admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:36:17 +00:00
parent 9fa46a6ff1
commit a3c870b300
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 4284 additions and 4284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
2001/0xxx/CVE-2001-0277.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0277", "ID": "CVE-2001-0277",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010217 BadBlue Web Server Ext.dll Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=98263019502565&w=2" "lang": "eng",
}, "value": "Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request."
{ }
"name" : "2392", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/2392" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2392"
},
{
"name": "20010217 BadBlue Web Server Ext.dll Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98263019502565&w=2"
}
]
}
}

120
2001/0xxx/CVE-2001-0285.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0285", "ID": "CVE-2001-0285",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010226 A1 Server v1.0a HTTPd (DoS & Dir Traversal)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0457.html" "lang": "eng",
} "value": "Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010226 A1 Server v1.0a HTTPd (DoS & Dir Traversal)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0457.html"
}
]
}
}

130
2001/0xxx/CVE-2001-0714.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0714", "ID": "CVE-2001-0714",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20011001 Multiple Local Sendmail Vulnerabilities", "description_data": [
"refsource" : "BINDVIEW", {
"url" : "http://razor.bindview.com/publish/advisories/adv_sm812.html" "lang": "eng",
}, "value": "Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option."
{ }
"name" : "20011101-01-I", ]
"refsource" : "SGI", },
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20011101-01-I" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20011101-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011101-01-I"
},
{
"name": "20011001 Multiple Local Sendmail Vulnerabilities",
"refsource": "BINDVIEW",
"url": "http://razor.bindview.com/publish/advisories/adv_sm812.html"
}
]
}
}

130
2001/1xxx/CVE-2001-1292.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1292", "ID": "CVE-2001-1292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010813 Sambar Telnet Proxy/Server multiple vulnerablietis", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-08/0160.html" "lang": "eng",
}, "value": "Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password."
{ }
"name" : "sambar-telnet-bo(6973)", ]
"refsource" : "XF", },
"url" : "http://www.iss.net/security_center/static/6973.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sambar-telnet-bo(6973)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/6973.php"
},
{
"name": "20010813 Sambar Telnet Proxy/Server multiple vulnerablietis",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0160.html"
}
]
}
}

140
2001/1xxx/CVE-2001-1462.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1462", "ID": "CVE-2001-1462",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#609840", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/609840" "lang": "eng",
}, "value": "WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information."
{ }
"name" : "3462", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/3462" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "securid-webid-debug-mode(7399)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7399" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#609840",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/609840"
},
{
"name": "securid-webid-debug-mode(7399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7399"
},
{
"name": "3462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3462"
}
]
}
}

140
2001/1xxx/CVE-2001-1513.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1513", "ID": "CVE-2001-1513",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=22260&Method=Full", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=22260&Method=Full" "lang": "eng",
}, "value": "Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx."
{ }
"name" : "3600", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/3600" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "allaire-jrun-sessionid-duplicated(7680)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7680.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.macromedia.com/v1/handlers/index.cfm?ID=22260&Method=Full",
"refsource": "CONFIRM",
"url": "http://www.macromedia.com/v1/handlers/index.cfm?ID=22260&Method=Full"
},
{
"name": "allaire-jrun-sessionid-duplicated(7680)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7680.php"
},
{
"name": "3600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3600"
}
]
}
}

200
2006/2xxx/CVE-2006-2194.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2006-2194", "ID": "CVE-2006-2194",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-1106", "description_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1106" "lang": "eng",
}, "value": "The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges."
{ }
"name" : "MDKSA-2006:119", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:119" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "USN-310-1", "description": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-310-1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18849", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/18849" ]
}, },
{ "references": {
"name" : "26994", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26994" "name": "MDKSA-2006:119",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:119"
"name" : "20963", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20963" "name": "26994",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/26994"
"name" : "20967", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20967" "name": "DSA-1106",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1106"
"name" : "20996", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20996" "name": "20963",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20963"
"name" : "20987", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20987" "name": "20987",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/20987"
} },
} {
"name": "20996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20996"
},
{
"name": "20967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20967"
},
{
"name": "18849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18849"
},
{
"name": "USN-310-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-310-1"
}
]
}
}

190
2006/2xxx/CVE-2006-2476.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2476", "ID": "CVE-2006-2476",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bitrix Site Manager 4.1.x stores updater.log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060518 Multiple Vulns in Bitrix CMS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/434367/100/0/threaded" "lang": "eng",
}, "value": "Bitrix Site Manager 4.1.x stores updater.log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information."
{ }
"name" : "20060518 Multiple Vulns in Bitrix CMS", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0443.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1858", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1858" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25624", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/25624" ]
}, },
{ "references": {
"name" : "1016121", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016121" "name": "ADV-2006-1858",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1858"
"name" : "20143", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20143" "name": "bitrixcms-updaterlog-information-disclosure(26542)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26542"
"name" : "918", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/918" "name": "20143",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20143"
"name" : "bitrixcms-updaterlog-information-disclosure(26542)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26542" "name": "20060518 Multiple Vulns in Bitrix CMS",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/434367/100/0/threaded"
} },
} {
"name": "1016121",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016121"
},
{
"name": "25624",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25624"
},
{
"name": "918",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/918"
},
{
"name": "20060518 Multiple Vulns in Bitrix CMS",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0443.html"
}
]
}
}

