] IndiaNIC Testimonial 2.2 WP plugin",
}, "refsource": "MLIST",
{ "url": "http://seclists.org/oss-sec/2013/q3/531"
"name" : "54640", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54640" "name": "54640",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/54640"
"name" : "indianictestimonial-cve20135672-csrf(86846)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86846" "name": "28054",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/28054"
} },
} {
"name": "http://packetstormsecurity.com/files/123036",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/123036"
},
{
"name": "indianictestimonial-cve20135672-csrf(86846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86846"
},
{
"name": "96792",
"refsource": "OSVDB",
"url": "http://osvdb.org/96792"
},
{
"name": "20130901 IndiaNIC Testimonail WP plugin - Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html"
}
]
}
}

34
2014/2xxx/CVE-2014-2149.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-2149", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-2149",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

120
2014/2xxx/CVE-2014-2940.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-2940", "ID": "CVE-2014-2940",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#460687", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/460687" "lang": "eng",
} "value": "Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#460687",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/460687"
}
]
}
}

120
2014/2xxx/CVE-2014-2941.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-2941", "ID": "CVE-2014-2941",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states \"there is no possibility to exploit another user's credentials.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#269991", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/269991" "lang": "eng",
} "value": "** DISPUTED ** Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states \"there is no possibility to exploit another user's credentials.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#269991",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/269991"
}
]
}
}

130
2014/2xxx/CVE-2014-2955.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-2955", "ID": "CVE-2014-2955",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140703 Raritan IPMI vulnerability", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Jul/14" "lang": "eng",
}, "value": "Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password."
{ }
"name" : "VU#712660", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/712660" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140703 Raritan IPMI vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/14"
},
{
"name": "VU#712660",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/712660"
}
]
}
}

34
2014/6xxx/CVE-2014-6033.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-6033", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-6033",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6032. Reason: This candidate is a duplicate of CVE-2014-6032. Notes: All CVE users should reference CVE-2014-6032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6032. Reason: This candidate is a duplicate of CVE-2014-6032. Notes: All CVE users should reference CVE-2014-6032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

34
2014/6xxx/CVE-2014-6104.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6104", "ID": "CVE-2014-6104",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

430
2014/6xxx/CVE-2014-6504.json
View File

@ -1,217 +1,217 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-6504", "ID": "CVE-2014-6504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot."
{ }
"name" : "http://linux.oracle.com/errata/ELSA-2014-1633.html", ]
"refsource" : "CONFIRM", },
"url" : "http://linux.oracle.com/errata/ELSA-2014-1633.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://linux.oracle.com/errata/ELSA-2014-1634.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://linux.oracle.com/errata/ELSA-2014-1634.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://linux.oracle.com/errata/ELSA-2014-1636", ]
"refsource" : "CONFIRM", }
"url" : "http://linux.oracle.com/errata/ELSA-2014-1636" ]
}, },
{ "references": {
"name" : "DSA-3077", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3077" "name": "60414",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60414"
"name" : "DSA-3080", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3080" "name": "RHSA-2014:1657",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
"name" : "GLSA-201502-12", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" "name": "61609",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61609"
"name" : "HPSBUX03218", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" "name": "61928",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61928"
"name" : "SSRT101770", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" "name": "61163",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61163"
"name" : "RHSA-2014:1620", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1620.html" "name": "USN-2386-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2386-1"
"name" : "RHSA-2014:1633", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1633.html" "name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
}, "refsource": "CONFIRM",
{ "url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
"name" : "RHSA-2014:1634", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1634.html" "name": "USN-2388-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2388-1"
"name" : "RHSA-2014:1636", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1636.html" "name": "HPSBUX03218",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
"name" : "RHSA-2014:1657", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1657.html" "name": "61629",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61629"
"name" : "RHSA-2014:1658", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1658.html" "name": "61018",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61018"
"name" : "SUSE-SU-2014:1422", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html" "name": "70564",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/70564"
"name" : "USN-2386-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2386-1" "name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
}, "refsource": "CONFIRM",
{ "url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
"name" : "USN-2388-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2388-1" "name": "61346",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61346"
"name" : "USN-2388-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2388-2" "name": "RHSA-2014:1634",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
"name" : "70564", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70564" "name": "USN-2388-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2388-2"
"name" : "60414", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60414" "name": "SUSE-SU-2014:1422",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
"name" : "60416", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60416" "name": "DSA-3080",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2014/dsa-3080"
"name" : "60417", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60417" "name": "60416",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60416"
"name" : "61018", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61018" "name": "RHSA-2014:1633",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
"name" : "61020", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61020" "name": "RHSA-2014:1636",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
"name" : "61143", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61143" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name" : "61629", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61629" "name": "RHSA-2014:1658",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
"name" : "61163", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61163" "name": "61164",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61164"
"name" : "61164", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61164" "name": "SSRT101770",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
"name" : "61346", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61346" "name": "DSA-3077",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2014/dsa-3077"
"name" : "61609", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61609" "name": "http://linux.oracle.com/errata/ELSA-2014-1636",
}, "refsource": "CONFIRM",
{ "url": "http://linux.oracle.com/errata/ELSA-2014-1636"
"name" : "61928", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61928" "name": "GLSA-201502-12",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
} },
} {
"name": "61020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61143"
},
{
"name": "60417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60417"
},
{
"name": "RHSA-2014:1620",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
]
}
}

