From 9a706400b5db140b270c8736175490654051da5c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:14:54 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/2xxx/CVE-2006-2484.json | 150 ++++++++-------- 2006/3xxx/CVE-2006-3259.json | 190 ++++++++++---------- 2006/3xxx/CVE-2006-3518.json | 180 +++++++++---------- 2006/3xxx/CVE-2006-3569.json | 180 +++++++++---------- 2006/3xxx/CVE-2006-3655.json | 190 ++++++++++---------- 2006/3xxx/CVE-2006-3708.json | 230 ++++++++++++------------ 2006/3xxx/CVE-2006-3879.json | 180 +++++++++---------- 2006/4xxx/CVE-2006-4676.json | 150 ++++++++-------- 2006/6xxx/CVE-2006-6125.json | 170 +++++++++--------- 2006/6xxx/CVE-2006-6259.json | 220 +++++++++++------------ 2010/2xxx/CVE-2010-2345.json | 150 ++++++++-------- 2010/2xxx/CVE-2010-2734.json | 140 +++++++-------- 2011/0xxx/CVE-2011-0070.json | 220 +++++++++++------------ 2011/0xxx/CVE-2011-0571.json | 320 ++++++++++++++++----------------- 2011/0xxx/CVE-2011-0607.json | 320 ++++++++++++++++----------------- 2011/0xxx/CVE-2011-0672.json | 220 +++++++++++------------ 2011/1xxx/CVE-2011-1257.json | 140 +++++++-------- 2011/1xxx/CVE-2011-1371.json | 130 +++++++------- 2011/1xxx/CVE-2011-1375.json | 140 +++++++-------- 2011/1xxx/CVE-2011-1517.json | 34 ++-- 2011/1xxx/CVE-2011-1678.json | 300 +++++++++++++++---------------- 2011/1xxx/CVE-2011-1989.json | 140 +++++++-------- 2011/3xxx/CVE-2011-3032.json | 280 ++++++++++++++--------------- 2011/4xxx/CVE-2011-4189.json | 190 ++++++++++---------- 2011/4xxx/CVE-2011-4709.json | 180 +++++++++---------- 2011/5xxx/CVE-2011-5122.json | 120 ++++++------- 2011/5xxx/CVE-2011-5245.json | 300 +++++++++++++++---------------- 2013/5xxx/CVE-2013-5291.json | 34 ++-- 2014/2xxx/CVE-2014-2103.json | 120 ++++++------- 2014/2xxx/CVE-2014-2163.json | 120 ++++++------- 2014/2xxx/CVE-2014-2471.json | 120 ++++++------- 2014/2xxx/CVE-2014-2850.json | 160 ++++++++--------- 2014/3xxx/CVE-2014-3081.json | 160 ++++++++--------- 2014/3xxx/CVE-2014-3141.json | 34 ++-- 2014/3xxx/CVE-2014-3475.json | 150 ++++++++-------- 2014/6xxx/CVE-2014-6376.json | 120 ++++++------- 2014/6xxx/CVE-2014-6431.json | 250 +++++++++++++------------- 2014/6xxx/CVE-2014-6715.json | 140 +++++++-------- 2014/6xxx/CVE-2014-6772.json | 140 +++++++-------- 2014/7xxx/CVE-2014-7887.json | 34 ++-- 2017/0xxx/CVE-2017-0250.json | 142 +++++++-------- 2017/0xxx/CVE-2017-0569.json | 156 ++++++++-------- 2017/18xxx/CVE-2017-18225.json | 120 ++++++------- 2017/18xxx/CVE-2017-18236.json | 150 ++++++++-------- 2017/18xxx/CVE-2017-18323.json | 130 +++++++------- 2017/1xxx/CVE-2017-1192.json | 178 +++++++++--------- 2017/1xxx/CVE-2017-1302.json | 176 +++++++++--------- 2017/1xxx/CVE-2017-1484.json | 148 +++++++-------- 2017/1xxx/CVE-2017-1972.json | 34 ++-- 2017/5xxx/CVE-2017-5316.json | 34 ++-- 2017/5xxx/CVE-2017-5955.json | 34 ++-- 51 files changed, 4024 insertions(+), 4024 deletions(-) diff --git a/2006/2xxx/CVE-2006-2484.json b/2006/2xxx/CVE-2006-2484.json index d71c350bad9..15bba2f927c 100644 --- a/2006/2xxx/CVE-2006-2484.json +++ b/2006/2xxx/CVE-2006-2484.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2484", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060516 IceWarp Cross-Site Scripting(XSS)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434121/100/0/threaded" - }, - { - "name" : "17995", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17995" - }, - { - "name" : "925", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/925" - }, - { - "name" : "icewarpwebmail-phpsessid-xss(26680)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26680" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060516 IceWarp Cross-Site Scripting(XSS)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434121/100/0/threaded" + }, + { + "name": "17995", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17995" + }, + { + "name": "925", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/925" + }, + { + "name": "icewarpwebmail-phpsessid-xss(26680)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26680" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3259.json b/2006/3xxx/CVE-2006-3259.json index 5ec5bc6df5b..a2c18051cd3 100644 --- a/2006/3xxx/CVE-2006-3259.json +++ b/2006/3xxx/CVE-2006-3259.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060618 e107 v0.7.5 XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/437649/100/0/threaded" - }, - { - "name" : "18560", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18560" - }, - { - "name" : "18508", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18508" - }, - { - "name" : "ADV-2006-2460", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2460" - }, - { - "name" : "20727", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20727" - }, - { - "name" : "1151", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1151" - }, - { - "name" : "e107-search-xss(27240)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27240" - }, - { - "name" : "e107-subject-xss(27242)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27242" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20727", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20727" + }, + { + "name": "e107-subject-xss(27242)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27242" + }, + { + "name": "18508", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18508" + }, + { + "name": "ADV-2006-2460", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2460" + }, + { + "name": "18560", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18560" + }, + { + "name": "e107-search-xss(27240)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27240" + }, + { + "name": "20060618 e107 v0.7.5 XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/437649/100/0/threaded" + }, + { + "name": "1151", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1151" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3518.json b/2006/3xxx/CVE-2006-3518.json index 94a85033129..1dfcc2489bb 100644 --- a/2006/3xxx/CVE-2006-3518.json +++ b/2006/3xxx/CVE-2006-3518.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in SayfalaAltList.asp in Webvizyon Portal 2006 allows remote attackers to execute arbitrary SQL commands via the ID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060708 Webvizyon Portal 2006 Version SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/439599/100/0/threaded" - }, - { - "name" : "18899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18899" - }, - { - "name" : "ADV-2006-2737", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2737" - }, - { - "name" : "28192", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28192" - }, - { - "name" : "1016463", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016463" - }, - { - "name" : "1203", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1203" - }, - { - "name" : "webvizyon-sayfalaaltlist-sql-injection(27637)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27637" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in SayfalaAltList.asp in Webvizyon Portal 2006 allows remote attackers to execute arbitrary SQL commands via the ID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060708 Webvizyon Portal 2006 Version SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/439599/100/0/threaded" + }, + { + "name": "ADV-2006-2737", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2737" + }, + { + "name": "webvizyon-sayfalaaltlist-sql-injection(27637)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27637" + }, + { + "name": "18899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18899" + }, + { + "name": "1203", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1203" + }, + { + "name": "28192", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28192" + }, + { + "name": "1016463", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016463" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3569.json b/2006/3xxx/CVE-2006-3569.json index bd2b8c2e754..7bedc62a6f0 100644 --- a/2006/3xxx/CVE-2006-3569.json +++ b/2006/3xxx/CVE-2006-3569.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, RC2, and RC3, as used in IBM N series Filers and other products, allows unauthorized users to gain access to privileged commands via unknown vectors, probably related to incorrect capabilities with the audit role." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=0&uid=ssg1S1002910", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=0&uid=ssg1S1002910" - }, - { - "name" : "http://now.netapp.com/NOW/products/vulnerability_0601/", - "refsource" : "MISC", - "url" : "http://now.netapp.com/NOW/products/vulnerability_0601/" - }, - { - "name" : "18951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18951" - }, - { - "name" : "ADV-2006-2761", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2761" - }, - { - "name" : "27134", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27134" - }, - { - "name" : "20984", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20984" - }, - { - "name" : "data-ontap-unauthorized-command-execution(27651)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27651" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, RC2, and RC3, as used in IBM N series Filers and other products, allows unauthorized users to gain access to privileged commands via unknown vectors, probably related to incorrect capabilities with the audit role." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27134", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27134" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=0&uid=ssg1S1002910", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?rs=0&uid=ssg1S1002910" + }, + { + "name": "ADV-2006-2761", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2761" + }, + { + "name": "18951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18951" + }, + { + "name": "20984", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20984" + }, + { + "name": "http://now.netapp.com/NOW/products/vulnerability_0601/", + "refsource": "MISC", + "url": "http://now.netapp.com/NOW/products/vulnerability_0601/" + }, + { + "name": "data-ontap-unauthorized-command-execution(27651)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27651" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3655.json b/2006/3xxx/CVE-2006-3655.json index 15e83beaccd..56cf80edd7d 100644 --- a/2006/3xxx/CVE-2006-3655.json +++ b/2006/3xxx/CVE-2006-3655.