170
2006/2xxx/CVE-2006-2512.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2512", "ID": "CVE-2006-2512",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Hitachi EUR Professional Edition, EUR Viewer, EUR Print Service, and EUR Print Service for ILF allows remote authenticated users to execute arbitrary SQL commands via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-010_e/index-e.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-010_e/index-e.html" "lang": "eng",
}, "value": "SQL injection vulnerability in Hitachi EUR Professional Edition, EUR Viewer, EUR Print Service, and EUR Print Service for ILF allows remote authenticated users to execute arbitrary SQL commands via unknown attack vectors."
{ }
"name" : "18015", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18015" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1841", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1841" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25558", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/25558" ]
}, },
{ "references": {
"name" : "20106", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20106" "name": "25558",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/25558"
"name" : "hitachi-eur-unspecified-sql-injection(26483)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26483" "name": "20106",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/20106"
} },
} {
"name": "hitachi-eur-unspecified-sql-injection(26483)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26483"
},
{
"name": "18015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18015"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-010_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-010_e/index-e.html"
},
{
"name": "ADV-2006-1841",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1841"
}
]
}
}

690
2006/6xxx/CVE-2006-6497.json
View File

@ -1,347 +1,347 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-6497", "ID": "CVE-2006-6497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070102 rPSA-2006-0234-2 firefox thunderbird", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455728/100/200/threaded" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors."
{ }
"name" : "20061222 rPSA-2006-0234-1 firefox", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/455145/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.rpath.com/browse/RPL-883", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.rpath.com/browse/RPL-883" ]
}, },
{ "references": {
"name" : "DSA-1253", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1253" "name": "VU#606260",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/606260"
"name" : "DSA-1258", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1258" "name": "21668",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21668"
"name" : "DSA-1265", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1265" "name": "23433",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23433"
"name" : "FEDORA-2006-1491", },
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/cms/node/2297" "name": "102885",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102885-1"
"name" : "FEDORA-2007-004", },
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/cms/node/2338" "name": "MDKSA-2007:010",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:010"
"name" : "GLSA-200701-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200701-02.xml" "name": "24948",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24948"
"name" : "GLSA-200701-03", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml" "name": "23439",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23439"
"name" : "GLSA-200701-04", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml" "name": "23672",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23672"
"name" : "HPSBUX02153", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" "name": "ADV-2006-5068",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/5068"
"name" : "SSRT061181", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" "name": "23468",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23468"
"name" : "MDKSA-2007:010", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:010" "name": "oval:org.mitre.oval:def:11691",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11691"
"name" : "MDKSA-2007:011", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:011" "name": "23598",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23598"
"name" : "RHSA-2006:0758", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0758.html" "name": "RHSA-2006:0758",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0758.html"
"name" : "RHSA-2006:0759", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0759.html" "name": "1017398",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017398"
"name" : "RHSA-2006:0760", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0760.html" "name": "DSA-1265",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1265"
"name" : "20061202-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc" "name": "24078",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24078"
"name" : "102885", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102885-1" "name": "23692",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23692"
"name" : "SUSE-SA:2006:080", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html" "name": "USN-398-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-398-2"
"name" : "SUSE-SA:2007:006", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html" "name": "GLSA-200701-04",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml"
"name" : "USN-398-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-398-1" "name": "23282",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23282"
"name" : "USN-398-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-398-2" "name": "24390",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24390"
"name" : "USN-400-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-400-1" "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html"
"name" : "TA06-354A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-354A.html" "name": "FEDORA-2006-1491",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/cms/node/2297"
"name" : "VU#606260", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/606260" "name": "23422",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23422"
"name" : "VU#427972", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/427972" "name": "HPSBUX02153",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name" : "21668", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21668" "name": "23591",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23591"
"name" : "oval:org.mitre.oval:def:11691", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11691" "name": "1017405",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017405"
"name" : "ADV-2006-5068", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5068" "name": "23614",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23614"
"name" : "ADV-2007-1463", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1463" "name": "1017406",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017406"
"name" : "ADV-2008-0083", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0083" "name": "RHSA-2006:0759",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0759.html"
"name" : "1017398", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017398" "name": "USN-398-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-398-1"
"name" : "1017405", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017405" "name": "ADV-2008-0083",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0083"
"name" : "1017406", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017406" "name": "FEDORA-2007-004",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/cms/node/2338"
"name" : "23433", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23433" "name": "23420",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23420"
"name" : "23439", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23439" "name": "20061202-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"
"name" : "23440", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23440" "name": "23440",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23440"
"name" : "23282", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23282" "name": "SUSE-SA:2006:080",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"
"name" : "23420", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23420" "name": "20061222 rPSA-2006-0234-1 firefox",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455145/100/0/threaded"
"name" : "23422", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23422" "name": "VU#427972",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/427972"
"name" : "23468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23468" "name": "23545",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23545"
"name" : "23514", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23514" "name": "23618",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23618"
"name" : "23589", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23589" "name": "GLSA-200701-03",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml"
"name" : "23601", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23601" "name": "TA06-354A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"
"name" : "23545", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23545" "name": "23589",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23589"
"name" : "23591", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23591" "name": "DSA-1253",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1253"
"name" : "23598", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23598" "name": "DSA-1258",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1258"
"name" : "23614", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23614" "name": "SSRT061181",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name" : "23618", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23618" "name": "https://issues.rpath.com/browse/RPL-883",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-883"
"name" : "23692", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23692" "name": "20070102 rPSA-2006-0234-2 firefox thunderbird",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455728/100/200/threaded"
"name" : "23672", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23672" "name": "SUSE-SA:2007:006",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"
"name" : "23988", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23988" "name": "23601",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23601"
"name" : "24078", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24078" "name": "23988",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23988"
"name" : "24390", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24390" "name": "MDKSA-2007:011",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:011"
"name" : "24948", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24948" "name": "ADV-2007-1463",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1463"
} },
} {
"name": "23514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23514"
},
{
"name": "GLSA-200701-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-02.xml"
},
{
"name": "RHSA-2006:0760",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0760.html"
},
{
"name": "USN-400-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-400-1"
}
]
}
}

