diff --git a/2007/2xxx/CVE-2007-2025.json b/2007/2xxx/CVE-2007-2025.json index 270d097fa2b..018e890a427 100644 --- a/2007/2xxx/CVE-2007-2025.json +++ b/2007/2xxx/CVE-2007-2025.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[phpwiki-talk] 20070408 Important UpLoad security fix! was [Fwd: [phpwiki - Open Discussion] RE: upload security risk]", - "refsource" : "MLIST", - "url" : "http://www.nabble.com/Important-UpLoad-security-fix%21-was--Fwd%3A--phpwiki---Open-Discussion--RE%3A-upload-security-risk--t3543463.html" - }, - { - "name" : "https://sourceforge.net/forum/message.php?msg_id=4249177", - "refsource" : "MISC", - "url" : "https://sourceforge.net/forum/message.php?msg_id=4249177" - }, - { - "name" : "DSA-1371", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1371" - }, - { - "name" : "GLSA-200705-16", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200705-16.xml" - }, - { - "name" : "25307", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25307" - }, - { - "name" : "26784", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/forum/message.php?msg_id=4249177", + "refsource": "MISC", + "url": "https://sourceforge.net/forum/message.php?msg_id=4249177" + }, + { + "name": "DSA-1371", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1371" + }, + { + "name": "[phpwiki-talk] 20070408 Important UpLoad security fix! was [Fwd: [phpwiki - Open Discussion] RE: upload security risk]", + "refsource": "MLIST", + "url": "http://www.nabble.com/Important-UpLoad-security-fix%21-was--Fwd%3A--phpwiki---Open-Discussion--RE%3A-upload-security-risk--t3543463.html" + }, + { + "name": "26784", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26784" + }, + { + "name": "GLSA-200705-16", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-16.xml" + }, + { + "name": "25307", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25307" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2059.json b/2007/2xxx/CVE-2007-2059.json index 0a0fd49bdfe..c73a5629345 100644 --- a/2007/2xxx/CVE-2007-2059.json +++ b/2007/2xxx/CVE-2007-2059.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 allow remote attackers to execute arbitrary code via a long parameter to the (1) DELETESEARCHFOLDER, (2) DELTASK, (3) HMGR_CHECKHOSTSCSV, (4) TASKUPDATEDUSER, (5) VERIFYUSERKEY, or (6) VERIFYPWD command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070412 INFIGO-2007-04-05: Enterprise Security Analyzer server remotebuffer overflows", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465488/100/0/threaded" - }, - { - "name" : "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2007-04-05", - "refsource" : "MISC", - "url" : "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2007-04-05" - }, - { - "name" : "ADV-2007-1380", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1380" - }, - { - "name" : "24881", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24881" - }, - { - "name" : "eiqnetworks-esa-multiple-commands-bo(33646)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33646" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 allow remote attackers to execute arbitrary code via a long parameter to the (1) DELETESEARCHFOLDER, (2) DELTASK, (3) HMGR_CHECKHOSTSCSV, (4) TASKUPDATEDUSER, (5) VERIFYUSERKEY, or (6) VERIFYPWD command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "eiqnetworks-esa-multiple-commands-bo(33646)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33646" + }, + { + "name": "24881", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24881" + }, + { + "name": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2007-04-05", + "refsource": "MISC", + "url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2007-04-05" + }, + { + "name": "ADV-2007-1380", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1380" + }, + { + "name": "20070412 INFIGO-2007-04-05: Enterprise Security Analyzer server remotebuffer overflows", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465488/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2306.json b/2007/2xxx/CVE-2007-2306.json index 5b855e7b252..8113a3b46cc 100644 --- a/2007/2xxx/CVE-2007-2306.json +++ b/2007/2xxx/CVE-2007-2306.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2306", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War (VWar) 1.5.0 R15 and earlier module for PHP-Nuke, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) memberlist parameter to extra/login.php and the (2) title parameter to extra/today.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2306", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070413 [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465612/100/0/threaded" - }, - { - "name" : "http://www.waraxe.us/advisory-48.html", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/advisory-48.html" - }, - { - "name" : "23478", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23478" - }, - { - "name" : "2642", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2642" - }, - { - "name" : "vwar-login-today-xss(33647)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33647" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War (VWar) 1.5.0 R15 and earlier module for PHP-Nuke, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) memberlist parameter to extra/login.php and the (2) title parameter to extra/today.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vwar-login-today-xss(33647)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33647" + }, + { + "name": "23478", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23478" + }, + { + "name": "20070413 [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465612/100/0/threaded" + }, + { + "name": "2642", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2642" + }, + { + "name": "http://www.waraxe.us/advisory-48.html", + "refsource": "MISC", + "url": "http://www.waraxe.us/advisory-48.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2913.json b/2007/2xxx/CVE-2007-2913.json index dc71dc579f9..1e889fa03f7 100644 --- a/2007/2xxx/CVE-2007-2913.json +++ b/2007/2xxx/CVE-2007-2913.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2913", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2913", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070522 RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469230/100/0/threaded" - }, - { - "name" : "38148", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38148" - }, - { - "name" : "2749", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2749" - }, - { - "name" : "clonuswiki-index-xss(34438)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34438" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38148", + "refsource": "OSVDB", + "url": "http://osvdb.org/38148" + }, + { + "name": "clonuswiki-index-xss(34438)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34438" + }, + { + "name": "20070522 RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469230/100/0/threaded" + }, + { + "name": "2749", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2749" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2962.json b/2007/2xxx/CVE-2007-2962.json index 96c254850c9..688a6437259 100644 --- a/2007/2xxx/CVE-2007-2962.json +++ b/2007/2xxx/CVE-2007-2962.