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a crafted PowerPoint file. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3656, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060715 MS Power Point Multiple Vulnerabilities - (mso.dll) POC", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440107/100/0/threaded" - }, - { - "name" : "20060717 New CVE identifiers for separate PowerPoint 0-day issues assigned", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440867/100/0/threaded" - }, - { - "name" : "20060718 About the latest three Powerpoint vulnerabilities: exploitable?", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440370/100/0/threaded" - }, - { - "name" : "18993", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18993" - }, - { - "name" : "ADV-2006-2815", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2815" - }, - { - "name" : "27325", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27325" - }, - { - "name" : "21061", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21061" - }, - { - "name" : "powerpoint-mso-code-execution2(27781)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a crafted PowerPoint file. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3656, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21061", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21061" + }, + { + "name": "20060718 About the latest three Powerpoint vulnerabilities: exploitable?", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440370/100/0/threaded" + }, + { + "name": "27325", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27325" + }, + { + "name": "ADV-2006-2815", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2815" + }, + { + "name": "powerpoint-mso-code-execution2(27781)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781" + }, + { + "name": "20060717 New CVE identifiers for separate PowerPoint 0-day issues assigned", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440867/100/0/threaded" + }, + { + "name": "18993", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18993" + }, + { + "name": "20060715 MS Power Point Multiple Vulnerabilities - (mso.dll) POC", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440107/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3708.json b/2006/3xxx/CVE-2006-3708.json index e9ce08a7e05..9ac26532839 100644 --- a/2006/3xxx/CVE-2006-3708.json +++ b/2006/3xxx/CVE-2006-3708.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS03." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/440758/100/100/threaded" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/440758/100/100/threaded" - }, - { - "name" : "TA06-200A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-200A.html" - }, - { - "name" : "19054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19054" - }, - { - "name" : "ADV-2006-2863", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2863" - }, - { - "name" : "ADV-2006-2947", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2947" - }, - { - "name" : "1016529", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016529" - }, - { - "name" : "21111", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21111" - }, - { - "name" : "21165", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21165" - }, - { - "name" : "oracle-cpu-july-2006(27897)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27897" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS03." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1016529", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016529" + }, + { + "name": "19054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19054" + }, + { + "name": "oracle-cpu-july-2006(27897)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27897" + }, + { + "name": "21165", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21165" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/440758/100/100/threaded" + }, + { + "name": "ADV-2006-2947", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2947" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/440758/100/100/threaded" + }, + { + "name": "TA06-200A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-200A.html" + }, + { + "name": "21111", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21111" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html" + }, + { + "name": "ADV-2006-2863", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2863" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3879.json b/2006/3xxx/CVE-2006-3879.json index 147756c6cb7..b260eb13bfd 100644 --- a/2006/3xxx/CVE-2006-3879.json +++ b/2006/3xxx/CVE-2006-3879.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3879", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060724 Heap overflow in the GT2 loader of libmikmod 3.2.2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/441006/100/0/threaded" - }, - { - "name" : "http://aluigi.org/poc/lmmgt2ho.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/lmmgt2ho.zip" - }, - { - "name" : "http://aluigi.altervista.org/adv/lmmgt2ho-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/lmmgt2ho-adv.txt" - }, - { - "name" : "19134", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19134" - }, - { - "name" : "ADV-2006-2967", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2967" - }, - { - "name" : "21196", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21196" - }, - { - "name" : "1288", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1288" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-2967", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2967" + }, + { + "name": "19134", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19134" + }, + { + "name": "http://aluigi.altervista.org/adv/lmmgt2ho-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/lmmgt2ho-adv.txt" + }, + { + "name": "21196", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21196" + }, + { + "name": "20060724 Heap overflow in the GT2 loader of libmikmod 3.2.2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/441006/100/0/threaded" + }, + { + "name": "1288", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1288" + }, + { + "name": "http://aluigi.org/poc/lmmgt2ho.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/lmmgt2ho.zip" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4676.json b/2006/4xxx/CVE-2006-4676.json index d8e90d81566..1e47a530419 100644 --- a/2006/4xxx/CVE-2006-4676.json +++ b/2006/4xxx/CVE-2006-4676.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4676", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4676", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2284", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2284" - }, - { - "name" : "19883", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19883" - }, - { - "name" : "ADV-2006-3497", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3497" - }, - { - "name" : "21748", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21748" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21748", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21748" + }, + { + "name": "19883", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19883" + }, + { + "name": "ADV-2006-3497", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3497" + }, + { + "name": "2284", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2284" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6125.json b/2006/6xxx/CVE-2006-6125.json index d7d465e96d4..e7486682930 100644 --- a/2006/6xxx/CVE-2006-6125.json +++ b/2006/6xxx/CVE-2006-6125.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.info-pull.com/mokb/MOKB-22-11-2006.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/mokb/MOKB-22-11-2006.html" - }, - { - "name" : "VU#403152", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/403152" - }, - { - "name" : "21251", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21251" - }, - { - "name" : "ADV-2006-4674", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4674" - }, - { - "name" : "1017275", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017275" - }, - { - "name" : "23051", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23051", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23051" + }, + { + "name": "VU#403152", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/403152" + }, + { + "name": "21251", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21251" + }, + { + "name": "http://projects.info-pull.com/mokb/MOKB-22-11-2006.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/mokb/MOKB-22-11-2006.html" + }, + { + "name": "1017275", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017275" + }, + { + "name": "ADV-2006-4674", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4674" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6259.json b/2006/6xxx/CVE-2006-6259.json index b7250d75432..407cd627a90 100644 --- a/2006/6xxx/CVE-2006-6259.json +++ b/2006/6xxx/CVE-2006-6259.