250
2006/6xxx/CVE-2006-6899.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6899", "ID": "CVE-2006-6899",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455889/100/0/threaded" "lang": "eng",
}, "value": "hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack."
{ }
"name" : "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf", ]
"refsource" : "MISC", },
"url" : "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://mulliner.org/bluetooth/hidattack.php", "description": [
"refsource" : "MISC", {
"url" : "http://mulliner.org/bluetooth/hidattack.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDKSA-2007:014", ]
"refsource" : "MANDRIVA", }
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:014" ]
}, },
{ "references": {
"name" : "RHSA-2007:0065", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0065.html" "name": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf",
}, "refsource": "MISC",
{ "url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
"name" : "USN-413-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-413-1" "name": "32830",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32830"
"name" : "22076", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22076" "name": "RHSA-2007:0065",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0065.html"
"name" : "oval:org.mitre.oval:def:10208", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10208" "name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
"name" : "ADV-2007-0200", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0200" "name": "ADV-2007-0200",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0200"
"name" : "32830", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32830" "name": "23798",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23798"
"name" : "23798", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23798" "name": "22076",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22076"
"name" : "23747", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23747" "name": "oval:org.mitre.oval:def:10208",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10208"
"name" : "23879", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23879" "name": "http://mulliner.org/bluetooth/hidattack.php",
}, "refsource": "MISC",
{ "url": "http://mulliner.org/bluetooth/hidattack.php"
"name" : "25264", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25264" "name": "23879",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/23879"
} },
} {
"name": "USN-413-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-413-1"
},
{
"name": "MDKSA-2007:014",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:014"
},
{
"name": "25264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25264"
},
{
"name": "23747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23747"
}
]
}
}

130
2006/6xxx/CVE-2006-6956.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6956", "ID": "CVE-2006-6956",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060608 Ie opera dos exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-06/0085.html" "lang": "eng",
}, "value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723."
{ }
"name" : "firefox-marquee-dos(26898)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26898" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "firefox-marquee-dos(26898)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26898"
},
{
"name": "20060608 Ie opera dos exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-06/0085.html"
}
]
}
}

150
2006/7xxx/CVE-2006-7020.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7020", "ID": "CVE-2006-7020",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpwcms.de/forum/viewtopic.php?t=10958", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phpwcms.de/forum/viewtopic.php?t=10958" "lang": "eng",
}, "value": "CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER)."
{ }
"name" : "ADV-2006-1556", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/1556" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19866", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19866" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpwcms-referer-security-bypass(26130)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26130" ]
} },
] "references": {
} "reference_data": [
} {
"name": "19866",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19866"
},
{
"name": "http://www.phpwcms.de/forum/viewtopic.php?t=10958",
"refsource": "CONFIRM",
"url": "http://www.phpwcms.de/forum/viewtopic.php?t=10958"
},
{
"name": "phpwcms-referer-security-bypass(26130)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26130"
},
{
"name": "ADV-2006-1556",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1556"
}
]
}
}

160
2011/0xxx/CVE-2011-0646.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0646", "ID": "CVE-2011-0646",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "16020", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/16020" "lang": "eng",
}, "value": "SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter."
{ }
"name" : "45941", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/45941" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "70594", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/70594" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43008", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/43008" ]
}, },
{ "references": {
"name" : "phplowbids-viewfaqs-sql-injection(64829)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64829" "name": "16020",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/16020"
} },
} {
"name": "70594",
"refsource": "OSVDB",
"url": "http://osvdb.org/70594"
},
{
"name": "45941",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45941"
},
{
"name": "43008",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43008"
},
{
"name": "phplowbids-viewfaqs-sql-injection(64829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64829"
}
]
}
}

