- Synchronized data.

2025-06-07 21:47:16 +00:00 · 2018-12-13 09:24:16 -05:00 · 2018-12-13 09:24:16 -05:00 · a3ab2fc74d
commit a3ab2fc74d
parent 981d525f34
3 changed files with 10 additions and 6 deletions
--- a/2018/7xxx/CVE-2018-7690.json
+++ b/2018/7xxx/CVE-2018-7690.json
@ -42,7 +42,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access\n"
+            "value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access"
         }
      ]
   },
@ -83,7 +83,8 @@
   "references" : {
      "reference_data" : [
         {
-            "refsource" : "CONFIRM",
+            "name" : "https://softwaresupport.softwaregrp.com/doc/KM03298201",
+            "refsource" : "MISC",
            "url" : "https://softwaresupport.softwaregrp.com/doc/KM03298201"
         }
      ]
--- a/2018/7xxx/CVE-2018-7691.json
+++ b/2018/7xxx/CVE-2018-7691.json
@ -42,7 +42,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access\n"
+            "value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access"
         }
      ]
   },
@ -83,7 +83,8 @@
   "references" : {
      "reference_data" : [
         {
-            "refsource" : "CONFIRM",
+            "name" : "https://softwaresupport.softwaregrp.com/doc/KM03298201",
+            "refsource" : "MISC",
            "url" : "https://softwaresupport.softwaregrp.com/doc/KM03298201"
         }
      ]
--- a/2018/8xxx/CVE-2018-8033.json
+++ b/2018/8xxx/CVE-2018-8033.json
@ -34,7 +34,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "The OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host."
+            "value" : "In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host."
         }
      ]
   },
@ -53,7 +53,9 @@
   "references" : {
      "reference_data" : [
         {
-            "url" : "http://ofbiz.apache.org/download.html#vulnerabilities"
+            "name" : "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine",
+            "refsource" : "MLIST",
+            "url" : "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E"
         }
      ]
   }