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the \"create name\" field and (2) read arbitrary files via a .. (dot dot) in the \"web root\" field when configuring a subdomain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061128 Multiple Vulnerabilities in AlternC version 0.9.5", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/452988/100/0/threaded" - }, - { - "name" : "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt", - "refsource" : "MISC", - "url" : "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt" - }, - { - "name" : "http://dev.alternc.org/trac/alternc/changeset/1737", - "refsource" : "CONFIRM", - "url" : "http://dev.alternc.org/trac/alternc/changeset/1737" - }, - { - "name" : "http://dev.alternc.org/trac/alternc/changeset/1738", - "refsource" : "CONFIRM", - "url" : "http://dev.alternc.org/trac/alternc/changeset/1738" - }, - { - "name" : "http://dev.alternc.org/trac/alternc/changeset/1742", - "refsource" : "CONFIRM", - "url" : "http://dev.alternc.org/trac/alternc/changeset/1742" - }, - { - "name" : "https://dev.alternc.org/trac/alternc/milestone/0.9.6", - "refsource" : "CONFIRM", - "url" : "https://dev.alternc.org/trac/alternc/milestone/0.9.6" - }, - { - "name" : "21355", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21355" - }, - { - "name" : "ADV-2006-4851", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4851" - }, - { - "name" : "23144", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23144" - }, - { - "name" : "1965", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1965" - }, - { - "name" : "alternc-multiple-directory-traversal(30626)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the \"create name\" field and (2) read arbitrary files via a .. (dot dot) in the \"web root\" field when configuring a subdomain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded" + }, + { + "name": "http://dev.alternc.org/trac/alternc/changeset/1742", + "refsource": "CONFIRM", + "url": "http://dev.alternc.org/trac/alternc/changeset/1742" + }, + { + "name": "21355", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21355" + }, + { + "name": "alternc-multiple-directory-traversal(30626)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626" + }, + { + "name": "1965", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1965" + }, + { + "name": "http://dev.alternc.org/trac/alternc/changeset/1737", + "refsource": "CONFIRM", + "url": "http://dev.alternc.org/trac/alternc/changeset/1737" + }, + { + "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt", + "refsource": "MISC", + "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt" + }, + { + "name": "23144", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23144" + }, + { + "name": "http://dev.alternc.org/trac/alternc/changeset/1738", + "refsource": "CONFIRM", + "url": "http://dev.alternc.org/trac/alternc/changeset/1738" + }, + { + "name": "ADV-2006-4851", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4851" + }, + { + "name": "https://dev.alternc.org/trac/alternc/milestone/0.9.6", + "refsource": "CONFIRM", + "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2345.json b/2010/2xxx/CVE-2010-2345.json index a0f8817227b..3791ef55d0a 100644 --- a/2010/2xxx/CVE-2010-2345.json +++ b/2010/2xxx/CVE-2010-2345.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://holisticinfosec.org/content/view/146/45/", - "refsource" : "MISC", - "url" : "http://holisticinfosec.org/content/view/146/45/" - }, - { - "name" : "65263", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/65263" - }, - { - "name" : "39942", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39942" - }, - { - "name" : "odcms-password-csrf(59248)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59248" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39942", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39942" + }, + { + "name": "65263", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/65263" + }, + { + "name": "odcms-password-csrf(59248)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59248" + }, + { + "name": "http://holisticinfosec.org/content/view/146/45/", + "refsource": "MISC", + "url": "http://holisticinfosec.org/content/view/146/45/" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2734.json b/2010/2xxx/CVE-2010-2734.json index 131aca32a92..16c59b027e6 100644 --- a/2010/2xxx/CVE-2010-2734.json +++ b/2010/2xxx/CVE-2010-2734.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-2734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS10-089", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089" - }, - { - "name" : "TA10-313A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-313A.html" - }, - { - "name" : "oval:org.mitre.oval:def:12058", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:12058", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12058" + }, + { + "name": "MS10-089", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089" + }, + { + "name": "TA10-313A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-313A.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0070.json b/2011/0xxx/CVE-2011-0070.json index eb8b153f287..308936e25ca 100644 --- a/2011/0xxx/CVE-2011-0070.json +++ b/2011/0xxx/CVE-2011-0070.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0070", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0070", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=645565", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=645565" - }, - { - "name" : "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird", - "refsource" : "CONFIRM", - "url" : "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird" - }, - { - "name" : "http://downloads.avaya.com/css/P8/documents/100144158", - "refsource" : "CONFIRM", - "url" : "http://downloads.avaya.com/css/P8/documents/100144158" - }, - { - "name" : "DSA-2227", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2227" - }, - { - "name" : "DSA-2228", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2228" - }, - { - "name" : "DSA-2235", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2235" - }, - { - "name" : "MDVSA-2011:080", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:080" - }, - { - "name" : "MDVSA-2011:079", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:079" - }, - { - "name" : "47654", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47654" - }, - { - "name" : "oval:org.mitre.oval:def:14286", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14286" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2228", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2228" + }, + { + "name": "MDVSA-2011:079", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:079" + }, + { + "name": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird", + "refsource": "CONFIRM", + "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird" + }, + { + "name": "oval:org.mitre.oval:def:14286", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14286" + }, + { + "name": "47654", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47654" + }, + { + "name": "DSA-2235", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2235" + }, + { + "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=645565", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=645565" + }, + { + "name": "MDVSA-2011:080", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:080" + }, + { + "name": "DSA-2227", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2227" + }, + { + "name": "http://downloads.avaya.com/css/P8/documents/100144158", + "refsource": "CONFIRM", + "url": "http://downloads.avaya.com/css/P8/documents/100144158" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0571.json b/2011/0xxx/CVE-2011-0571.json index 64bba8b9513..93225c4b9dc 100644 --- a/2011/0xxx/CVE-2011-0571.json +++ b/2011/0xxx/CVE-2011-0571.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0571", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2011-0571", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb11-02.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb11-02.html" - }, - { - "name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2", - "refsource" : "CONFIRM", - "url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2" - }, - { - "name" : "RHSA-2011:0206", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0206.html" - }, - { - "name" : "RHSA-2011:0259", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0259.html" - }, - { - "name" : "RHSA-2011:0368", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0368.html" - }, - { - "name" : "SUSE-SA:2011:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html" - }, - { - "name" : "46190", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46190" - }, - { - "name" : "70915", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70915" - }, - { - "name" : "oval:org.mitre.oval:def:14115", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14115" - }, - { - "name" : "oval:org.mitre.oval:def:16028", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16028" - }, - { - "name" : "1025055", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025055" - }, - { - "name" : "43267", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43267" - }, - { - "name" : "43292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43292" - }, - { - "name" : "43340", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43340" - }, - { - "name" : "43351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43351" - }, - { - "name" : "43747", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43747" - }, - { - "name" : "ADV-2011-0348", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0348" - }, - { - "name" : "ADV-2011-0383", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0383" - }, - { - "name" : "ADV-2011-0402", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0402" - }, - { - "name" : "ADV-2011-0646", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0646" - }, - { - "name" : "adobe-flash-code-execution(65234)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65234" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0348", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0348" + }, + { + "name": "1025055", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025055" + }, + { + "name": "46190", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46190" + }, + { + "name": "ADV-2011-0646", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0646" + }, + { + "name": "43267", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43267" + }, + { + "name": "43292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43292" + }, + { + "name": "oval:org.mitre.oval:def:16028", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16028" + }, + { + "name": "43351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43351" + }, + { + "name": "adobe-flash-code-execution(65234)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65234" + }, + { + "name": "43340", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43340" + }, + { + "name": "ADV-2011-0383", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0383" + }, + { + "name": "oval:org.mitre.oval:def:14115", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14115" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb11-02.