34
2011/0xxx/CVE-2011-0743.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0743", "ID": "CVE-2011-0743",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2011/2xxx/CVE-2011-2047.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2047", "ID": "CVE-2011-2047",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2011/2xxx/CVE-2011-2050.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2050", "ID": "CVE-2011-2050",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2011/2xxx/CVE-2011-2120.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-2120", "ID": "CVE-2011-2120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-17.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-17.html" "lang": "eng",
}, "value": "Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "TA11-166A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-166A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
},
{
"name": "TA11-166A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
}
]
}
}

34
2011/2xxx/CVE-2011-2582.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2582", "ID": "CVE-2011-2582",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2011/2xxx/CVE-2011-2935.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2935", "ID": "CVE-2011-2935",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2011/3xxx/CVE-2011-3008.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3008", "ID": "CVE-2011-3008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote attackers to obtain sensitive information by leveraging administrative access to these domain names, as demonstrated by alarm and log information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/css/P8/documents/100140483", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100140483" "lang": "eng",
}, "value": "The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote attackers to obtain sensitive information by leveraging administrative access to these domain names, as demonstrated by alarm and log information."
{ }
"name" : "VU#690315", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/690315" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48942", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48942" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "avaya-sal-info-disclosure(68922)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68922" ]
} },
] "references": {
} "reference_data": [
} {
"name": "avaya-sal-info-disclosure(68922)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68922"
},
{
"name": "http://support.avaya.com/css/P8/documents/100140483",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100140483"
},
{
"name": "48942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48942"
},
{
"name": "VU#690315",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/690315"
}
]
}
}

34
2011/3xxx/CVE-2011-3119.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-3119", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-3119",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }
} }

230
2011/3xxx/CVE-2011-3170.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3170", "ID": "CVE-2011-3170",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://cups.org/str.php?L3914", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://cups.org/str.php?L3914" "lang": "eng",
}, "value": "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=727800", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=727800" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2354", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2354" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201207-10", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-201207-10.xml" ]
}, },
{ "references": {
"name" : "MDVSA-2011:146", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146" "name": "USN-1207-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1207-1"
"name" : "MDVSA-2011:147", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=727800",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
"name" : "USN-1207-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1207-1" "name": "DSA-2354",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2354"
"name" : "49323", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/49323" "name": "46024",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46024"
"name" : "1025980", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025980" "name": "1025980",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1025980"
"name" : "45796", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45796" "name": "GLSA-201207-10",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
"name" : "46024", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46024" "name": "MDVSA-2011:146",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
"name" : "cups-gifreadlzw-function-bo(69380)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380" "name": "45796",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/45796"
} },
} {
"name": "cups-gifreadlzw-function-bo(69380)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380"
},
{
"name": "MDVSA-2011:147",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147"
},
{
"name": "49323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49323"
},
{
"name": "http://cups.org/str.php?L3914",
"refsource": "CONFIRM",
"url": "http://cups.org/str.php?L3914"
}
]
}
}

120
2011/3xxx/CVE-2011-3690.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3690", "ID": "CVE-2011-3690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html" "lang": "eng",
} "value": "Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html",
"refsource": "MISC",
"url": "http://www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html"
}
]
}
}

192
2011/4xxx/CVE-2011-4190.json
View File

@ -1,98 +1,98 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@suse.de", "ASSIGNER": "security@suse.com",
"DATE_PUBLIC" : "2011-12-13", "DATE_PUBLIC": "2011-12-13",
"ID" : "CVE-2011-4190", "ID": "CVE-2011-4190",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Missing verification of host key for kdump server" "TITLE": "Missing verification of host key for kdump server"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "kdump", "product_name": "kdump",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2012-01-20" "version_value": "2012-01-20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SUSE" "vendor_name": "SUSE"
} }
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "Kevan Carstensen"
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files)."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.9,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-306"
}
] ]
} }
] },
}, "credit": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "Kevan Carstensen"
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=722440", }
"refsource" : "CONFIRM", ],
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=722440" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "https://www.suse.com/security/cve/CVE-2011-4190/", "description": {
"refsource" : "CONFIRM", "description_data": [
"url" : "https://www.suse.com/security/cve/CVE-2011-4190/" {
} "lang": "eng",
] "value": "The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files)."
}, }
"source" : { ]
"defect" : [ },
"722440" "impact": {
], "cvss": {
"discovery" : "UNKNOWN" "attackComplexity": "HIGH",
} "attackVector": "NETWORK",
} "availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.suse.com/security/cve/CVE-2011-4190/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2011-4190/"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=722440",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=722440"
}
]
},
"source": {
"defect": [
"722440"
],
"discovery": "UNKNOWN"
}
}

34
2011/4xxx/CVE-2011-4454.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4454", "ID": "CVE-2011-4454",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2011/4xxx/CVE-2011-4526.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2011-4526", "ID": "CVE-2011-4526",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf" "lang": "eng",
}, "value": "Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters."
{ }
"name" : "52051", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/52051" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf"
},
{
"name": "52051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52051"
}
]
}
}