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2962", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.php in Particle Gallery 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the order parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2962", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070530 Practicle Gallery 1.0.1 XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469985/100/0/threaded" - }, - { - "name" : "24236", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24236" - }, - { - "name" : "36414", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36414" - }, - { - "name" : "25484", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25484" - }, - { - "name" : "2748", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2748" - }, - { - "name" : "particlegallery-search-xss(34582)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34582" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.php in Particle Gallery 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the order parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25484", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25484" + }, + { + "name": "2748", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2748" + }, + { + "name": "20070530 Practicle Gallery 1.0.1 XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469985/100/0/threaded" + }, + { + "name": "24236", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24236" + }, + { + "name": "particlegallery-search-xss(34582)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34582" + }, + { + "name": "36414", + "refsource": "OSVDB", + "url": "http://osvdb.org/36414" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3511.json b/2007/3xxx/CVE-2007-3511.json index 15a897a0002..7ef7e303536 100644 --- a/2007/3xxx/CVE-2007-3511.json +++ b/2007/3xxx/CVE-2007-3511.json @@ -1,302 +1,302 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the \"for\" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071029 FLEA-2007-0062-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482925/100/0/threaded" - }, - { - "name" : "20071026 rPSA-2007-0225-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482876/100/200/threaded" - }, - { - "name" : "20071029 rPSA-2007-0225-2 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482932/100/200/threaded" - }, - { - "name" : "20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html" - }, - { - "name" : "20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html" - }, - { - "name" : "http://yathong.googlepages.com/FirefoxFocusBug.html", - "refsource" : "MISC", - "url" : "http://yathong.googlepages.com/FirefoxFocusBug.html" - }, - { - "name" : "http://sla.ckers.org/forum/read.php?3,13142", - "refsource" : "MISC", - "url" : "http://sla.ckers.org/forum/read.php?3,13142" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1858", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1858" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html" - }, - { - "name" : "DSA-1396", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1396" - }, - { - "name" : "DSA-1401", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1401" - }, - { - "name" : "DSA-1392", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1392" - }, - { - "name" : "FEDORA-2007-2601", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html" - }, - { - "name" : "FEDORA-2007-2664", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html" - }, - { - "name" : "FEDORA-2007-3431", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:202", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202" - }, - { - "name" : "RHSA-2007:0979", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0979.html" - }, - { - "name" : "RHSA-2007:0980", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0980.html" - }, - { - "name" : "RHSA-2007:0981", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0981.html" - }, - { - "name" : "201516", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" - }, - { - "name" : "SUSE-SA:2007:057", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" - }, - { - "name" : "USN-535-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/535-1/" - }, - { - "name" : "USN-536-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-536-1" - }, - { - "name" : "24725", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24725" - }, - { - "name" : "37994", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37994" - }, - { - "name" : "oval:org.mitre.oval:def:9763", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763" - }, - { - "name" : "ADV-2007-3544", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3544" - }, - { - "name" : "ADV-2007-3587", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3587" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "1018837", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018837" - }, - { - "name" : "25904", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25904" - }, - { - "name" : "27276", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27276" - }, - { - "name" : "27325", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27325" - }, - { - "name" : "27327", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27327" - }, - { - "name" : "27335", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27335" - }, - { - "name" : "27356", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27356" - }, - { - "name" : "27383", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27383" - }, - { - "name" : "27425", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27425" - }, - { - "name" : "27403", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27403" - }, - { - "name" : "27480", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27480" - }, - { - "name" : "27387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27387" - }, - { - "name" : "27298", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27298" - }, - { - "name" : "27336", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27336" - }, - { - "name" : "27414", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27414" - }, - { - "name" : "27680", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27680" - }, - { - "name" : "firefox-focus-security-bypass(35299)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35299" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the \"for\" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24725", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24725" + }, + { + "name": "FEDORA-2007-2601", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html" + }, + { + "name": "20071026 rPSA-2007-0225-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482876/100/200/threaded" + }, + { + "name": "ADV-2007-3587", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3587" + }, + { + "name": "27414", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27414" + }, + { + "name": "20071029 FLEA-2007-0062-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482925/100/0/threaded" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1858", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1858" + }, + { + "name": "firefox-focus-security-bypass(35299)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35299" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "27298", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27298" + }, + { + "name": "1018837", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018837" + }, + { + "name": "27327", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27327" + }, + { + "name": "ADV-2007-3544", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3544" + }, + { + "name": "27276", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27276" + }, + { + "name": "USN-535-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/535-1/" + }, + { + "name": "DSA-1401", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1401" + }, + { + "name": "DSA-1392", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1392" + }, + { + "name": "RHSA-2007:0980", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0980.html" + }, + { + "name": "27383", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27383" + }, + { + "name": "SUSE-SA:2007:057", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" + }, + { + "name": "27356", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27356" + }, + { + "name": "RHSA-2007:0981", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0981.html" + }, + { + "name": "37994", + "refsource": "OSVDB", + "url": "http://osvdb.org/37994" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "27387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27387" + }, + { + "name": "http://sla.ckers.org/forum/read.php?3,13142", + "refsource": "MISC", + "url": "http://sla.ckers.org/forum/read.php?3,13142" + }, + { + "name": "FEDORA-2007-3431", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html" + }, + { + "name": "27403", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27403" + }, + { + "name": "27336", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27336" + }, + { + "name": "DSA-1396", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1396" + }, + { + "name": "27425", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27425" + }, + { + "name": "20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "oval:org.mitre.oval:def:9763", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763" + }, + { + "name": "27325", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27325" + }, + { + "name": "MDKSA-2007:202", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202" + }, + { + "name": "RHSA-2007:0979", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0979.html" + }, + { + "name": "27335", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27335" + }, + { + "name": "25904", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25904" + }, + { + "name": "FEDORA-2007-2664", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html" + }, + { + "name": "27480", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27480" + }, + { + "name": "http://yathong.googlepages.com/FirefoxFocusBug.html", + "refsource": "MISC", + "url": "http://yathong.googlepages.com/FirefoxFocusBug.html" + }, + { + "name": "27680", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27680" + }, + { + "name": "20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html" + }, + { + "name": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html" + }, + { + "name": "201516", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" + }, + { + "name": "20071029 rPSA-2007-0225-2 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482932/100/200/threaded" + }, + { + "name": "USN-536-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-536-1" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3582.json b/2007/3xxx/CVE-2007-3582.json index 84a7034c68d..434a3593aa1 100644 --- a/2007/3xxx/CVE-2007-3582.json +++ b/2007/3xxx/CVE-2007-3582.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3582", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in SuperCali PHP Event Calendar 0.4.0 allows remote attackers to execute arbitrary SQL commands via the o parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3582", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4141", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4141" - }, - { - "name" : "24756", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24756" - }, - { - "name" : "ADV-2007-2431", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2431" - }, - { - "name" : "36300", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36300" - }, - { - "name" : "25921", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25921" - }, - { - "name" : "supercali-index-sql-injection(35252)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35252" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in SuperCali PHP Event Calendar 0.4.0 allows remote attackers to execute arbitrary SQL commands via the o parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "supercali-index-sql-injection(35252)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35252" + }, + { + "name": "24756", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24756" + }, + { + "name": "25921", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25921" + }, + { + "name": "ADV-2007-2431", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2431" + }, + { + "name": "4141", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4141" + }, + { + "name": "36300", + "refsource": "OSVDB", + "url": "http://osvdb.org/36300" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3895.json b/2007/3xxx/CVE-2007-3895.json index 52758eb9195..d50091a567d 100644 --- a/2007/3xxx/CVE-2007-3895.json +++ b/2007/3xxx/CVE-2007-3895.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3895", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-3895", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071211 Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities", - "refsource" : "ISS", - "url" : "http://www.iss.net/threats/280.html" - }, - { - "name" : "HPSBST02299", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded" - }, - { - "name" : "SSRT071506", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded" - }, - { - "name" : "MS07-064", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-064" - }, - { - "name" : "TA07-345A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" - }, - { - "name" : "VU#321233", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/321233" - }, - { - "name" : "26804", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26804" - }, - { - "name" : "ADV-2007-4180", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4180" - }, - { - "name" : "oval:org.mitre.oval:def:4287", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4287" - }, - { - "name" : "1019073", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019073" - }, - { - "name" : "28010", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28010" - }, - { - "name" : "ms-directshow-wav-code-execution(38722)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38722" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071211 Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities", + "refsource": "ISS", + "url": "http://www.iss.net/threats/280.html" + }, + { + "name": "MS07-064", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-064" + }, + { + "name": "ms-directshow-wav-code-execution(38722)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38722" + }, + { + "name": "SSRT071506", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" + }, + { + "name": "1019073", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019073" + }, + { + "name": "26804", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26804" + }, + { + "name": "28010", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28010" + }, + { + "name": "oval:org.mitre.oval:def:4287", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4287" + }, + { + "name": "HPSBST02299", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" + }, + { + "name": "TA07-345A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" + }, + { + "name": "VU#321233", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/321233" + }, + { + "name": "ADV-2007-4180", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4180" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4492.json b/2007/4xxx/CVE-2007-4492.json index ef209cd4c84..bae8c7708b6 100644 --- a/2007/4xxx/CVE-2007-4492.json +++ b/2007/4xxx/CVE-2007-4492.