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html" + }, + { + "name": "43747", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43747" + }, + { + "name": "ADV-2011-0402", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0402" + }, + { + "name": "RHSA-2011:0259", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0259.html" + }, + { + "name": "70915", + "refsource": "OSVDB", + "url": "http://osvdb.org/70915" + }, + { + "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2", + "refsource": "CONFIRM", + "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2" + }, + { + "name": "RHSA-2011:0206", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0206.html" + }, + { + "name": "SUSE-SA:2011:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html" + }, + { + "name": "RHSA-2011:0368", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0368.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0607.json b/2011/0xxx/CVE-2011-0607.json index 2310e8be615..9dec4cfac1c 100644 --- a/2011/0xxx/CVE-2011-0607.json +++ b/2011/0xxx/CVE-2011-0607.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0607", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2011-0607", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb11-02.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb11-02.html" - }, - { - "name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2", - "refsource" : "CONFIRM", - "url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2" - }, - { - "name" : "RHSA-2011:0206", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0206.html" - }, - { - "name" : "RHSA-2011:0259", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0259.html" - }, - { - "name" : "RHSA-2011:0368", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0368.html" - }, - { - "name" : "SUSE-SA:2011:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html" - }, - { - "name" : "46282", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46282" - }, - { - "name" : "70922", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70922" - }, - { - "name" : "oval:org.mitre.oval:def:14137", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14137" - }, - { - "name" : "oval:org.mitre.oval:def:16194", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16194" - }, - { - "name" : "1025055", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025055" - }, - { - "name" : "43267", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43267" - }, - { - "name" : "43292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43292" - }, - { - "name" : "43340", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43340" - }, - { - "name" : "43351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43351" - }, - { - "name" : "43747", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43747" - }, - { - "name" : "ADV-2011-0348", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0348" - }, - { - "name" : "ADV-2011-0383", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0383" - }, - { - "name" : "ADV-2011-0402", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0402" - }, - { - "name" : "ADV-2011-0646", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0646" - }, - { - "name" : "adobe-player-ce(65241)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0348", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0348" + }, + { + "name": "1025055", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025055" + }, + { + "name": "ADV-2011-0646", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0646" + }, + { + "name": "43267", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43267" + }, + { + "name": "43292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43292" + }, + { + "name": "43351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43351" + }, + { + "name": "oval:org.mitre.oval:def:14137", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14137" + }, + { + "name": "43340", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43340" + }, + { + "name": "oval:org.mitre.oval:def:16194", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16194" + }, + { + "name": "adobe-player-ce(65241)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65241" + }, + { + "name": "ADV-2011-0383", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0383" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb11-02.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html" + }, + { + "name": "43747", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43747" + }, + { + "name": "ADV-2011-0402", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0402" + }, + { + "name": "RHSA-2011:0259", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0259.html" + }, + { + "name": "46282", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46282" + }, + { + "name": "70922", + "refsource": "OSVDB", + "url": "http://osvdb.org/70922" + }, + { + "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2", + "refsource": "CONFIRM", + "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2" + }, + { + "name": "RHSA-2011:0206", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0206.html" + }, + { + "name": "SUSE-SA:2011:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html" + }, + { + "name": "RHSA-2011:0368", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0368.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0672.json b/2011/0xxx/CVE-2011-0672.json index 60020afe2a1..35571235623 100644 --- a/2011/0xxx/CVE-2011-0672.json +++ b/2011/0xxx/CVE-2011-0672.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other \"Vulnerability Type 1\" CVEs listed in MS11-034, aka \"Win32k Use After Free Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2011-0672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx", - "refsource" : "MISC", - "url" : "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100133352", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100133352" - }, - { - "name" : "MS11-034", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034" - }, - { - "name" : "TA11-102A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" - }, - { - "name" : "47207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47207" - }, - { - "name" : "71746", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/71746" - }, - { - "name" : "oval:org.mitre.oval:def:12167", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12167" - }, - { - "name" : "1025345", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025345" - }, - { - "name" : "44156", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44156" - }, - { - "name" : "ADV-2011-0952", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0952" - }, - { - "name" : "mswin-win32k-var7-priv-escalation(66401)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66401" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other \"Vulnerability Type 1\" CVEs listed in MS11-034, aka \"Win32k Use After Free Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA11-102A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" + }, + { + "name": "mswin-win32k-var7-priv-escalation(66401)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66401" + }, + { + "name": "47207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47207" + }, + { + "name": "MS11-034", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034" + }, + { + "name": "ADV-2011-0952", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0952" + }, + { + "name": "oval:org.mitre.oval:def:12167", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12167" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100133352", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100133352" + }, + { + "name": "44156", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44156" + }, + { + "name": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx", + "refsource": "MISC", + "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx" + }, + { + "name": "1025345", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025345" + }, + { + "name": "71746", + "refsource": "OSVDB", + "url": "http://osvdb.org/71746" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1257.json b/2011/1xxx/CVE-2011-1257.json index 0331cb34245..f055b5a445d 100644 --- a/2011/1xxx/CVE-2011-1257.json +++ b/2011/1xxx/CVE-2011-1257.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1257", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka \"Window Open Race Condition Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2011-1257", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS11-057", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057" - }, - { - "name" : "TA11-221A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-221A.html" - }, - { - "name" : "oval:org.mitre.oval:def:12787", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12787" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka \"Window Open Race Condition Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS11-057", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057" + }, + { + "name": "oval:org.mitre.oval:def:12787", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12787" + }, + { + "name": "TA11-221A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-221A.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1371.json b/2011/1xxx/CVE-2011-1371.json index b6720bf81c8..94fa4428274 100644 --- a/2011/1xxx/CVE-2011-1371.json +++ b/2011/1xxx/CVE-2011-1371.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger an Unknown Error document, a different vulnerability than CVE-2011-4171." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RS00810", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg1RS00810" - }, - { - "name" : "ilogrts-error-xss(71005)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger an Unknown Error document, a different vulnerability than CVE-2011-4171." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RS00810", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=swg1RS00810" + }, + { + "name": "ilogrts-error-xss(71005)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71005" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1375.json b/2011/1xxx/CVE-2011-1375.json index 7832b3cb91b..4be493ee1c1 100644 --- a/2011/1xxx/CVE-2011-1375.json +++ b/2011/1xxx/CVE-2011-1375.