150
2011/4xxx/CVE-2011-4682.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4682", "ID": "CVE-2011-4682",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opera.com/docs/changelogs/mac/1160/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/mac/1160/" "lang": "eng",
}, "value": "The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites."
{ }
"name" : "http://www.opera.com/docs/changelogs/unix/1160/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.opera.com/docs/changelogs/unix/1160/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.opera.com/docs/changelogs/windows/1160/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/windows/1160/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.opera.com/support/kb/view/1005/", ]
"refsource" : "CONFIRM", }
"url" : "http://www.opera.com/support/kb/view/1005/" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.opera.com/docs/changelogs/mac/1160/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1160/"
},
{
"name": "http://www.opera.com/support/kb/view/1005/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/1005/"
},
{
"name": "http://www.opera.com/docs/changelogs/windows/1160/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1160/"
},
{
"name": "http://www.opera.com/docs/changelogs/unix/1160/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1160/"
}
]
}
}

120
2011/4xxx/CVE-2011-4867.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4867", "ID": "CVE-2011-4867",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4867-vulnerability-in-QQPhoto.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4867-vulnerability-in-QQPhoto.html" "lang": "eng",
} "value": "The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a crafted application."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4867-vulnerability-in-QQPhoto.html",
"refsource": "MISC",
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4867-vulnerability-in-QQPhoto.html"
}
]
}
}

190
2013/0xxx/CVE-2013-0617.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2013-0617", "ID": "CVE-2013-0617",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb13-02.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb13-02.html" "lang": "eng",
}, "value": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621."
{ }
"name" : "GLSA-201308-03", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201308-03.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2013:0150", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0150.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2013:0044", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2013:0047", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html" "name": "SUSE-SU-2013:0044",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html"
"name" : "openSUSE-SU-2013:0138", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html" "name": "SUSE-SU-2013:0047",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html"
"name" : "openSUSE-SU-2013:0193", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html" "name": "openSUSE-SU-2013:0193",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html"
"name" : "oval:org.mitre.oval:def:16138", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16138" "name": "openSUSE-SU-2013:0138",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html"
} },
} {
"name": "oval:org.mitre.oval:def:16138",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16138"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb13-02.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb13-02.html"
},
{
"name": "RHSA-2013:0150",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0150.html"
},
{
"name": "GLSA-201308-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
}
]
}
}

190
2013/1xxx/CVE-2013-1010.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-1010", "ID": "CVE-2013-1010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5766", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5766" "lang": "eng",
}, "value": "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1."
{ }
"name" : "http://support.apple.com/kb/HT5785", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5785" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT5934", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5934" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2013-05-16-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2013-06-04-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html" "name": "http://support.apple.com/kb/HT5785",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5785"
"name" : "APPLE-SA-2013-09-18-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" "name": "54886",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/54886"
"name" : "oval:org.mitre.oval:def:17123", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17123" "name": "http://support.apple.com/kb/HT5934",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5934"
"name" : "54886", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54886" "name": "APPLE-SA-2013-06-04-2",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
} },
} {
"name": "http://support.apple.com/kb/HT5766",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5766"
},
{
"name": "oval:org.mitre.oval:def:17123",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17123"
},
{
"name": "APPLE-SA-2013-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
]
}
}

140
2013/1xxx/CVE-2013-1096.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1096", "ID": "CVE-2013-1096",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via a taskDetail taskId."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://download.novell.com/Download?buildid=dnDbmYe8PZc~", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://download.novell.com/Download?buildid=dnDbmYe8PZc~" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via a taskDetail taskId."
{ }
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=819115", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=819115" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1029532", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029532" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1029532",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029532"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=819115",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=819115"
},
{
"name": "http://download.novell.com/Download?buildid=dnDbmYe8PZc~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=dnDbmYe8PZc~"
}
]
}
}

160
2013/1xxx/CVE-2013-1470.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1470", "ID": "CVE-2013-1470",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HTML via the calendar_type parameter to submit.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130227 Cross-Site Scripting (XSS) in Geeklog", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-02/0154.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HTML via the calendar_type parameter to submit.php."
{ }
"name" : "http://packetstormsecurity.com/files/120593/Geeklog-1.8.2-Cross-Site-Scripting.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/120593/Geeklog-1.8.2-Cross-Site-Scripting.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.htbridge.com/advisory/HTB23143", "description": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23143" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.geeklog.net/article.php/geeklog-1.8.2sr1", ]
"refsource" : "CONFIRM", }
"url" : "https://www.geeklog.net/article.php/geeklog-1.8.2sr1" ]
}, },
{ "references": {
"name" : "geeklog-calendartype-xss(82326)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/82326" "name": "geeklog-calendartype-xss(82326)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82326"
} },
} {
"name": "20130227 Cross-Site Scripting (XSS) in Geeklog",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0154.html"
},
{
"name": "http://packetstormsecurity.com/files/120593/Geeklog-1.8.2-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/120593/Geeklog-1.8.2-Cross-Site-Scripting.html"
},
{
"name": "https://www.htbridge.com/advisory/HTB23143",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23143"
},
{
"name": "https://www.geeklog.net/article.php/geeklog-1.8.2sr1",
"refsource": "CONFIRM",
"url": "https://www.geeklog.net/article.php/geeklog-1.8.2sr1"
}
]
}
}

140
2013/1xxx/CVE-2013-1672.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2013-1672", "ID": "CVE-2013-1672",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html" "lang": "eng",
}, "value": "The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=850492", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=850492" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:16915", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:16915",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492"
}
]
}
}