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4492", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4492", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "102988", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102988-1" - }, - { - "name" : "25389", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25389" - }, - { - "name" : "ADV-2007-2933", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2933" - }, - { - "name" : "1018597", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018597" - }, - { - "name" : "26558", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26558" - }, - { - "name" : "solaris-ata-dos(36171)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018597", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018597" + }, + { + "name": "ADV-2007-2933", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2933" + }, + { + "name": "102988", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102988-1" + }, + { + "name": "25389", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25389" + }, + { + "name": "26558", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26558" + }, + { + "name": "solaris-ata-dos(36171)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36171" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4564.json b/2007/4xxx/CVE-2007-4564.json index 0f288edf693..8004034e69e 100644 --- a/2007/4xxx/CVE-2007-4564.json +++ b/2007/4xxx/CVE-2007-4564.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4564", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4564", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html" - }, - { - "name" : "25434", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25434" - }, - { - "name" : "37855", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37855" - }, - { - "name" : "26589", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26589" - }, - { - "name" : "cosminexus-group-security-bypass(36245)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html" + }, + { + "name": "25434", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25434" + }, + { + "name": "37855", + "refsource": "OSVDB", + "url": "http://osvdb.org/37855" + }, + { + "name": "26589", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26589" + }, + { + "name": "cosminexus-group-security-bypass(36245)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4729.json b/2007/4xxx/CVE-2007-4729.json index 5e4276fc7d3..60056d78756 100644 --- a/2007/4xxx/CVE-2007-4729.json +++ b/2007/4xxx/CVE-2007-4729.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4729", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4729", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6446.json b/2007/6xxx/CVE-2007-6446.json index f7c008bfdb8..83aa660ef06 100644 --- a/2007/6xxx/CVE-2007-6446.json +++ b/2007/6xxx/CVE-2007-6446.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6446", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6118. Reason: This candidate is a duplicate of CVE-2007-6118. Notes: All CVE users should reference CVE-2007-6118 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-6446", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6118. Reason: This candidate is a duplicate of CVE-2007-6118. Notes: All CVE users should reference CVE-2007-6118 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6553.json b/2007/6xxx/CVE-2007-6553.json index 966b28b456b..90532081b03 100644 --- a/2007/6xxx/CVE-2007-6553.json +++ b/2007/6xxx/CVE-2007-6553.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6553", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6553", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4785", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4785" - }, - { - "name" : "27022", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27022" - }, - { - "name" : "39805", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39805" - }, - { - "name" : "39806", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39806" - }, - { - "name" : "39807", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39807" - }, - { - "name" : "39808", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39808" - }, - { - "name" : "39809", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39809" - }, - { - "name" : "39810", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39810" - }, - { - "name" : "39811", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39811" - }, - { - "name" : "39812", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39812" - }, - { - "name" : "39813", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39813" - }, - { - "name" : "39814", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39814" - }, - { - "name" : "39815", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39815" - }, - { - "name" : "39816", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39816" - }, - { - "name" : "39817", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39817" - }, - { - "name" : "39818", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39818" - }, - { - "name" : "39819", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39819" - }, - { - "name" : "39820", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39820" - }, - { - "name" : "39821", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39821" - }, - { - "name" : "39822", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39822" - }, - { - "name" : "39823", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39823" - }, - { - "name" : "39824", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39824" - }, - { - "name" : "39825", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39825" - }, - { - "name" : "39826", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39826" - }, - { - "name" : "teamcal-multiple-file-include(39212)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39813", + "refsource": "OSVDB", + "url": "http://osvdb.org/39813" + }, + { + "name": "39821", + "refsource": "OSVDB", + "url": "http://osvdb.org/39821" + }, + { + "name": "39809", + "refsource": "OSVDB", + "url": "http://osvdb.org/39809" + }, + { + "name": "39811", + "refsource": "OSVDB", + "url": "http://osvdb.org/39811" + }, + { + "name": "39820", + "refsource": "OSVDB", + "url": "http://osvdb.org/39820" + }, + { + "name": "39806", + "refsource": "OSVDB", + "url": "http://osvdb.org/39806" + }, + { + "name": "39808", + "refsource": "OSVDB", + "url": "http://osvdb.org/39808" + }, + { + "name": "39826", + "refsource": "OSVDB", + "url": "http://osvdb.org/39826" + }, + { + "name": "39805", + "refsource": "OSVDB", + "url": "http://osvdb.org/39805" + }, + { + "name": "4785", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4785" + }, + { + "name": "teamcal-multiple-file-include(39212)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212" + }, + { + "name": "39807", + "refsource": "OSVDB", + "url": "http://osvdb.org/39807" + }, + { + "name": "39815", + "refsource": "OSVDB", + "url": "http://osvdb.org/39815" + }, + { + "name": "39823", + "refsource": "OSVDB", + "url": "http://osvdb.org/39823" + }, + { + "name": "39822", + "refsource": "OSVDB", + "url": "http://osvdb.org/39822" + }, + { + "name": "39817", + "refsource": "OSVDB", + "url": "http://osvdb.org/39817" + }, + { + "name": "39825", + "refsource": "OSVDB", + "url": "http://osvdb.org/39825" + }, + { + "name": "39812", + "refsource": "OSVDB", + "url": "http://osvdb.org/39812" + }, + { + "name": "39818", + "refsource": "OSVDB", + "url": "http://osvdb.org/39818" + }, + { + "name": "39824", + "refsource": "OSVDB", + "url": "http://osvdb.org/39824" + }, + { + "name": "39819", + "refsource": "OSVDB", + "url": "http://osvdb.org/39819" + }, + { + "name": "27022", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27022" + }, + { + "name": "39810", + "refsource": "OSVDB", + "url": "http://osvdb.org/39810" + }, + { + "name": "39814", + "refsource": "OSVDB", + "url": "http://osvdb.org/39814" + }, + { + "name": "39816", + "refsource": "OSVDB", + "url": "http://osvdb.org/39816" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6634.json b/2007/6xxx/CVE-2007-6634.json index b30d0c22fea..e1c4b13b94b 100644 --- a/2007/6xxx/CVE-2007-6634.json +++ b/2007/6xxx/CVE-2007-6634.