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "IV10227", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IV10227" - }, - { - "name" : "IV10229", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IV10229" - }, - { - "name" : "aix-wparlimits-dos(71211)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71211" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IV10227", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IV10227" + }, + { + "name": "aix-wparlimits-dos(71211)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71211" + }, + { + "name": "IV10229", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IV10229" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1517.json b/2011/1xxx/CVE-2011-1517.json index 620cde1a013..7b7bcf66aad 100644 --- a/2011/1xxx/CVE-2011-1517.json +++ b/2011/1xxx/CVE-2011-1517.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1517", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1517", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1678.json b/2011/1xxx/CVE-2011-1678.json index 54e6249da30..f08ee34b6a4 100644 --- a/2011/1xxx/CVE-2011-1678.json +++ b/2011/1xxx/CVE-2011-1678.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/04/11" - }, - { - "name" : "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/04/9" - }, - { - "name" : "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/04/10" - }, - { - "name" : "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/04/12" - }, - { - "name" : "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/05/3" - }, - { - "name" : "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/05/7" - }, - { - "name" : "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/07/9" - }, - { - "name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/14/5" - }, - { - "name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/14/7" - }, - { - "name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/14/16" - }, - { - "name" : "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/15/6" - }, - { - "name" : "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/22/4" - }, - { - "name" : "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/22/6" - }, - { - "name" : "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/31/3" - }, - { - "name" : "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/03/31/4" - }, - { - "name" : "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/04/01/2" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=688980", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=688980" - }, - { - "name" : "MDVSA-2011:148", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:148" - }, - { - "name" : "samba-smbfs-security-bypass(66702)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66702" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/14/5" + }, + { + "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/04/9" + }, + { + "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/22/6" + }, + { + "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/22/4" + }, + { + "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/05/7" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980" + }, + { + "name": "MDVSA-2011:148", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:148" + }, + { + "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/07/9" + }, + { + "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/04/01/2" + }, + { + "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/04/10" + }, + { + "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/14/16" + }, + { + "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/31/4" + }, + { + "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/04/12" + }, + { + "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/14/7" + }, + { + "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/04/11" + }, + { + "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/05/3" + }, + { + "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/31/3" + }, + { + "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/03/15/6" + }, + { + "name": "samba-smbfs-security-bypass(66702)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66702" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1989.json b/2011/1xxx/CVE-2011-1989.json index 6802bd974d1..d4e50cf9fd6 100644 --- a/2011/1xxx/CVE-2011-1989.json +++ b/2011/1xxx/CVE-2011-1989.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1989", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka \"Excel Conditional Expression Parsing Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2011-1989", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS11-072", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-072" - }, - { - "name" : "TA11-256A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-256A.html" - }, - { - "name" : "oval:org.mitre.oval:def:12974", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka \"Excel Conditional Expression Parsing Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:12974", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12974" + }, + { + "name": "MS11-072", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-072" + }, + { + "name": "TA11-256A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-256A.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3032.json b/2011/3xxx/CVE-2011-3032.json index 6a9db639925..7e5f38087a3 100644 --- a/2011/3xxx/CVE-2011-3032.json +++ b/2011/3xxx/CVE-2011-3032.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=108037", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=108037" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html" - }, - { - "name" : "http://support.apple.com/kb/HT5400", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5400" - }, - { - "name" : "http://support.apple.com/kb/HT5485", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5485" - }, - { - "name" : "http://support.apple.com/kb/HT5503", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5503" - }, - { - "name" : "APPLE-SA-2012-07-25-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" - }, - { - "name" : "APPLE-SA-2012-09-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" - }, - { - "name" : "APPLE-SA-2012-09-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" - }, - { - "name" : "GLSA-201203-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201203-19.xml" - }, - { - "name" : "openSUSE-SU-2012:0374", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html" - }, - { - "name" : "52271", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52271" - }, - { - "name" : "oval:org.mitre.oval:def:14438", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14438" - }, - { - "name" : "1026759", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026759" - }, - { - "name" : "48527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48527" - }, - { - "name" : "48419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48419" - }, - { - "name" : "48265", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48265" - }, - { - "name" : "google-svg-value-code-exec(73643)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73643" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT5485", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5485" + }, + { + "name": "APPLE-SA-2012-09-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" + }, + { + "name": "http://support.apple.com/kb/HT5503", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5503" + }, + { + "name": "google-svg-value-code-exec(73643)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73643" + }, + { + "name": "1026759", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026759" + }, + { + "name": "48527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48527" + }, + { + "name": "48265", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48265" + }, + { + "name": "48419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48419" + }, + { + "name": "openSUSE-SU-2012:0374", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html" + }, + { + "name": "APPLE-SA-2012-09-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" + }, + { + "name": "APPLE-SA-2012-07-25-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" + }, + { + "name": "oval:org.mitre.oval:def:14438", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14438" + }, + { + "name": "52271", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52271" + }, + { + "name": "GLSA-201203-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201203-19.xml" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=108037", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=108037" + }, + { + "name": "http://support.apple.com/kb/HT5400", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5400" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4189.json b/2011/4xxx/CVE-2011-4189.json index 90bfb367086..fb752c14b93 100644 --- a/2011/4xxx/CVE-2011-4189.json +++ b/2011/4xxx/CVE-2011-4189.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=37&Itemid=37", - "refsource" : "MISC", - "url" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=37&Itemid=37" - }, - { - "name" : "http://www.novell.com/support/viewContent.do?externalId=7010205", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/viewContent.do?externalId=7010205" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=733885", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=733885" - }, - { - "name" : "52233", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52233" - }, - { - "name" : "79720", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/79720" - }, - { - "name" : "1026753", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026753" - }, - { - "name" : "48199", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48199" - }, - { - "name" : "groupwise-nab-bo(73588)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79720", + "refsource": "OSVDB", + "url": "http://osvdb.org/79720" + }, + { + "name": "groupwise-nab-bo(73588)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73588" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=733885", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=733885" + }, + { + "name": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=37&Itemid=37", + "refsource": "MISC", + "url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=37&Itemid=37" + }, + { + "name": "52233", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52233" + }, + { + "name": "http://www.novell.com/support/viewContent.do?externalId=7010205", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/viewContent.do?externalId=7010205" + }, + { + "name": "48199", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48199" + }, + { + "name": "1026753", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026753" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4709.json b/2011/4xxx/CVE-2011-4709.json index 05638c78f2a..6f9ebdbd9b8 100644 --- a/2011/4xxx/CVE-2011-4709.json +++ b/2011/4xxx/CVE-2011-4709.