34
2013/1xxx/CVE-2013-1746.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1746", "ID": "CVE-2013-1746",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2013/1xxx/CVE-2013-1764.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1764", "ID": "CVE-2013-1764",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the \"install updates\" method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130225 Re: CVE Request: PackageKit\"update\" allows downgrade of packages when using the \"zypp\" backend", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/02/25/20" "lang": "eng",
}, "value": "The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the \"install updates\" method."
{ }
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=61231", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=61231" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=804983", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=804983" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425", ]
"refsource" : "CONFIRM", }
"url" : "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425" ]
}, },
{ "references": {
"name" : "https://gitorious.org/packagekit/packagekit/source/NEWS", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://gitorious.org/packagekit/packagekit/source/NEWS" "name": "[oss-security] 20130225 Re: CVE Request: PackageKit\"update\" allows downgrade of packages when using the \"zypp\" backend",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2013/02/25/20"
"name" : "openSUSE-SU-2013:0889", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html" "name": "https://gitorious.org/packagekit/packagekit/source/NEWS",
} "refsource": "CONFIRM",
] "url": "https://gitorious.org/packagekit/packagekit/source/NEWS"
} },
} {
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=61231",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=61231"
},
{
"name": "openSUSE-SU-2013:0889",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=804983",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=804983"
},
{
"name": "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425",
"refsource": "CONFIRM",
"url": "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425"
}
]
}
}

130
2013/5xxx/CVE-2013-5178.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-5178", "ID": "CVE-2013-5178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6150", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6150" "lang": "eng",
}, "value": "LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence."
{ }
"name" : "APPLE-SA-2013-10-22-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2013-10-22-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html"
},
{
"name": "http://support.apple.com/kb/HT6150",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6150"
}
]
}
}

34
2013/5xxx/CVE-2013-5335.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-5335", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-5335",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }
} }

120
2013/5xxx/CVE-2013-5472.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-5472", "ID": "CVE-2013-5472",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130925 Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp" "lang": "eng",
} "value": "The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130925 Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp"
}
]
}
}

360
2013/5xxx/CVE-2013-5804.json
View File

@ -1,182 +1,182 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5804", "ID": "CVE-2013-5804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc."
{ }
"name" : "http://support.apple.com/kb/HT5982", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5982" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1019131", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1019131" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
"name" : "APPLE-SA-2013-10-15-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html" "name": "63149",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/63149"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "RHSA-2014:0414",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2014:0414"
"name" : "HPSBUX02943", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=138674031212883&w=2" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "HPSBUX02944", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=138674073720143&w=2" "name": "RHSA-2013:1447",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
"name" : "RHSA-2013:1440", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1440.html" "name": "RHSA-2013:1440",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
"name" : "RHSA-2013:1447", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1447.html" "name": "USN-2033-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2033-1"
"name" : "RHSA-2013:1451", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1451.html" "name": "USN-2089-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2089-1"
"name" : "RHSA-2013:1505", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1505.html" "name": "RHSA-2013:1508",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
"name" : "RHSA-2013:1507", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1507.html" "name": "SUSE-SU-2013:1677",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
"name" : "RHSA-2013:1508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1508.html" "name": "HPSBUX02944",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
"name" : "RHSA-2013:1509", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1509.html" "name": "RHSA-2013:1505",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
"name" : "RHSA-2013:1793", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1793.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
"name" : "RHSA-2014:0414", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "name": "HPSBUX02943",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=138674031212883&w=2"
"name" : "SUSE-SU-2013:1666", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html" "name": "openSUSE-SU-2013:1663",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
"name" : "SUSE-SU-2013:1677", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html" "name": "SUSE-SU-2013:1666",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
"name" : "openSUSE-SU-2013:1663", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html" "name": "RHSA-2013:1793",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
"name" : "USN-2033-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2033-1" "name": "RHSA-2013:1509",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
"name" : "USN-2089-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2089-1" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
"name" : "63149", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/63149" "name": "APPLE-SA-2013-10-15-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
"name" : "oval:org.mitre.oval:def:19188", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188" "name": "RHSA-2013:1507",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
} },
} {
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"name": "oval:org.mitre.oval:def:19188",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188"
}
]
}
}

170
2013/5xxx/CVE-2013-5874.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5874", "ID": "CVE-2013-5874",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging."
{ }
"name" : "64758", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/64758" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "64833", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64833" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "102091", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/102091" ]
}, },
{ "references": {
"name" : "1029619", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029619" "name": "102091",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/102091"
"name" : "56471", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56471" "name": "1029619",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1029619"
} },
} {
"name": "64833",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64833"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "56471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56471"
}
]
}
}