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071228 FAQMasterFlexPlus multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485589/100/0/threaded" - }, - { - "name" : "20071228 FAQMasterFlexPlus multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059318.html" - }, - { - "name" : "27052", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27052" - }, - { - "name" : "39665", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39665" - }, - { - "name" : "28248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28248" - }, - { - "name" : "faqmasterflexplus-faq-sql-injection(39286)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39286" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27052", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27052" + }, + { + "name": "20071228 FAQMasterFlexPlus multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059318.html" + }, + { + "name": "faqmasterflexplus-faq-sql-injection(39286)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39286" + }, + { + "name": "28248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28248" + }, + { + "name": "39665", + "refsource": "OSVDB", + "url": "http://osvdb.org/39665" + }, + { + "name": "20071228 FAQMasterFlexPlus multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485589/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0033.json b/2010/0xxx/CVE-2010-0033.json index 62322c3f3c8..cad860e8f15 100644 --- a/2010/0xxx/CVE-2010-0033.json +++ b/2010/0xxx/CVE-2010-0033.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0033", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka \"PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-0033", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS10-004", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-004" - }, - { - "name" : "TA10-040A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" - }, - { - "name" : "oval:org.mitre.oval:def:7711", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7711" - }, - { - "name" : "1023563", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023563" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka \"PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA10-040A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" + }, + { + "name": "oval:org.mitre.oval:def:7711", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7711" + }, + { + "name": "MS10-004", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-004" + }, + { + "name": "1023563", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023563" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1512.json b/2010/1xxx/CVE-2010-1512.json index d45a61df5de..7bc2ec1e663 100644 --- a/2010/1xxx/CVE-2010-1512.json +++ b/2010/1xxx/CVE-2010-1512.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1512", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2010-1512", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100513 Secunia Research: aria2 metalink \"name\" Directory Traversal Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/511280/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2010-71/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2010-71/" - }, - { - "name" : "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS", - "refsource" : "CONFIRM", - "url" : "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS" - }, - { - "name" : "DSA-2047", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2047" - }, - { - "name" : "FEDORA-2010-8905", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html" - }, - { - "name" : "FEDORA-2010-8908", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html" - }, - { - "name" : "FEDORA-2010-8915", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html" - }, - { - "name" : "GLSA-201101-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201101-04.xml" - }, - { - "name" : "MDVSA-2010:106", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106" - }, - { - "name" : "SUSE-SR:2010:014", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" - }, - { - "name" : "SUSE-SR:2010:017", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" - }, - { - "name" : "40142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40142" - }, - { - "name" : "64592", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64592" - }, - { - "name" : "39529", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39529" - }, - { - "name" : "39872", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39872" - }, - { - "name" : "42906", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42906" - }, - { - "name" : "ADV-2010-1228", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1228" - }, - { - "name" : "ADV-2010-1229", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1229" - }, - { - "name" : "ADV-2011-0116", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100513 Secunia Research: aria2 metalink \"name\" Directory Traversal Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/511280/100/0/threaded" + }, + { + "name": "40142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40142" + }, + { + "name": "FEDORA-2010-8915", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html" + }, + { + "name": "39872", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39872" + }, + { + "name": "ADV-2011-0116", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0116" + }, + { + "name": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS", + "refsource": "CONFIRM", + "url": "http://downloads.sourceforge.net/project/aria2/stable/aria2-1.9.3/NEWS" + }, + { + "name": "FEDORA-2010-8908", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html" + }, + { + "name": "FEDORA-2010-8905", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html" + }, + { + "name": "64592", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64592" + }, + { + "name": "SUSE-SR:2010:017", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" + }, + { + "name": "ADV-2010-1229", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1229" + }, + { + "name": "42906", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42906" + }, + { + "name": "SUSE-SR:2010:014", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" + }, + { + "name": "39529", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39529" + }, + { + "name": "MDVSA-2010:106", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:106" + }, + { + "name": "DSA-2047", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2047" + }, + { + "name": "ADV-2010-1228", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1228" + }, + { + "name": "GLSA-201101-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201101-04.xml" + }, + { + "name": "http://secunia.com/secunia_research/2010-71/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2010-71/" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5138.json b/2010/5xxx/CVE-2010-5138.json index 757ce2dbc6c..3f4dffb4165 100644 --- a/2010/5xxx/CVE-2010-5138.json +++ b/2010/5xxx/CVE-2010-5138.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "wxBitcoin and bitcoind 0.3.x allow remote attackers to cause a denial of service (electricity consumption) via a Bitcoin transaction containing multiple OP_CHECKSIG script opcodes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://en.bitcoin.it/wiki/CVEs", - "refsource" : "CONFIRM", - "url" : "https://en.bitcoin.it/wiki/CVEs" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "wxBitcoin and bitcoind 0.3.x allow remote attackers to cause a denial of service (electricity consumption) via a Bitcoin transaction containing multiple OP_CHECKSIG script opcodes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://en.bitcoin.it/wiki/CVEs", + "refsource": "CONFIRM", + "url": "https://en.bitcoin.it/wiki/CVEs" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5269.json b/2010/5xxx/CVE-2010-5269.json index de107726fd8..ea7543a3fed 100644 --- a/2010/5xxx/CVE-2010-5269.json +++ b/2010/5xxx/CVE-2010-5269.