diff --git a/2020/17xxx/CVE-2020-17418.json b/2020/17xxx/CVE-2020-17418.json index 29ff405fa18..0315cc04497 100644 --- a/2020/17xxx/CVE-2020-17418.json +++ b/2020/17xxx/CVE-2020-17418.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17418", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of EZIX files. A crafted id in a channel element can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11197." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EZIX files. A crafted id in a channel element can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11197." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1329/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1329/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1329/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17419.json b/2020/17xxx/CVE-2020-17419.json index 7cf55376bf3..0c14153ecf4 100644 --- a/2020/17xxx/CVE-2020-17419.json +++ b/2020/17xxx/CVE-2020-17419.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17419", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11192." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11192." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1330/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1330/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1330/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17420.json b/2020/17xxx/CVE-2020-17420.json index 92268f5da5c..86eb7f6ca71 100644 --- a/2020/17xxx/CVE-2020-17420.json +++ b/2020/17xxx/CVE-2020-17420.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17420", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11193." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11193." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1331/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1331/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1331/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17421.json b/2020/17xxx/CVE-2020-17421.json index 1c18c798d6a..cdfc8cea0dd 100644 --- a/2020/17xxx/CVE-2020-17421.json +++ b/2020/17xxx/CVE-2020-17421.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17421", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17421", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11194." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11194." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1332/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1332/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1332/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17422.json b/2020/17xxx/CVE-2020-17422.json index 6f9fc80923c..767697e75aa 100644 --- a/2020/17xxx/CVE-2020-17422.json +++ b/2020/17xxx/CVE-2020-17422.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17422", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11195." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11195." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1333/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1333/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1333/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17423.json b/2020/17xxx/CVE-2020-17423.json index db19781156a..9257e6e90a5 100644 --- a/2020/17xxx/CVE-2020-17423.json +++ b/2020/17xxx/CVE-2020-17423.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17423", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17423", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of ARW files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11196." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122: Heap-based Buffer Overflow" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ARW files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11196." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1334/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1334/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1334/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17424.json b/2020/17xxx/CVE-2020-17424.json index ae8a9cc0bd6..faefaf43e20 100644 --- a/2020/17xxx/CVE-2020-17424.json +++ b/2020/17xxx/CVE-2020-17424.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17424", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Wen guang Jiao", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EZI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11247." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Wen guang Jiao", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EZI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11247." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1335/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1335/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1335/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17425.json b/2020/17xxx/CVE-2020-17425.json index c0919696725..a1de4b70f8d 100644 --- a/2020/17xxx/CVE-2020-17425.json +++ b/2020/17xxx/CVE-2020-17425.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17425", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17425", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11259." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11259." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1336/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1336/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1336/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17426.json b/2020/17xxx/CVE-2020-17426.json index 7dd478a9f4a..8c17ed2b0b8 100644 --- a/2020/17xxx/CVE-2020-17426.json +++ b/2020/17xxx/CVE-2020-17426.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17426", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Anonymous", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11230." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer" - } + }, + "credit": "Anonymous", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11230." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1337/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1337/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1337/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17427.json b/2020/17xxx/CVE-2020-17427.json index 9df6c5d4418..20b9c2f72f1 100644 --- a/2020/17xxx/CVE-2020-17427.json +++ b/2020/17xxx/CVE-2020-17427.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17427", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11334." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11334." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1338/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1338/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1338/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17428.json b/2020/17xxx/CVE-2020-17428.json index 71103a70cec..703269cab61 100644 --- a/2020/17xxx/CVE-2020-17428.json +++ b/2020/17xxx/CVE-2020-17428.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17428", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11336." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11336." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1339/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1339/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1339/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17429.json b/2020/17xxx/CVE-2020-17429.json index 626d47c7283..192987f0c53 100644 --- a/2020/17xxx/CVE-2020-17429.json +++ b/2020/17xxx/CVE-2020-17429.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17429", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11337." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11337." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1340/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1340/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1340/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17430.json b/2020/17xxx/CVE-2020-17430.json index 84bfc01c713..b01d99a8d66 100644 --- a/2020/17xxx/CVE-2020-17430.json +++ b/2020/17xxx/CVE-2020-17430.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17430", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11332." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11332." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1341/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1341/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1341/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17431.json b/2020/17xxx/CVE-2020-17431.json index da25b286365..ea4e61137f1 100644 --- a/2020/17xxx/CVE-2020-17431.json +++ b/2020/17xxx/CVE-2020-17431.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17431", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17431", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11333." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11333." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1342/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1342/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1342/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17432.json b/2020/17xxx/CVE-2020-17432.json index 9b8d029268e..1c7aa19d48f 100644 --- a/2020/17xxx/CVE-2020-17432.json +++ b/2020/17xxx/CVE-2020-17432.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17432", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11335." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11335." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1343/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1343/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1343/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17433.json b/2020/17xxx/CVE-2020-17433.json index 0885eefbfd7..94ff1b3406e 100644 --- a/2020/17xxx/CVE-2020-17433.json +++ b/2020/17xxx/CVE-2020-17433.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17433", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11356." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11356." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1344/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1344/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1344/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17434.json b/2020/17xxx/CVE-2020-17434.json index 304c0c12094..4becca6f9d5 100644 --- a/2020/17xxx/CVE-2020-17434.json +++ b/2020/17xxx/CVE-2020-17434.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17434", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17434", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ARW files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11357." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ARW files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11357." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1345/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1345/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1345/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17435.json b/2020/17xxx/CVE-2020-17435.json index 71fa80da334..d086c96c807 100644 --- a/2020/17xxx/CVE-2020-17435.json +++ b/2020/17xxx/CVE-2020-17435.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17435", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17435", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11358." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11358." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1346/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1346/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1346/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17436.json b/2020/17xxx/CVE-2020-17436.json index cc797fab354..6770408a31c 100644 --- a/2020/17xxx/CVE-2020-17436.json +++ b/2020/17xxx/CVE-2020-17436.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-17436", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-17436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11432." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11432." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1347/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1347/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1347/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27855.json b/2020/27xxx/CVE-2020-27855.json index 087fb0b90b7..3974802b8ef 100644 --- a/2020/27xxx/CVE-2020-27855.json +++ b/2020/27xxx/CVE-2020-27855.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-27855", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-27855", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11433." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11433." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1348/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1348/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1348/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27856.json b/2020/27xxx/CVE-2020-27856.json index 9108934bda3..2cfa87eed70 100644 --- a/2020/27xxx/CVE-2020-27856.json +++ b/2020/27xxx/CVE-2020-27856.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-27856", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-27856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11434." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-125: Out-of-bounds Read" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-11434." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1349/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1349/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1349/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27857.json b/2020/27xxx/CVE-2020-27857.json index b67bcf5c491..332ca091821 100644 --- a/2020/27xxx/CVE-2020-27857.json +++ b/2020/27xxx/CVE-2020-27857.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2020-27857", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Studio Photo", - "version": { - "version_data": [ - { - "version_value": "3.6.6.922" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2020-27857", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Studio Photo", + "version": { + "version_data": [ + { + "version_value": "3.6.6.922" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11488." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-787: Out-of-bounds Write" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NEF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11488." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1350/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.html" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.html" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1350/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1350/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28383.json b/2020/28xxx/CVE-2020-28383.json index f9b6c9b8fa9..754a0cb7932 100644 --- a/2020/28xxx/CVE-2020-28383.json +++ b/2020/28xxx/CVE-2020-28383.json @@ -76,7 +76,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in JT2Go (All Versions < V13.1.0), Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2), Teamcenter Visualization (All Versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing PAR files. This can result in an out of bounds write past the memory location that is a read only image address. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11885)\n" + "value": "A vulnerability has been identified in JT2Go (All Versions < V13.1.0), Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2), Teamcenter Visualization (All Versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing PAR files. This can result in an out of bounds write past the memory location that is a read only image address. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11885)" } ] }, @@ -94,13 +94,13 @@ }, { "refsource": "MISC", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04" + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-054/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-054/" }, { "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-054/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-054/" + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04" }, { "refsource": "MISC", diff --git a/2020/28xxx/CVE-2020-28384.json b/2020/28xxx/CVE-2020-28384.json index 36b88d0b384..fd643bf53af 100644 --- a/2020/28xxx/CVE-2020-28384.json +++ b/2020/28xxx/CVE-2020-28384.json @@ -56,7 +56,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process.\n" + "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process." } ] }, @@ -69,13 +69,13 @@ }, { "refsource": "MISC", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04" + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-055/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-055/" }, { "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-055/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-055/" + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04" }, { "refsource": "MISC", diff --git a/2020/28xxx/CVE-2020-28386.json b/2020/28xxx/CVE-2020-28386.json index 1d14ae72e30..cd7607418b6 100644 --- a/2020/28xxx/CVE-2020-28386.json +++ b/2020/28xxx/CVE-2020-28386.json @@ -56,7 +56,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process.\n" + "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process." } ] }, @@ -69,13 +69,13 @@ }, { "refsource": "MISC", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04" + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-060/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-060/" }, { "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-060/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-060/" + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-04" }, { "refsource": "MISC", diff --git a/2020/28xxx/CVE-2020-28388.json b/2020/28xxx/CVE-2020-28388.json index 2fc6712c295..e065ff56e62 100644 --- a/2020/28xxx/CVE-2020-28388.json +++ b/2020/28xxx/CVE-2020-28388.json @@ -56,15 +56,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2012.12). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.\n" + "value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2012.12). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones." } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf" } ] } diff --git a/2020/28xxx/CVE-2020-28391.json b/2020/28xxx/CVE-2020-28391.json index 4895fa8f186..a530ef34e5c 100644 --- a/2020/28xxx/CVE-2020-28391.json +++ b/2020/28xxx/CVE-2020-28391.json @@ -56,7 +56,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). Devices create a new unique key upon factory reset, except when used\nwith C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key\nshipped with the firmware-image. An attacker could leverage this situation to a\nman-in-the-middle situation and decrypt previously captured traffic.\n" + "value": "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic." } ] }, diff --git a/2020/28xxx/CVE-2020-28392.json b/2020/28xxx/CVE-2020-28392.json index 76df54d6143..28fb87fcd00 100644 --- a/2020/28xxx/CVE-2020-28392.json +++ b/2020/28xxx/CVE-2020-28392.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMARIS configuration (All versions). During installation to default target folder, incorrect permissions are configured for the\napplication folder and subfolders which could allow an attacker to gain persistence or\npotentially escalate privileges should a user with elevated credentials log onto the machine.\n" + "value": "A vulnerability has been identified in SIMARIS configuration (All versions). During installation to default target folder, incorrect permissions are configured for the application folder and subfolders which could allow an attacker to gain persistence or potentially escalate privileges should a user with elevated credentials log onto the machine." } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794542.