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4709", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the (1) SITE_NAME parameter to admin_index.php, or the (2) return and (3) search parameters to index.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4709", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zeroscience.mk/codes/hotarucms_xss.txt", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/codes/hotarucms_xss.txt" - }, - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5057.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5057.php" - }, - { - "name" : "77095", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/77095" - }, - { - "name" : "46842", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/46842" - }, - { - "name" : "hotaru-hotaru-xss(71302)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71302" - }, - { - "name" : "hotarucms-hotaru-xss(71301)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71301" - }, - { - "name" : "hotarucms-index-xss(71300)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71300" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the (1) SITE_NAME parameter to admin_index.php, or the (2) return and (3) search parameters to index.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hotaru-hotaru-xss(71302)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71302" + }, + { + "name": "77095", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/77095" + }, + { + "name": "46842", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/46842" + }, + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5057.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5057.php" + }, + { + "name": "hotarucms-hotaru-xss(71301)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71301" + }, + { + "name": "http://www.zeroscience.mk/codes/hotarucms_xss.txt", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/codes/hotarucms_xss.txt" + }, + { + "name": "hotarucms-index-xss(71300)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71300" + } + ] + } +} \ No newline at end of file diff --git a/2011/5xxx/CVE-2011-5122.json b/2011/5xxx/CVE-2011-5122.json index f710b41c4ac..fd61baed57d 100644 --- a/2011/5xxx/CVE-2011-5122.json +++ b/2011/5xxx/CVE-2011-5122.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-5122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Antivirus component in Comodo Internet Security before 5.3.175888.1227 allows remote attackers to cause a denial of service (application crash) via a crafted compressed file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-5122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://personalfirewall.comodo.com/release_notes.html", - "refsource" : "CONFIRM", - "url" : "http://personalfirewall.comodo.com/release_notes.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Antivirus component in Comodo Internet Security before 5.3.175888.1227 allows remote attackers to cause a denial of service (application crash) via a crafted compressed file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://personalfirewall.comodo.com/release_notes.html", + "refsource": "CONFIRM", + "url": "http://personalfirewall.comodo.com/release_notes.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/5xxx/CVE-2011-5245.json b/2011/5xxx/CVE-2011-5245.json index 494fbcbc744..7bdaa107fcb 100644 --- a/2011/5xxx/CVE-2011-5245.json +++ b/2011/5xxx/CVE-2011-5245.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-5245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-5245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=785631", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=785631" - }, - { - "name" : "https://issues.jboss.org/browse/RESTEASY-647", - "refsource" : "CONFIRM", - "url" : "https://issues.jboss.org/browse/RESTEASY-647" - }, - { - "name" : "https://issues.jboss.org/browse/RESTEASY/fixforversion/12318708", - "refsource" : "CONFIRM", - "url" : "https://issues.jboss.org/browse/RESTEASY/fixforversion/12318708" - }, - { - "name" : "RHSA-2012:0441", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-0441.html" - }, - { - "name" : "RHSA-2012:0519", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-0519.html" - }, - { - "name" : "RHSA-2012:1056", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1056.html" - }, - { - "name" : "RHSA-2012:1057", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1057.html" - }, - { - "name" : "RHSA-2012:1058", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1058.html" - }, - { - "name" : "RHSA-2012:1059", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1059.html" - }, - { - "name" : "RHSA-2012:1125", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1125.html" - }, - { - "name" : "RHSA-2014:0371", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0371.html" - }, - { - "name" : "RHSA-2014:0372", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0372.html" - }, - { - "name" : "51766", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/51766" - }, - { - "name" : "78680", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/78680" - }, - { - "name" : "47832", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47832" - }, - { - "name" : "50084", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50084" - }, - { - "name" : "57716", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57716" - }, - { - "name" : "57719", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57719" - }, - { - "name" : "resteasy-xml-info-disclosure(72808)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72808" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=785631", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631" + }, + { + "name": "78680", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/78680" + }, + { + "name": "RHSA-2012:1059", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1059.html" + }, + { + "name": "https://issues.jboss.org/browse/RESTEASY-647", + "refsource": "CONFIRM", + "url": "https://issues.jboss.org/browse/RESTEASY-647" + }, + { + "name": "RHSA-2012:1056", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1056.html" + }, + { + "name": "RHSA-2012:1058", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1058.html" + }, + { + "name": "51766", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/51766" + }, + { + "name": "RHSA-2012:0519", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-0519.html" + }, + { + "name": "50084", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50084" + }, + { + "name": "RHSA-2014:0371", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html" + }, + { + "name": "RHSA-2012:1057", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1057.html" + }, + { + "name": "resteasy-xml-info-disclosure(72808)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72808" + }, + { + "name": "RHSA-2012:0441", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-0441.html" + }, + { + "name": "47832", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47832" + }, + { + "name": "57719", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57719" + }, + { + "name": "57716", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57716" + }, + { + "name": "RHSA-2014:0372", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html" + }, + { + "name": "https://issues.jboss.org/browse/RESTEASY/fixforversion/12318708", + "refsource": "CONFIRM", + "url": "https://issues.jboss.org/browse/RESTEASY/fixforversion/12318708" + }, + { + "name": "RHSA-2012:1125", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1125.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5291.json b/2013/5xxx/CVE-2013-5291.json index 86cbd0e2643..bbbbb489823 100644 --- a/2013/5xxx/CVE-2013-5291.json +++ b/2013/5xxx/CVE-2013-5291.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5291", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5291", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2103.json b/2014/2xxx/CVE-2014-2103.json index cfc5ce34f4a..c7764164bf7 100644 --- a/2014/2xxx/CVE-2014-2103.json +++ b/2014/2xxx/CVE-2014-2103.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-2103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140227 Cisco IPS MainApp SNMP Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2103" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140227 Cisco IPS MainApp SNMP Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2103" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2163.json b/2014/2xxx/CVE-2014-2163.json index 21b5a13b0e2..d85730b02d8 100644 --- a/2014/2xxx/CVE-2014-2163.json +++ b/2014/2xxx/CVE-2014-2163.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2163", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-2163", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2471.json b/2014/2xxx/CVE-2014-2471.json index a31cc7e5707..f9628900b86 100644 --- a/2014/2xxx/CVE-2014-2471.json +++ b/2014/2xxx/CVE-2014-2471.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2471", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-2471", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2850.json b/2014/2xxx/CVE-2014-2850.json index c474fc8bf41..9c753b2d0df 100644 --- a/2014/2xxx/CVE-2014-2850.json +++ b/2014/2xxx/CVE-2014-2850.