140
2014/2xxx/CVE-2014-2019.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2019", "ID": "CVE-2014-2019",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://news.softpedia.com/news/Major-iOS-7-Security-Flaw-Discovered-Video-425011.shtml", "description_data": [
"refsource" : "MISC", {
"url" : "http://news.softpedia.com/news/Major-iOS-7-Security-Flaw-Discovered-Video-425011.shtml" "lang": "eng",
}, "value": "The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value."
{ }
"name" : "http://www.youtube.com/watch?v=QnPk4RRWjic", ]
"refsource" : "MISC", },
"url" : "http://www.youtube.com/watch?v=QnPk4RRWjic" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT6162", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6162" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://news.softpedia.com/news/Major-iOS-7-Security-Flaw-Discovered-Video-425011.shtml",
"refsource": "MISC",
"url": "http://news.softpedia.com/news/Major-iOS-7-Security-Flaw-Discovered-Video-425011.shtml"
},
{
"name": "http://support.apple.com/kb/HT6162",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6162"
},
{
"name": "http://www.youtube.com/watch?v=QnPk4RRWjic",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=QnPk4RRWjic"
}
]
}
}

140
2014/2xxx/CVE-2014-2199.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-2199", "ID": "CVE-2014-2199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34252", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34252" "lang": "eng",
}, "value": "meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738."
{ }
"name" : "20140515 WebEx Meeting Information Disclosure Vulnerability in meetinginfo.do", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030251", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030251" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34252",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34252"
},
{
"name": "1030251",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030251"
},
{
"name": "20140515 WebEx Meeting Information Disclosure Vulnerability in meetinginfo.do",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199"
}
]
}
}

140
2014/6xxx/CVE-2014-6877.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6877", "ID": "CVE-2014-6877",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Santander Personal Banking (aka com.sovereign.santander) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Santander Personal Banking (aka com.sovereign.santander) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#315417", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/315417" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#315417",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/315417"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

142
2017/0xxx/CVE-2017-0293.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00", "DATE_PUBLIC": "2017-08-08T00:00:00",
"ID" : "CVE-2017-0293", "ID": "CVE-2017-0293",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Windows PDF", "product_name": "Microsoft Windows PDF",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016" "version_value": "Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka \"Windows PDF Remote Code Execution Vulnerability\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0293", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0293" "lang": "eng",
}, "value": "Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka \"Windows PDF Remote Code Execution Vulnerability\"."
{ }
"name" : "100039", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100039" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039092", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039092" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "100039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100039"
},
{
"name": "1039092",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039092"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0293",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0293"
}
]
}
}

146
2017/0xxx/CVE-2017-0516.json
View File

@ -1,75 +1,75 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0516", "ID": "CVE-2017-0516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32341680. References: QC-CR#1096301."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-03-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-03-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32341680. References: QC-CR#1096301."
{ }
"name" : "96802", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96802" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037968", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037968" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "96802",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96802"
},
{
"name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
}
]
}
}

168
2017/0xxx/CVE-2017-0549.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0549", "ID": "CVE-2017-0549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818508."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://android.googlesource.com/platform/external/libavc/+/37345554fea84afd446d6d8fbb87feea5a0dde3f", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://android.googlesource.com/platform/external/libavc/+/37345554fea84afd446d6d8fbb87feea5a0dde3f" "lang": "eng",
}, "value": "A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818508."
{ }
"name" : "https://source.android.com/security/bulletin/2017-04-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/2017-04-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "97336", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97336" "lang": "eng",
}, "value": "Denial of service"
{ }
"name" : "1038201", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1038201" ]
} },
] "references": {
} "reference_data": [
} {
"name": "97336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97336"
},
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "https://android.googlesource.com/platform/external/libavc/+/37345554fea84afd446d6d8fbb87feea5a0dde3f",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/libavc/+/37345554fea84afd446d6d8fbb87feea5a0dde3f"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
}
]
}
}

130
2017/0xxx/CVE-2017-0623.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0623", "ID": "CVE-2017-0623",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32512358."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-05-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-05-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32512358."
{ }
"name" : "98199", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98199" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98199"
}
]
}
}

124
2017/1000xxx/CVE-2017-1000185.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.407791", "DATE_ASSIGNED": "2017-08-22T17:29:33.407791",
"ID" : "CVE-2017-1000185", "ID": "CVE-2017-1000185",
"REQUESTER" : "vuln_reporter@srcms.xyz", "REQUESTER": "vuln_reporter@srcms.xyz",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "swftools", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "latest" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In SWFTools, a memcpy buffer overflow was found in gif2swf."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/matthiaskramm/swftools/issues/33", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/matthiaskramm/swftools/issues/33" "lang": "eng",
} "value": "In SWFTools, a memcpy buffer overflow was found in gif2swf."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/matthiaskramm/swftools/issues/33",
"refsource": "MISC",
"url": "https://github.com/matthiaskramm/swftools/issues/33"
}
]
}
}