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5269", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5269", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5" - }, - { - "name" : "42506", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42506", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42506" + }, + { + "name": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5", + "refsource": "MISC", + "url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0084.json b/2014/0xxx/CVE-2014-0084.json index 74219d14880..6098c4275d1 100644 --- a/2014/0xxx/CVE-2014-0084.json +++ b/2014/0xxx/CVE-2014-0084.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0084", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0084", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0144.json b/2014/0xxx/CVE-2014-0144.json index 89946d202b6..0b4dddddd60 100644 --- a/2014/0xxx/CVE-2014-0144.json +++ b/2014/0xxx/CVE-2014-0144.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0144", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0144", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0174.json b/2014/0xxx/CVE-2014-0174.json index 8aac10419ea..218d650411c 100644 --- a/2014/0xxx/CVE-2014-0174.json +++ b/2014/0xxx/CVE-2014-0174.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2014:0858", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0858.html" - }, - { - "name" : "RHSA-2014:0859", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0859.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0858", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html" + }, + { + "name": "RHSA-2014:0859", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1312.json b/2014/1xxx/CVE-2014-1312.json index d64a0912f0f..71218d9520f 100644 --- a/2014/1xxx/CVE-2014-1312.json +++ b/2014/1xxx/CVE-2014-1312.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1312", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1312", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT6537", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6537" - }, - { - "name" : "APPLE-SA-2014-04-01-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html" - }, - { - "name" : "APPLE-SA-2014-04-22-2", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html" - }, - { - "name" : "APPLE-SA-2014-04-22-3", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2014-04-22-2", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html" + }, + { + "name": "https://support.apple.com/kb/HT6537", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6537" + }, + { + "name": "APPLE-SA-2014-04-22-3", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html" + }, + { + "name": "APPLE-SA-2014-04-01-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1613.json b/2014/1xxx/CVE-2014-1613.json index bd5eaae3fab..a15da2a4d38 100644 --- a/2014/1xxx/CVE-2014-1613.json +++ b/2014/1xxx/CVE-2014-1613.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1613", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/public/lib.urlhandlers.php or (2) plugins/pages/_public.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1613", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://labs.mwrinfosecurity.com/advisories/2014/05/14/dotclear-php-object-injection/", - "refsource" : "MISC", - "url" : "https://labs.mwrinfosecurity.com/advisories/2014/05/14/dotclear-php-object-injection/" - }, - { - "name" : "http://dotclear.org/blog/post/2014/01/20/Dotclear-2.6.2", - "refsource" : "CONFIRM", - "url" : "http://dotclear.org/blog/post/2014/01/20/Dotclear-2.6.2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/public/lib.urlhandlers.php or (2) plugins/pages/_public.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://labs.mwrinfosecurity.com/advisories/2014/05/14/dotclear-php-object-injection/", + "refsource": "MISC", + "url": "https://labs.mwrinfosecurity.com/advisories/2014/05/14/dotclear-php-object-injection/" + }, + { + "name": "http://dotclear.org/blog/post/2014/01/20/Dotclear-2.6.2", + "refsource": "CONFIRM", + "url": "http://dotclear.org/blog/post/2014/01/20/Dotclear-2.6.2" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5238.json b/2014/5xxx/CVE-2014-5238.json index 582bbfb2fdf..bae9ba74ae7 100644 --- a/2014/5xxx/CVE-2014-5238.json +++ b/2014/5xxx/CVE-2014-5238.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5238", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5238", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5533.json b/2014/5xxx/CVE-2014-5533.json index 56ec306ac51..909fa3e53fa 100644 --- a/2014/5xxx/CVE-2014-5533.json +++ b/2014/5xxx/CVE-2014-5533.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5533", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-5533", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5627.json b/2014/5xxx/CVE-2014-5627.json index 94b48cb5555..29448aea52b 100644 --- a/2014/5xxx/CVE-2014-5627.json +++ b/2014/5xxx/CVE-2014-5627.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5627", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) application 2.8.0m for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#520633", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/520633" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) application 2.8.0m for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#520633", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/520633" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2222.json b/2015/2xxx/CVE-2015-2222.json index 2d6fccc52e3..1c8e511b3cc 100644 --- a/2015/2xxx/CVE-2015-2222.json +++ b/2015/2xxx/CVE-2015-2222.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2222", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2222", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html", - "refsource" : "CONFIRM", - "url" : "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html" - }, - { - "name" : "GLSA-201512-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-08" - }, - { - "name" : "openSUSE-SU-2015:0906", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html" - }, - { - "name" : "USN-2594-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-2594-1" - }, - { - "name" : "74443", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74443" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2594-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-2594-1" + }, + { + "name": "GLSA-201512-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-08" + }, + { + "name": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html", + "refsource": "CONFIRM", + "url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html" + }, + { + "name": "74443", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74443" + }, + { + "name": "openSUSE-SU-2015:0906", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2337.json b/2015/2xxx/CVE-2015-2337.json index a0b69e9fc51..eabbf608d6a 100644 --- a/2015/2xxx/CVE-2015-2337.json +++ b/2015/2xxx/CVE-2015-2337.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2337", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2337", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2015-0004.