admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1838 from msrcgit/msrc/march6

Browse Source 
March patch tuesday batch 6
This commit is contained in:
CVE Team 2019-04-08 22:40:47 -04:00 committed by GitHub
commit 927cef0c14
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 751 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
2019/0xxx/CVE-2019-0782.json
View File

@ -1,18 +1,102 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0782",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0782",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Windows",
"version" : {
"version_data" : [
{"version_value" : "7 for 32-bit Systems Service Pack 1"},
{"version_value" : "7 for x64-based Systems Service Pack 1"},
{"version_value" : "8.1 for 32-bit systems"},
{"version_value" : "8.1 for x64-based systems"},
{"version_value" : "RT 8.1"},
{"version_value" : "10 for 32-bit Systems"},
{"version_value" : "10 for x64-based Systems"},
{"version_value" : "10 Version 1607 for 32-bit Systems"},
{"version_value" : "10 Version 1607 for x64-based Systems"},
{"version_value" : "10 Version 1703 for 32-bit Systems"},
{"version_value" : "10 Version 1703 for x64-based Systems"},
{"version_value" : "10 Version 1709 for 32-bit Systems"},
{"version_value" : "10 Version 1709 for x64-based Systems"},
{"version_value" : "10 Version 1803 for 32-bit Systems"},
{"version_value" : "10 Version 1803 for x64-based Systems"},
{"version_value" : "10 Version 1803 for ARM64-based Systems"},
{"version_value" : "10 Version 1809 for 32-bit Systems"},
{"version_value" : "10 Version 1809 for x64-based Systems"},
{"version_value" : "10 Version 1809 for ARM64-based Systems"},
{"version_value" : "10 Version 1709 for ARM64-based Systems"}
]
}
}
},
{
"product_name" : "Windows Server",
"version" : {
"version_data" : [
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"},
{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"},
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"},
{"version_value" : "2012"},
{"version_value" : "2012 (Core installation)"},
{"version_value" : "2012 R2"},
{"version_value" : "2012 R2 (Core installation)"},
{"version_value" : "2016"},
{"version_value" : "2016 (Core installation)"},
{"version_value" : "version 1709 (Core Installation)"},
{"version_value" : "version 1803 (Core Installation)"},
{"version_value" : "2019"},
{"version_value" : "2019 (Core installation)"},
{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0782"
}
]
}
}

97
2019/0xxx/CVE-2019-0783.json
View File

@ -1,18 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0783",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0783",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Internet Explorer 11",
"version" : {
"version_data" : [
{"version_value" : "Windows 7 for 32-bit Systems Service Pack 1"},
{"version_value" : "Windows 7 for x64-based Systems Service Pack 1"},
{"version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1"},
{"version_value" : "Windows 8.1 for 32-bit systems"},
{"version_value" : "Windows 8.1 for x64-based systems"},
{"version_value" : "Windows Server 2012 R2"},
{"version_value" : "Windows RT 8.1"},
{"version_value" : "Windows 10 for 32-bit Systems"},
{"version_value" : "Windows 10 for x64-based Systems"},
{"version_value" : "Windows Server 2016"},
{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"},
{"version_value" : "Windows 10 Version 1607 for x64-based Systems"},
{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"},
{"version_value" : "Windows 10 Version 1703 for x64-based Systems"},
{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"},
{"version_value" : "Windows 10 Version 1709 for x64-based Systems"},
{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"},
{"version_value" : "Windows 10 Version 1803 for x64-based Systems"},
{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"},
{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"},
{"version_value" : "Windows 10 Version 1809 for x64-based Systems"},
{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"},
{"version_value" : "Windows Server 2019"},
{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"}
]
}
}
},
{
"product_name" : "Internet Explorer 10",
"version" : {
"version_data" : [
{"version_value" : "Windows Server 2012"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0783"
}
]
}
}