140
2014/6xxx/CVE-2014-6700.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6700", "ID": "CVE-2014-6700",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#949809", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/949809" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#949809",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/949809"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/6xxx/CVE-2014-6821.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6821", "ID": "CVE-2014-6821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The voetbal (aka nl.jborsje.android.voetbal.az) application 4.7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The voetbal (aka nl.jborsje.android.voetbal.az) application 4.7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#991433", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/991433" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#991433",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/991433"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

34
2014/7xxx/CVE-2014-7451.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-7451", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-7451",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

150
2017/0xxx/CVE-2017-0087.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0087", "ID": "CVE-2017-0087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows Uniscribe", "product_name": "Windows Uniscribe",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1" "version_value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka \"Uniscribe Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0088, CVE-2017-0089, and CVE-2017-0090."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "41650", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/41650/" "lang": "eng",
}, "value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka \"Uniscribe Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0088, CVE-2017-0089, and CVE-2017-0090."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0087", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0087" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "96604", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96604" "lang": "eng",
}, "value": "Remote Code Execution"
{ }
"name" : "1037992", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037992" ]
} },
] "references": {
} "reference_data": [
} {
"name": "41650",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41650/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0087",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0087"
},
{
"name": "1037992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037992"
},
{
"name": "96604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96604"
}
]
}
}

34
2017/0xxx/CVE-2017-0995.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0995", "ID": "CVE-2017-0995",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/0xxx/CVE-2017-0996.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0996", "ID": "CVE-2017-0996",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

124
2017/1000xxx/CVE-2017-1000168.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.383855", "DATE_ASSIGNED": "2017-08-22T17:29:33.383855",
"ID" : "CVE-2017-1000168", "ID": "CVE-2017-1000168",
"REQUESTER" : "bascule@gmail.com", "REQUESTER": "bascule@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "sodiumoxide", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "0.0.13 and older" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "RustSec" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-310: Cryptographic Issues"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/dnaq/sodiumoxide/issues/154", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/dnaq/sodiumoxide/issues/154" "lang": "eng",
} "value": "sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys"
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dnaq/sodiumoxide/issues/154",
"refsource": "CONFIRM",
"url": "https://github.com/dnaq/sodiumoxide/issues/154"
}
]
}
}

208
2017/1xxx/CVE-2017-1238.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-07-03T00:00:00", "DATE_PUBLIC": "2018-07-03T00:00:00",
"ID" : "CVE-2017-1238", "ID": "CVE-2017-1238",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Quality Manager", "product_name": "Rational Quality Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124356."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10716201", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10716201" "lang": "eng",
}, "value": "IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124356."
{ }
"name" : "ibm-rqm-cve20171238-xss(124356)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/124356" "impact": {
} "cvssv3": {
] "BM": {
} "A": "N",
} "AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-rqm-cve20171238-xss(124356)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124356"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10716201",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10716201"
}
]
}
}

208
2017/1xxx/CVE-2017-1366.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00", "DATE_PUBLIC": "2018-08-01T00:00:00",
"ID" : "CVE-2017-1366", "ID": "CVE-2017-1366",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Security Identity Governance and Intelligence", "product_name": "Security Identity Governance and Intelligence",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.2" "version_value": "5.2"
}, },
{ {
"version_value" : "5.2.1" "version_value": "5.2.1"
}, },
{ {
"version_value" : "5.2.2" "version_value": "5.2.2"
}, },
{ {
"version_value" : "5.2.2.1" "version_value": "5.2.2.1"
}, },
{ {
"version_value" : "5.2.3" "version_value": "5.2.3"
}, },
{ {
"version_value" : "5.2.3.1" "version_value": "5.2.3.1"
}, },
{ {
"version_value" : "5.2.3.2" "version_value": "5.2.3.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869" "lang": "eng",
}, "value": "IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859."
{ }
"name" : "ibm-sig-cve20171366-info-disc(126859)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126859" "impact": {
} "cvssv3": {
] "BM": {
} "A": "N",
} "AC": "H",
"AV": "N",
"C": "H",
"I": "N",
"PR": "N",
"S": "U",
"SCORE": "5.900",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name": "ibm-sig-cve20171366-info-disc(126859)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126859"
}
]
}
}

34
2017/1xxx/CVE-2017-1387.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1387", "ID": "CVE-2017-1387",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1874.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1874", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1874",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1924.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1924", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1924",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4091.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4091", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4091",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4125.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4125", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4125",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4431.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4431", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4431",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4494.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4494", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4494",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

130
2017/5xxx/CVE-2017-5960.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5960", "ID": "CVE-2017-5960",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the \"phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php\" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/PhalconEye/phalconeye/issues/133", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/PhalconEye/phalconeye/issues/133" "lang": "eng",
}, "value": "An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the \"phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php\" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website."
{ }
"name" : "96201", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96201" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PhalconEye/phalconeye/issues/133",
"refsource": "MISC",
"url": "https://github.com/PhalconEye/phalconeye/issues/133"
},
{
"name": "96201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96201"
}
]
}
}