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2015-0004.html" - }, - { - "name" : "75095", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75095" - }, - { - "name" : "1032529", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032529" - }, - { - "name" : "1032530", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032530" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032529", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032529" + }, + { + "name": "75095", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75095" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html" + }, + { + "name": "1032530", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032530" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2438.json b/2015/2xxx/CVE-2015-2438.json index 5127b41d214..fd5a97c351f 100644 --- a/2015/2xxx/CVE-2015-2438.json +++ b/2015/2xxx/CVE-2015-2438.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2438", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-2438", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2583.json b/2015/2xxx/CVE-2015-2583.json index 8f8840d049c..546104418ec 100644 --- a/2015/2xxx/CVE-2015-2583.json +++ b/2015/2xxx/CVE-2015-2583.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10037.json b/2016/10xxx/CVE-2016-10037.json index 7ca3e68ece4..3065c342620 100644 --- a/2016/10xxx/CVE-2016-10037.json +++ b/2016/10xxx/CVE-2016-10037.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10037", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10037", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/modxcms/revolution/pull/13177", - "refsource" : "CONFIRM", - "url" : "https://github.com/modxcms/revolution/pull/13177" - }, - { - "name" : "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt", - "refsource" : "CONFIRM", - "url" : "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt" - }, - { - "name" : "95127", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95127" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/modxcms/revolution/pull/13177", + "refsource": "CONFIRM", + "url": "https://github.com/modxcms/revolution/pull/13177" + }, + { + "name": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt", + "refsource": "CONFIRM", + "url": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt" + }, + { + "name": "95127", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95127" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10638.json b/2016/10xxx/CVE-2016-10638.json index 82b0856a6bc..2dfbf55ef7b 100644 --- a/2016/10xxx/CVE-2016-10638.json +++ b/2016/10xxx/CVE-2016-10638.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10638", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "js-given node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10638", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "js-given node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/241", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/241", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/241" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4054.json b/2016/4xxx/CVE-2016-4054.json index 82f982b6a87..91265c84c1b 100644 --- a/2016/4xxx/CVE-2016-4054.json +++ b/2016/4xxx/CVE-2016-4054.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4054", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4054", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160420 Re: CVE Request: Squid HTTP Caching Proxy multiple issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/20/9" - }, - { - "name" : "[oss-security] 20160421 CVE Request: Squid HTTP Caching Proxy multiple issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/20/6" - }, - { - "name" : "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3625", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3625" - }, - { - "name" : "GLSA-201607-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-01" - }, - { - "name" : "RHSA-2016:1138", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1138" - }, - { - "name" : "RHSA-2016:1139", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1139" - }, - { - "name" : "RHSA-2016:1140", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1140" - }, - { - "name" : "openSUSE-SU-2016:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" - }, - { - "name" : "SUSE-SU-2016:1996", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" - }, - { - "name" : "SUSE-SU-2016:2089", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" - }, - { - "name" : "USN-2995-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2995-1" - }, - { - "name" : "86788", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86788" - }, - { - "name" : "1035647", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035647" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt" + }, + { + "name": "GLSA-201607-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-01" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1996", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" + }, + { + "name": "[oss-security] 20160421 CVE Request: Squid HTTP Caching Proxy multiple issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/20/6" + }, + { + "name": "USN-2995-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2995-1" + }, + { + "name": "RHSA-2016:1140", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1140" + }, + { + "name": "openSUSE-SU-2016:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" + }, + { + "name": "RHSA-2016:1138", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1138" + }, + { + "name": "RHSA-2016:1139", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1139" + }, + { + "name": "SUSE-SU-2016:2089", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" + }, + { + "name": "[oss-security] 20160420 Re: CVE Request: Squid HTTP Caching Proxy multiple issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/20/9" + }, + { + "name": "1035647", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035647" + }, + { + "name": "DSA-3625", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3625" + }, + { + "name": "86788", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86788" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4195.json b/2016/4xxx/CVE-2016-4195.json index e6e0ce74141..c2c004c1b9a 100644 --- a/2016/4xxx/CVE-2016-4195.json +++ b/2016/4xxx/CVE-2016-4195.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4195", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4195", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91716" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91716" + }, + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4596.json b/2016/4xxx/CVE-2016-4596.json index 34069b684df..c7e1f2562e3 100644 --- a/2016/4xxx/CVE-2016-4596.json +++ b/2016/4xxx/CVE-2016-4596.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8117.json b/2016/8xxx/CVE-2016-8117.json index 6cac67745c6..d9c5d23d0e8 100644 --- a/2016/8xxx/CVE-2016-8117.json +++ b/2016/8xxx/CVE-2016-8117.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8117", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8117", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8536.json b/2016/8xxx/CVE-2016-8536.json index ec024149080..eec264e466c 100644 --- a/2016/8xxx/CVE-2016-8536.json +++ b/2016/8xxx/CVE-2016-8536.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8536", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8536", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8860.json b/2016/8xxx/CVE-2016-8860.json index c49b765e77a..a966efab04e 100644 --- a/2016/8xxx/CVE-2016-8860.json +++ b/2016/8xxx/CVE-2016-8860.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8860", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8860", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161019 Re: CVE request for tor", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2016/10/19/11" - }, - { - "name" : "https://blog.torproject.org/blog/tor-0289-released-important-fixes", - "refsource" : "CONFIRM", - "url" : "https://blog.torproject.org/blog/tor-0289-released-important-fixes" - }, - { - "name" : "https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce", - "refsource" : "CONFIRM", - "url" : "https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce" - }, - { - "name" : "https://trac.torproject.org/projects/tor/ticket/20384", - "refsource" : "CONFIRM", - "url" : "https://trac.torproject.org/projects/tor/ticket/20384" - }, - { - "name" : "DSA-3694", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3694" - }, - { - "name" : "GLSA-201612-45", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-45" - }, - { - "name" : "95116", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blog.torproject.org/blog/tor-0289-released-important-fixes", + "refsource": "CONFIRM", + "url": "https://blog.torproject.org/blog/tor-0289-released-important-fixes" + }, + { + "name": "https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce", + "refsource": "CONFIRM", + "url": "https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce" + }, + { + "name": "GLSA-201612-45", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-45" + }, + { + "name": "[oss-security] 20161019 Re: CVE request for tor", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2016/10/19/11" + }, + { + "name": "https://trac.torproject.org/projects/tor/ticket/20384", + "refsource": "CONFIRM", + "url": "https://trac.torproject.org/projects/tor/ticket/20384" + }, + { + "name": "95116", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95116" + }, + { + "name": "DSA-3694", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3694" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9110.json b/2016/9xxx/CVE-2016-9110.json index 2eff989ffa0..f18bbffe02b 100644 --- a/2016/9xxx/CVE-2016-9110.json +++ b/2016/9xxx/CVE-2016-9110.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9110", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9110", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9248.json b/2016/9xxx/CVE-2016-9248.json index 60b3d5032c7..a1dfbeab6a8 100644 --- a/2016/9xxx/CVE-2016-9248.json +++ b/2016/9xxx/CVE-2016-9248.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9248", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9248", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9713.json b/2016/9xxx/CVE-2016-9713.json index 0e837a311b3..0b09a1aae73 100644 --- a/2016/9xxx/CVE-2016-9713.json +++ b/2016/9xxx/CVE-2016-9713.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9713", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9713", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2128.json b/2019/2xxx/CVE-2019-2128.json index 6937330db26..70c4b780feb 100644 --- a/2019/2xxx/CVE-2019-2128.json +++ b/2019/2xxx/CVE-2019-2128.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2128", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2128", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2358.json b/2019/2xxx/CVE-2019-2358.json index 391c7f10854..7218dcc0284 100644 --- a/2019/2xxx/CVE-2019-2358.json +++ b/2019/2xxx/CVE-2019-2358.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2358", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2358", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2658.json b/2019/2xxx/CVE-2019-2658.json index 9989ebb891a..811d0c83058 100644 --- a/2019/2xxx/CVE-2019-2658.json +++ b/2019/2xxx/CVE-2019-2658.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2658", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2658", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2812.json b/2019/2xxx/CVE-2019-2812.json index ca1c26a0dad..b94336994d5 100644 --- a/2019/2xxx/CVE-2019-2812.json +++ b/2019/2xxx/CVE-2019-2812.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2812", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2812", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6173.json b/2019/6xxx/CVE-2019-6173.json index bb083c79c56..67c32ac0dd4 100644 --- a/2019/6xxx/CVE-2019-6173.json +++ b/2019/6xxx/CVE-2019-6173.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6173", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6173", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6728.json b/2019/6xxx/CVE-2019-6728.json index bf5cb767ab4..7da6316a6dd 100644 --- a/2019/6xxx/CVE-2019-6728.json +++ b/2019/6xxx/CVE-2019-6728.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6728", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6728", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6758.json b/2019/6xxx/CVE-2019-6758.json index bd119ac14b6..4833bad697d 100644 --- a/2019/6xxx/CVE-2019-6758.json +++ b/2019/6xxx/CVE-2019-6758.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6758", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6758", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6770.json b/2019/6xxx/CVE-2019-6770.json index 09d75403dc1..7af4cb83630 100644 --- a/2019/6xxx/CVE-2019-6770.json +++ b/2019/6xxx/CVE-2019-6770.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6770", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6770", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6977.json b/2019/6xxx/CVE-2019-6977.json index a5610f4c28d..b4cb59f5bd8 100644 --- a/2019/6xxx/CVE-2019-6977.json +++ b/2019/6xxx/CVE-2019-6977.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190130 [SECURITY] [DLA 1651-1] libgd2 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "MISC", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "MISC", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=77270", - "refsource" : "MISC", - "url" : "https://bugs.php.net/bug.php?id=77270" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190315-0003/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190315-0003/" - }, - { - "name" : "DSA-4384", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2019/dsa-4384" - }, - { - "name" : "USN-3900-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3900-1/" - }, - { - "name" : "106731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106731" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190315-0003/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190315-0003/" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "MISC", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "MISC", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "USN-3900-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3900-1/" + }, + { + "name": "[debian-lts-announce] 20190130 [SECURITY] [DLA 1651-1] libgd2 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html" + }, + { + "name": "https://bugs.php.net/bug.php?id=77270", + "refsource": "MISC", + "url": "https://bugs.php.net/bug.php?id=77270" + }, + { + "name": "DSA-4384", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2019/dsa-4384" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7306.json b/2019/7xxx/CVE-2019-7306.json index 3c8b128d517..5e274b91433 100644 --- a/2019/7xxx/CVE-2019-7306.json +++ b/2019/7xxx/CVE-2019-7306.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7306", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7306", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7506.json b/2019/7xxx/CVE-2019-7506.json index effa5ecd117..bae2dbc6c35 100644 --- a/2019/7xxx/CVE-2019-7506.json +++ b/2019/7xxx/CVE-2019-7506.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7506", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7506", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7876.json b/2019/7xxx/CVE-2019-7876.json index a8195567bcb..0a86231d943 100644 --- a/2019/7xxx/CVE-2019-7876.json +++ b/2019/7xxx/CVE-2019-7876.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7876", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7876", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file