110
2019/0xxx/CVE-2019-0784.json
View File

@ -1,18 +1,102 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0784",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0784",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Windows",
"version" : {
"version_data" : [
{"version_value" : "7 for 32-bit Systems Service Pack 1"},
{"version_value" : "7 for x64-based Systems Service Pack 1"},
{"version_value" : "8.1 for 32-bit systems"},
{"version_value" : "8.1 for x64-based systems"},
{"version_value" : "RT 8.1"},
{"version_value" : "10 for 32-bit Systems"},
{"version_value" : "10 for x64-based Systems"},
{"version_value" : "10 Version 1607 for 32-bit Systems"},
{"version_value" : "10 Version 1607 for x64-based Systems"},
{"version_value" : "10 Version 1703 for 32-bit Systems"},
{"version_value" : "10 Version 1703 for x64-based Systems"},
{"version_value" : "10 Version 1709 for 32-bit Systems"},
{"version_value" : "10 Version 1709 for x64-based Systems"},
{"version_value" : "10 Version 1803 for 32-bit Systems"},
{"version_value" : "10 Version 1803 for x64-based Systems"},
{"version_value" : "10 Version 1803 for ARM64-based Systems"},
{"version_value" : "10 Version 1809 for 32-bit Systems"},
{"version_value" : "10 Version 1809 for x64-based Systems"},
{"version_value" : "10 Version 1809 for ARM64-based Systems"},
{"version_value" : "10 Version 1709 for ARM64-based Systems"}
]
}
}
},
{
"product_name" : "Windows Server",
"version" : {
"version_data" : [
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"},
{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"},
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"},
{"version_value" : "2012"},
{"version_value" : "2012 (Core installation)"},
{"version_value" : "2012 R2"},
{"version_value" : "2012 R2 (Core installation)"},
{"version_value" : "2016"},
{"version_value" : "2016 (Core installation)"},
{"version_value" : "version 1709 (Core Installation)"},
{"version_value" : "version 1803 (Core Installation)"},
{"version_value" : "2019"},
{"version_value" : "2019 (Core installation)"},
{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784"
}
]
}
}

100
2019/0xxx/CVE-2019-0797.json
View File

@ -1,18 +1,92 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0797",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0797",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Windows Server",
"version" : {
"version_data" : [
{"version_value" : "2012"},
{"version_value" : "2012 (Core installation)"},
{"version_value" : "2012 R2"},
{"version_value" : "2012 R2 (Core installation)"},
{"version_value" : "2016"},
{"version_value" : "2016 (Core installation)"},
{"version_value" : "version 1709 (Core Installation)"},
{"version_value" : "version 1803 (Core Installation)"},
{"version_value" : "2019"},
{"version_value" : "2019 (Core installation)"}
]
}
}
},
{
"product_name" : "Windows",
"version" : {
"version_data" : [
{"version_value" : "8.1 for 32-bit systems"},
{"version_value" : "8.1 for x64-based systems"},
{"version_value" : "RT 8.1"},
{"version_value" : "10 for 32-bit Systems"},
{"version_value" : "10 for x64-based Systems"},
{"version_value" : "10 Version 1607 for 32-bit Systems"},
{"version_value" : "10 Version 1607 for x64-based Systems"},
{"version_value" : "10 Version 1703 for 32-bit Systems"},
{"version_value" : "10 Version 1703 for x64-based Systems"},
{"version_value" : "10 Version 1709 for 32-bit Systems"},
{"version_value" : "10 Version 1709 for x64-based Systems"},
{"version_value" : "10 Version 1803 for 32-bit Systems"},
{"version_value" : "10 Version 1803 for x64-based Systems"},
{"version_value" : "10 Version 1803 for ARM64-based Systems"},
{"version_value" : "10 Version 1809 for 32-bit Systems"},
{"version_value" : "10 Version 1809 for x64-based Systems"},
{"version_value" : "10 Version 1809 for ARM64-based Systems"},
{"version_value" : "10 Version 1709 for ARM64-based Systems"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797"
}
]
}
}

74
2019/0xxx/CVE-2019-0798.json
View File

@ -1,18 +1,66 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0798",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0798",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Skype for Business Server 2015",
"version" : {
"version_data" : [
{"version_value" : "March 2019 Update"}
]
}
}
},
{
"product_name" : "Microsoft Lync Server 2013",
"version" : {
"version_data" : [
{"version_value" : "July 2018 Update"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Spoofing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0798"
}
]
}
}

66
2019/0xxx/CVE-2019-0804.json
View File

@ -1,18 +1,58 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0804",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0804",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "",
"version" : {
"version_data" : [
{"version_value" : ""}
]
}
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804"
}
]
}
}

82
2019/0xxx/CVE-2019-0808.json
View File

@ -1,18 +1,74 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0808",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0808",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Windows",
"version" : {
"version_data" : [
{"version_value" : "7 for 32-bit Systems Service Pack 1"},
{"version_value" : "7 for x64-based Systems Service Pack 1"}
]
}
}
},
{
"product_name" : "Windows Server",
"version" : {
"version_data" : [
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"},
{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"},
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"},
{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808"
}
]
}
}

66
2019/0xxx/CVE-2019-0809.json
View File

@ -1,18 +1,58 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0809",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0809",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Microsoft Visual Studio 2017",
"version" : {
"version_data" : [
{"version_value" : "version 15.9"}
]
}
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809"
}
]
}
}

66
2019/0xxx/CVE-2019-0816.json
View File

@ -1,18 +1,58 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0816",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0816",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Ubuntu Server",
"version" : {
"version_data" : [
{"version_value" : "18.04-LTS"}
]
}
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Security Feature Bypass"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0816"
}
]
}
}

110
2019/0xxx/CVE-2019-0821.json
View File

@ -1,18 +1,102 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0821",
"STATE": "RESERVED"
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0821",
"STATE" : "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
"product" : {
"product_data" : [
{
"product_name" : "Windows",
"version" : {
"version_data" : [
{"version_value" : "7 for 32-bit Systems Service Pack 1"},
{"version_value" : "7 for x64-based Systems Service Pack 1"},
{"version_value" : "8.1 for 32-bit systems"},
{"version_value" : "8.1 for x64-based systems"},
{"version_value" : "RT 8.1"},
{"version_value" : "10 for 32-bit Systems"},
{"version_value" : "10 for x64-based Systems"},
{"version_value" : "10 Version 1607 for 32-bit Systems"},
{"version_value" : "10 Version 1607 for x64-based Systems"},
{"version_value" : "10 Version 1703 for 32-bit Systems"},
{"version_value" : "10 Version 1703 for x64-based Systems"},
{"version_value" : "10 Version 1709 for 32-bit Systems"},
{"version_value" : "10 Version 1709 for x64-based Systems"},
{"version_value" : "10 Version 1803 for 32-bit Systems"},
{"version_value" : "10 Version 1803 for x64-based Systems"},
{"version_value" : "10 Version 1803 for ARM64-based Systems"},
{"version_value" : "10 Version 1809 for 32-bit Systems"},
{"version_value" : "10 Version 1809 for x64-based Systems"},
{"version_value" : "10 Version 1809 for ARM64-based Systems"},
{"version_value" : "10 Version 1709 for ARM64-based Systems"}
]
}
}
},
{
"product_name" : "Windows Server",
"version" : {
"version_data" : [
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"},
{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"},
{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"},
{"version_value" : "2012"},
{"version_value" : "2012 (Core installation)"},
{"version_value" : "2012 R2"},
{"version_value" : "2012 R2 (Core installation)"},
{"version_value" : "2016"},
{"version_value" : "2016 (Core installation)"},
{"version_value" : "version 1709 (Core Installation)"},
{"version_value" : "version 1803 (Core Installation)"},
{"version_value" : "2019"},
{"version_value" : "2019 (Core installation)"},
{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"},
{"version_value" : "2008 for 32-bit Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2"},
{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0821"
}
]
}
}