diff --git a/2017/2xxx/CVE-2017-2855.json b/2017/2xxx/CVE-2017-2855.json index 30a5236e9d3..c7c277b3246 100644 --- a/2017/2xxx/CVE-2017-2855.json +++ b/2017/2xxx/CVE-2017-2855.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2017-11-13T00:00:00", "ID" : "CVE-2017-2855", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Foscam", + "version" : { + "version_data" : [ + { + "version_value" : "Foscam Indoor IP Camera C1 Series,System Firmware Version: 1.9.3.18,Application Firmware Version: 2.52.2.43,Plug-In Version: 3.3.0.26" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0358" } ] } diff --git a/2017/2xxx/CVE-2017-2875.json b/2017/2xxx/CVE-2017-2875.json index 8e717ebfdc2..4328b379e39 100644 --- a/2017/2xxx/CVE-2017-2875.json +++ b/2017/2xxx/CVE-2017-2875.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2017-11-13T00:00:00", "ID" : "CVE-2017-2875", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Foscam", + "version" : { + "version_data" : [ + { + "version_value" : "Foscam Indoor IP Camera C1 Series, System Firmware Version: 1.9.3.18, Application Firmware Version: 2.52.2.43,Plug-In Version: 3.3.0.26" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0382" } ] } diff --git a/2017/2xxx/CVE-2017-2878.json b/2017/2xxx/CVE-2017-2878.json index 49f14806994..d201da1f81c 100644 --- a/2017/2xxx/CVE-2017-2878.json +++ b/2017/2xxx/CVE-2017-2878.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2017-11-13T00:00:00", "ID" : "CVE-2017-2878", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Foscam", + "version" : { + "version_data" : [ + { + "version_value" : "Foscam Indoor IP Camera C1 Series,System Firmware Version: 1.9.3.1,Application Firmware Version: 2.52.2.43,Plug-In Version: 3.3.0.26" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0385" } ] } diff --git a/2017/2xxx/CVE-2017-2879.json b/2017/2xxx/CVE-2017-2879.json index ea1be0376cd..9cea9b291dc 100644 --- a/2017/2xxx/CVE-2017-2879.json +++ b/2017/2xxx/CVE-2017-2879.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2017-11-13T00:00:00", "ID" : "CVE-2017-2879", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Foscam", + "version" : { + "version_data" : [ + { + "version_value" : "Foscam Indoor IP Camera C1 Series,System Firmware Version: 1.9.3.18,Application Firmware Version: 2.52.2.43,Plug-In Version: 3.3.0.26" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0386" } ] }