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794542.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-794542.pdf" } ] } diff --git a/2020/28xxx/CVE-2020-28394.json b/2020/28xxx/CVE-2020-28394.json index 315f4c72bc5..1500553bd57 100644 --- a/2020/28xxx/CVE-2020-28394.json +++ b/2020/28xxx/CVE-2020-28394.json @@ -56,15 +56,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of RAS files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12283)\n" + "value": "A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of RAS files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12283)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf" } ] } diff --git a/2020/28xxx/CVE-2020-28395.json b/2020/28xxx/CVE-2020-28395.json index 846b2589d2e..f54bdd210bf 100644 --- a/2020/28xxx/CVE-2020-28395.json +++ b/2020/28xxx/CVE-2020-28395.json @@ -46,7 +46,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.\n" + "value": "A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic." } ] }, @@ -59,13 +59,13 @@ }, { "refsource": "MISC", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02" + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-061/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-061/" }, { "refsource": "MISC", - "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-061/", - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-061/" + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-02" } ] } diff --git a/2020/7xxx/CVE-2020-7574.json b/2020/7xxx/CVE-2020-7574.json index 57cbcefe954..8512e791e4e 100644 --- a/2020/7xxx/CVE-2020-7574.json +++ b/2020/7xxx/CVE-2020-7574.json @@ -56,7 +56,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the \"Server Config\" web interface of\nthe affected devices that could allow an attacker to inject arbitrary JavaScript code.\nThe code could be potentially executed later by another (possibly privileged) user.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected system.\nSuccessful exploitation requires no system privileges. An attacker could use the vulnerability\nto compromise the confidentiality and integrity of other users' web session.\n" + "value": "A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the \"Server Config\" web interface of the affected devices that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise the confidentiality and integrity of other users' web session." } ] }, diff --git a/2020/7xxx/CVE-2020-7575.json b/2020/7xxx/CVE-2020-7575.json index 84733787940..906c171de83 100644 --- a/2020/7xxx/CVE-2020-7575.json +++ b/2020/7xxx/CVE-2020-7575.json @@ -56,7 +56,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the web server access log page of\nthe affected devices that could allow an attacker to inject arbitrary JavaScript code via specially crafted GET requests.\nThe code could be potentially executed later by another (privileged) user.\n\nThe security vulnerability could be exploited by an attacker with network access to the affected system.\nSuccessful exploitation requires no system privileges. An attacker could use the vulnerability\nto compromise the confidentiality and integrity of other users' web sessions.\n" + "value": "A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the web server access log page of the affected devices that could allow an attacker to inject arbitrary JavaScript code via specially crafted GET requests. The code could be potentially executed later by another (privileged) user. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise the confidentiality and integrity of other users' web sessions." } ] }, diff --git a/2020/7xxx/CVE-2020-7581.json b/2020/7xxx/CVE-2020-7581.json index 89905cb59d1..c2c8bd61937 100644 --- a/2020/7xxx/CVE-2020-7581.json +++ b/2020/7xxx/CVE-2020-7581.json @@ -196,7 +196,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), SIMOCODE ES <= V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1), Soft Starter ES <= V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted.\n" + "value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), SIMOCODE ES <= V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1), Soft Starter ES <= V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted." } ] }, diff --git a/2020/7xxx/CVE-2020-7587.json b/2020/7xxx/CVE-2020-7587.json index 1f4801d96d3..6a3c87e25d2 100644 --- a/2020/7xxx/CVE-2020-7587.json +++ b/2020/7xxx/CVE-2020-7587.json @@ -216,7 +216,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), SIMOCODE ES <= V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1), Soft Starter ES <= V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could\ncause a partial remote Denial-of-Service, that would cause the service\nto restart itself.\n\nOn some cases the vulnerability could leak random information from the\nremote service.\n" + "value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), SIMOCODE ES <= V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1), Soft Starter ES <= V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service." } ] }, diff --git a/2020/7xxx/CVE-2020-7588.json b/2020/7xxx/CVE-2020-7588.json index 825c685ec14..ec7f878a7ae 100644 --- a/2020/7xxx/CVE-2020-7588.json +++ b/2020/7xxx/CVE-2020-7588.json @@ -216,7 +216,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), SIMOCODE ES <= V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1), Soft Starter ES <= V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a\npartial remote Denial-of-Service, that would cause the service to restart\nitself.\n" + "value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), SIMOCODE ES <= V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1), Soft Starter ES <= V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself." } ] }, diff --git a/2021/25xxx/CVE-2021-25666.json b/2021/25xxx/CVE-2021-25666.json index 33906a02491..4f036a43659 100644 --- a/2021/25xxx/CVE-2021-25666.json +++ b/2021/25xxx/CVE-2021-25666.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected\ndevice could cause a partial denial-of-service, preventing the device to\noperate normally for a short period of time.\n" + "value": "A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time." } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf" } ] }