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2850", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2850", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "32789", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/32789" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-069/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-069/" - }, - { - "name" : "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx", - "refsource" : "CONFIRM", - "url" : "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx" - }, - { - "name" : "66734", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66734" - }, - { - "name" : "57706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "66734", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66734" + }, + { + "name": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx", + "refsource": "CONFIRM", + "url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/" + }, + { + "name": "32789", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/32789" + }, + { + "name": "57706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57706" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3081.json b/2014/3xxx/CVE-2014-3081.json index 8c5e0ec39d5..44872d3e484 100644 --- a/2014/3xxx/CVE-2014-3081.json +++ b/2014/3xxx/CVE-2014-3081.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-3081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "34132", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34132/" - }, - { - "name" : "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Jul/113" - }, - { - "name" : "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html" - }, - { - "name" : "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983" - }, - { - "name" : "ibm-gcm-cve20143081-file-read(93930)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html" + }, + { + "name": "34132", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34132/" + }, + { + "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983" + }, + { + "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Jul/113" + }, + { + "name": "ibm-gcm-cve20143081-file-read(93930)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3141.json b/2014/3xxx/CVE-2014-3141.json index be17ada7046..4ce7187aa7e 100644 --- a/2014/3xxx/CVE-2014-3141.json +++ b/2014/3xxx/CVE-2014-3141.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3141", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-3141", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3475.json b/2014/3xxx/CVE-2014-3475.json index 453d5c65b57..a65c72a363a 100644 --- a/2014/3xxx/CVE-2014-3475.json +++ b/2014/3xxx/CVE-2014-3475.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3475", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-8578." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140708 [OSSA 2014-023] Multiple XSS vulnerabilities in Horizon (CVE-2014-3473, CVE-2014-3474, and CVE-2014-3475)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/08/6" - }, - { - "name" : "https://bugs.launchpad.net/horizon/+bug/1320235", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/horizon/+bug/1320235" - }, - { - "name" : "openSUSE-SU-2015:0078", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html" - }, - { - "name" : "68456", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68456" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-8578." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "68456", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68456" + }, + { + "name": "https://bugs.launchpad.net/horizon/+bug/1320235", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/horizon/+bug/1320235" + }, + { + "name": "[oss-security] 20140708 [OSSA 2014-023] Multiple XSS vulnerabilities in Horizon (CVE-2014-3473, CVE-2014-3474, and CVE-2014-3475)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/08/6" + }, + { + "name": "openSUSE-SU-2015:0078", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6376.json b/2014/6xxx/CVE-2014-6376.json index 11edc114e6d..8ae195e76ca 100644 --- a/2014/6xxx/CVE-2014-6376.json +++ b/2014/6xxx/CVE-2014-6376.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-6327 and CVE-2014-6329." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-6376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-080", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-6327 and CVE-2014-6329." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-080", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6431.json b/2014/6xxx/CVE-2014-6431.json index fb8fe789f4a..43ebe1d89a6 100644 --- a/2014/6xxx/CVE-2014-6431.json +++ b/2014/6xxx/CVE-2014-6431.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6431", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-6431", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2014-19.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2014-19.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10461", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10461" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47c592938ba9f0caeacc4c2ccadb370e72f293a2", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47c592938ba9f0caeacc4c2ccadb370e72f293a2" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-1676", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-1676" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-1677", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-1677" - }, - { - "name" : "DSA-3049", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3049" - }, - { - "name" : "RHSA-2014:1676", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1676.html" - }, - { - "name" : "RHSA-2014:1677", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1677.html" - }, - { - "name" : "SUSE-SU-2014:1221", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html" - }, - { - "name" : "openSUSE-SU-2014:1249", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html" - }, - { - "name" : "60578", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60578" - }, - { - "name" : "60280", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60280" - }, - { - "name" : "61929", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61929" - }, - { - "name" : "61933", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61933" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://linux.oracle.com/errata/ELSA-2014-1676", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-1676" + }, + { + "name": "61933", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61933" + }, + { + "name": "openSUSE-SU-2014:1249", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10461", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10461" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2014-19.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2014-19.html" + }, + { + "name": "RHSA-2014:1677", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1677.html" + }, + { + "name": "RHSA-2014:1676", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1676.html" + }, + { + "name": "DSA-3049", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3049" + }, + { + "name": "SUSE-SU-2014:1221", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html" + }, + { + "name": "60280", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60280" + }, + { + "name": "60578", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60578" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-1677", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-1677" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47c592938ba9f0caeacc4c2ccadb370e72f293a2", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47c592938ba9f0caeacc4c2ccadb370e72f293a2" + }, + { + "name": "61929", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61929" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6715.json b/2014/6xxx/CVE-2014-6715.json index 25636add8d9..8161b862c61 100644 --- a/2014/6xxx/CVE-2014-6715.json +++ b/2014/6xxx/CVE-2014-6715.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6715", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-6715", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#968377", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/968377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#968377", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/968377" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6772.json b/2014/6xxx/CVE-2014-6772.json index cfeaafc3620..64822b81234 100644 --- a/2014/6xxx/CVE-2014-6772.json +++ b/2014/6xxx/CVE-2014-6772.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The United Educational CU (aka com.metova.cuae.uecu) application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-6772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#780937", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/780937" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The United Educational CU (aka com.metova.cuae.uecu) application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#780937", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/780937" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7887.json b/2014/7xxx/CVE-2014-7887.json index 5ccd8fa916a..5fb622b8c65 100644 --- a/2014/7xxx/CVE-2014-7887.json +++ b/2014/7xxx/CVE-2014-7887.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7887", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-7887", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0250.json b/2017/0xxx/CVE-2017-0250.json index 6331e0ac4fa..bc2e492c65a 100644 --- a/2017/0xxx/CVE-2017-0250.json +++ b/2017/0xxx/CVE-2017-0250.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-0250", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft JET Database Engine", - "version" : { - "version_data" : [ - { - "version_value" : "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to buffer overflow, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-0250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft JET Database Engine", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0250", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0250" - }, - { - "name" : "98100", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98100" - }, - { - "name" : "1039090", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039090" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to buffer overflow, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98100", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98100" + }, + { + "name": "1039090", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039090" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0250", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0250" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0569.json b/2017/0xxx/CVE-2017-0569.json index 37179943f73..48019e5df91 100644 --- a/2017/0xxx/CVE-2017-0569.json +++ b/2017/0xxx/CVE-2017-0569.json @@ -1,80 +1,80 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2017-0569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34198729. References: B-RB#110666." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2017-0569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41808", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41808/" - }, - { - "name" : "https://source.android.com/security/bulletin/2017-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-04-01" - }, - { - "name" : "97331", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97331" - }, - { - "name" : "1038201", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34198729. References: B-RB#110666." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-04-01" + }, + { + "name": "97331", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97331" + }, + { + "name": "41808", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41808/" + }, + { + "name": "1038201", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038201" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18225.json b/2017/18xxx/CVE-2017-18225.json index b392c146e93..665300e6ab6 100644 --- a/2017/18xxx/CVE-2017-18225.json +++ b/2017/18xxx/CVE-2017-18225.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.gentoo.org/629412", - "refsource" : "CONFIRM", - "url" : "https://bugs.gentoo.org/629412" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.gentoo.org/629412", + "refsource": "CONFIRM", + "url": "https://bugs.gentoo.org/629412" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18236.json b/2017/18xxx/CVE-2017-18236.json index e23a8026ca7..90918d57823 100644 --- a/2017/18xxx/CVE-2017-18236.json +++ b/2017/18xxx/CVE-2017-18236.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18236", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18236", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180321 [SECURITY] [DLA 1310-1] exempi security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/03/msg00013.html" - }, - { - "name" : "https://bugs.freedesktop.org/show_bug.cgi?id=102484", - "refsource" : "CONFIRM", - "url" : "https://bugs.freedesktop.org/show_bug.cgi?id=102484" - }, - { - "name" : "https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806", - "refsource" : "CONFIRM", - "url" : "https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806" - }, - { - "name" : "USN-3668-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3668-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806", + "refsource": "CONFIRM", + "url": "https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806" + }, + { + "name": "https://bugs.freedesktop.org/show_bug.cgi?id=102484", + "refsource": "CONFIRM", + "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102484" + }, + { + "name": "[debian-lts-announce] 20180321 [SECURITY] [DLA 1310-1] exempi security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00013.html" + }, + { + "name": "USN-3668-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3668-1/" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18323.json b/2017/18xxx/CVE-2017-18323.json index 98797cada23..f7cf1d39fac 100644 --- a/2017/18xxx/CVE-2017-18323.json +++ b/2017/18xxx/CVE-2017-18323.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2017-18323", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Key Management Errors in Modem" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2017-18323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.qualcomm.com/company/product-security/bulletins", - "refsource" : "CONFIRM", - "url" : "https://www.qualcomm.com/company/product-security/bulletins" - }, - { - "name" : "106128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Key Management Errors in Modem" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "refsource": "CONFIRM", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + }, + { + "name": "106128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106128" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1192.json b/2017/1xxx/CVE-2017-1192.json index 3e9791890c7..72baffe551c 100644 --- a/2017/1xxx/CVE-2017-1192.json +++ b/2017/1xxx/CVE-2017-1192.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-06-21T00:00:00", - "ID" : "CVE-2017-1192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Sterling B2B Integrator", - "version" : { - "version_data" : [ - { - "version_value" : "5.2" - }, - { - "version_value" : "5.2.4" - }, - { - "version_value" : "5.2.1" - }, - { - "version_value" : "5.2.2" - }, - { - "version_value" : "5.2.3" - }, - { - "version_value" : "5.2.5" - }, - { - "version_value" : "5.2.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-06-21T00:00:00", + "ID": "CVE-2017-1192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Sterling B2B Integrator", + "version": { + "version_data": [ + { + "version_value": "5.2" + }, + { + "version_value": "5.2.4" + }, + { + "version_value": "5.2.1" + }, + { + "version_value": "5.2.2" + }, + { + "version_value": "5.2.3" + }, + { + "version_value": "5.2.5" + }, + { + "version_value": "5.2.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123663", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123663" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22004267", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22004267" - }, - { - "name" : "102864", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102864" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22004267", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22004267" + }, + { + "name": "102864", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102864" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123663", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123663" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1302.json b/2017/1xxx/CVE-2017-1302.json index e881674799e..83e087d5d7f 100644 --- a/2017/1xxx/CVE-2017-1302.json +++ b/2017/1xxx/CVE-2017-1302.json @@ -1,90 +1,90 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2017-1302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Sterling B2B Integrator", - "version" : { - "version_data" : [ - { - "version_value" : "5.2" - }, - { - "version_value" : "5.2.1" - }, - { - "version_value" : "5.2.2" - }, - { - "version_value" : "5.2.3" - }, - { - "version_value" : "5.2.4" - }, - { - "version_value" : "5.2.5" - }, - { - "version_value" : "5.2.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2017-1302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Sterling B2B Integrator", + "version": { + "version_data": [ + { + "version_value": "5.2" + }, + { + "version_value": "5.2.1" + }, + { + "version_value": "5.2.2" + }, + { + "version_value": "5.2.3" + }, + { + "version_value": "5.2.4" + }, + { + "version_value": "5.2.5" + }, + { + "version_value": "5.2.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125456", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125456" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22004202", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22004202" - }, - { - "name" : "99238", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99238" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "99238", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99238" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125456", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125456" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22004202", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22004202" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1484.json b/2017/1xxx/CVE-2017-1484.json index 64d5cb8d8d7..febdb1841ed 100644 --- a/2017/1xxx/CVE-2017-1484.json +++ b/2017/1xxx/CVE-2017-1484.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-11-14T00:00:00", - "ID" : "CVE-2017-1484", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere Commerce Enterprise", - "version" : { - "version_data" : [ - { - "version_value" : "7.0" - }, - { - "version_value" : "8.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. IBM X-Force ID: 128622." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-11-14T00:00:00", + "ID": "CVE-2017-1484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebSphere Commerce Enterprise", + "version": { + "version_data": [ + { + "version_value": "7.0" + }, + { + "version_value": "8.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128622", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128622" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22010103", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22010103" - }, - { - "name" : "101894", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. IBM X-Force ID: 128622." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128622", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128622" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22010103", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22010103" + }, + { + "name": "101894", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101894" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1972.json b/2017/1xxx/CVE-2017-1972.json index 1aa6accc3bb..00efcef3ead 100644 --- a/2017/1xxx/CVE-2017-1972.json +++ b/2017/1xxx/CVE-2017-1972.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1972", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1972", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5316.json b/2017/5xxx/CVE-2017-5316.json index e9168a86afa..c571f0fb0ce 100644 --- a/2017/5xxx/CVE-2017-5316.json +++ b/2017/5xxx/CVE-2017-5316.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5316", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5316", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5955.json b/2017/5xxx/CVE-2017-5955.json index bfbf154fc17..d69008cd523 100644 --- a/2017/5xxx/CVE-2017-5955.json +++ b/2017/5xxx/CVE-2017-5955.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5955", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5955", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file