144
2017/1000xxx/CVE-2017-1000417.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-12-29", "DATE_ASSIGNED": "2017-12-29",
"ID" : "CVE-2017-1000417", "ID": "CVE-2017-1000417",
"REQUESTER" : "schau@purdue.edu", "REQUESTER": "schau@purdue.edu",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MatrixSSL", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.7.2" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "MatrixSSL" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect X.509 certificate validation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md" "lang": "eng",
}, "value": "MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates."
{ }
"name" : "https://www.ieee-security.org/TC/SP2017/papers/231.pdf", ]
"refsource" : "MISC", },
"url" : "https://www.ieee-security.org/TC/SP2017/papers/231.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.youtube.com/watch?v=FW--c_F_cY8", "description": [
"refsource" : "MISC", {
"url" : "https://www.youtube.com/watch?v=FW--c_F_cY8" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.ieee-security.org/TC/SP2017/papers/231.pdf",
"refsource": "MISC",
"url": "https://www.ieee-security.org/TC/SP2017/papers/231.pdf"
},
{
"name": "https://www.youtube.com/watch?v=FW--c_F_cY8",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=FW--c_F_cY8"
},
{
"name": "https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md",
"refsource": "MISC",
"url": "https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md"
}
]
}
}

122
2017/16xxx/CVE-2017-16057.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2017-16057", "ID": "CVE-2017-16057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "nodemssql node module", "product_name": "nodemssql node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Embedded Malicious Code (CWE-506)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/484", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/484" "lang": "eng",
} "value": "nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Embedded Malicious Code (CWE-506)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/484",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/484"
}
]
}
}

34
2017/16xxx/CVE-2017-16312.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16312", "ID": "CVE-2017-16312",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2017/16xxx/CVE-2017-16528.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16528", "ID": "CVE-2017-16528",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57" "lang": "eng",
}, "value": "sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device."
{ }
"name" : "https://groups.google.com/d/msg/syzkaller/kuZzDHGkQu8/5du20rZEAAAJ", ]
"refsource" : "MISC", },
"url" : "https://groups.google.com/d/msg/syzkaller/kuZzDHGkQu8/5du20rZEAAAJ" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "USN-3619-1", "description": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3619-1/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-3619-2", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3619-2/" ]
} },
] "references": {
} "reference_data": [
} {
"name": "USN-3619-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-2/"
},
{
"name": "https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57"
},
{
"name": "https://groups.google.com/d/msg/syzkaller/kuZzDHGkQu8/5du20rZEAAAJ",
"refsource": "MISC",
"url": "https://groups.google.com/d/msg/syzkaller/kuZzDHGkQu8/5du20rZEAAAJ"
},
{
"name": "USN-3619-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-1/"
}
]
}
}

34
2017/16xxx/CVE-2017-16708.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16708", "ID": "CVE-2017-16708",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2017/16xxx/CVE-2017-16839.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16839", "ID": "CVE-2017-16839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://m4.rkw.io/blog/cve201716839-hashicorp-vagrantvmwarefusion-v504-local-root.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://m4.rkw.io/blog/cve201716839-hashicorp-vagrantvmwarefusion-v504-local-root.html" "lang": "eng",
} "value": "Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://m4.rkw.io/blog/cve201716839-hashicorp-vagrantvmwarefusion-v504-local-root.html",
"refsource": "MISC",
"url": "https://m4.rkw.io/blog/cve201716839-hashicorp-vagrantvmwarefusion-v504-local-root.html"
}
]
}
}

130
2017/1xxx/CVE-2017-1098.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1098", "ID": "CVE-2017-1098",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120658."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/120658", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/120658" "lang": "eng",
}, "value": "IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120658."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22005824", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22005824" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005824",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005824"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120658",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120658"
}
]
}
}

178
2017/1xxx/CVE-2017-1157.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-06-30T00:00:00", "DATE_PUBLIC": "2017-06-30T00:00:00",
"ID" : "CVE-2017-1157", "ID": "CVE-2017-1157",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jazz Reporting Service", "product_name": "Jazz Reporting Service",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/122778", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/122778" "lang": "eng",
}, "value": "IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22001007", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22001007" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "99353", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99353" "lang": "eng",
} "value": "Obtain Information"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/122778",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/122778"
},
{
"name": "99353",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99353"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22001007",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22001007"
}
]
}
}

144
2017/1xxx/CVE-2017-1227.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-05-09T00:00:00", "DATE_PUBLIC": "2017-05-09T00:00:00",
"ID" : "CVE-2017-1227", "ID": "CVE-2017-1227",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BigFix Platform", "product_name": "BigFix Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.1" "version_value": "9.1"
}, },
{ {
"version_value" : "9.2" "version_value": "9.2"
}, },
{ {
"version_value" : "9.5" "version_value": "9.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123906", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123906" "lang": "eng",
}, "value": "IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22003222", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22003222" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003222",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003222"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123906",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123906"
}
]
}
}

150
2017/1xxx/CVE-2017-1583.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1583", "ID": "CVE-2017-1583",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Liberty for Java for Bluemix", "product_name": "Liberty for Java for Bluemix",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : " 3.13" "version_value": " 3.13"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342" "lang": "eng",
}, "value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22009704", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22009704" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "101522", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101522" "lang": "eng",
}, "value": "Obtain Information"
{ }
"name" : "1039695", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1039695" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22009704",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009704"
},
{
"name": "101522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101522"
},
{
"name": "1039695",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039695"
}
]
}
}

34
2017/1xxx/CVE-2017-1642.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1642", "ID": "CVE-2017-1642",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1979.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1979", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1979",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4104.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4104", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4104",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4272.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4272", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4272",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4499.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4499", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4499",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4556.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4556", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4556",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }