admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:47:30 +00:00
parent 4aac9212d0
commit a7a2d4d036
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 4195 additions and 4195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
2006/0xxx/CVE-2006-0166.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0166", "ID": "CVE-2006-0166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html" "lang": "eng",
}, "value": "Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products."
{ }
"name" : "ADV-2006-0143", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/0143" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1015462", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015462" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18402", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18402" ]
}, },
{ "references": {
"name" : "systemworks-nprotect-hidden(24061)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24061" "name": "ADV-2006-0143",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/0143"
} },
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html"
},
{
"name": "systemworks-nprotect-hidden(24061)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24061"
},
{
"name": "18402",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18402"
},
{
"name": "1015462",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015462"
}
]
}
} }

178
2006/0xxx/CVE-2006-0437.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0437", "ID": "CVE-2006-0437",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as \"onmouseover\" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check for \"<\" and \">\" characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060203 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041920.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as \"onmouseover\" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check for \"<\" and \">\" characters."
{ }
"name" : "20060203 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin", ]
"refsource" : "SREASONRES", },
"url" : "http://securityreason.com/achievement_securityalert/31" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0445", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0445" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22928", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/22928" ]
}, },
{ "references": {
"name" : "18693", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18693" "name": "ADV-2006-0445",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0445"
"name" : "406", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/406" "name": "18693",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18693"
"name" : "phpbb-referer-header-http-xss(24497)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24497" "name": "20060203 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin",
} "refsource": "FULLDISC",
] "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041920.html"
} },
{
"name": "20060203 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/31"
},
{
"name": "phpbb-referer-header-http-xss(24497)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24497"
},
{
"name": "22928",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22928"
},
{
"name": "406",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/406"
}
]
}
} }

168
2006/3xxx/CVE-2006-3384.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3384", "ID": "CVE-2006-3384",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) texte parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060629 News <= 5.2 XSS, SQL Injection, Full Path Disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/438859/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) texte parameters."
{ }
"name" : "http://www.acid-root.new.fr/advisories/news52.txt", ]
"refsource" : "MISC", },
"url" : "http://www.acid-root.new.fr/advisories/news52.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "18775", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18775" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-2642", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/2642" ]
}, },
{ "references": {
"name" : "20936", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20936" "name": "20060629 News <= 5.2 XSS, SQL Injection, Full Path Disclosure",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/438859/100/0/threaded"
"name" : "vlcnews-divers-sql-injection(27504)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27504" "name": "ADV-2006-2642",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/2642"
} },
{
"name": "20936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20936"
},
{
"name": "18775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18775"
},
{
"name": "vlcnews-divers-sql-injection(27504)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27504"
},
{
"name": "http://www.acid-root.new.fr/advisories/news52.txt",
"refsource": "MISC",
"url": "http://www.acid-root.new.fr/advisories/news52.txt"
}
]
}
} }

118
2006/3xxx/CVE-2006-3576.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3576", "ID": "CVE-2006-3576",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the Date parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18893", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18893" "lang": "eng",
} "value": "SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the Date parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18893",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18893"
}
]
}
} }

168
2006/3xxx/CVE-2006-3893.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2006-3893", "ID": "CVE-2006-3893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#210697", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/210697" "lang": "eng",
}, "value": "Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document."
{ }
"name" : "21375", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21375" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4794", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4794" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4795", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4795" ]
}, },
{ "references": {
"name" : "23286", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23286" "name": "ADV-2006-4795",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4795"
"name" : "imagekit-activex-bo(30680)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30680" "name": "21375",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/21375"
} },
{
"name": "imagekit-activex-bo(30680)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30680"
},
{
"name": "23286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23286"
},
{
"name": "ADV-2006-4794",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4794"
},
{
"name": "VU#210697",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/210697"
}
]
}
} }

32
2006/4xxx/CVE-2006-4176.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4176", "ID": "CVE-2006-4176",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2006/4xxx/CVE-2006-4230.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4230", "ID": "CVE-2006-4230",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in index.php in Lizge V.20 Web Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) lizge or (2) bade parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060815 Lizge V.20 Web Portal File Include Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/443309/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in index.php in Lizge V.20 Web Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) lizge or (2) bade parameters."
{ }
"name" : "19533", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19533" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1415", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1415" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "lizge-index-file-include(28389)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28389" ]
} },
] "references": {
} "reference_data": [
{
"name": "20060815 Lizge V.20 Web Portal File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443309/100/0/threaded"
},
{
"name": "1415",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1415"
},
{
"name": "19533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19533"
},
{
"name": "lizge-index-file-include(28389)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28389"
}
]
}
} }

168
2006/4xxx/CVE-2006-4753.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4753", "ID": "CVE-2006-4753",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060911 PHProg : Local File Inclusion + XSS + Full path", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=115796646100433&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
{ }
"name" : "http://www.pconfig.com/cdg393/adviso/PHProg.txt", ]
"refsource" : "MISC", },
"url" : "http://www.pconfig.com/cdg393/adviso/PHProg.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19957", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/19957" ]
}, },
{ "references": {
"name" : "21849", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21849" "name": "phprog-index-file-include(28847)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
"name" : "phprog-index-file-include(28847)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847" "name": "http://www.pconfig.com/cdg393/adviso/PHProg.txt",
} "refsource": "MISC",
] "url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
} },
{
"name": "19957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=115796646100433&w=2"
},
{
"name": "21849",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21849"
},
{
"name": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html",
"refsource": "CONFIRM",
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
]
}
} }

408
2006/4xxx/CVE-2006-4810.json
View File

@ -1,207 +1,207 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-4810", "ID": "CVE-2006-4810",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061127 rPSA-2006-0219-1 info install-info texinfo", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/452723/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file."
{ }
"name" : "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/464745/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://cvs.savannah.gnu.org/viewcvs/texinfo/texinfo/util/texindex.c?r1=1.16&r2=1.17", "description": [
"refsource" : "MISC", {
"url" : "http://cvs.savannah.gnu.org/viewcvs/texinfo/texinfo/util/texindex.c?r1=1.16&r2=1.17" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.rpath.com/browse/RPL-810", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.rpath.com/browse/RPL-810" ]
}, },
{ "references": {
"name" : "http://www.vmware.com/support/vi3/doc/esx-1121906-patch.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/vi3/doc/esx-1121906-patch.html" "name": "22725",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22725"
"name" : "http://www.vmware.com/support/vi3/doc/esx-2559638-patch.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/vi3/doc/esx-2559638-patch.html" "name": "MDKSA-2006:203",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:203"
"name" : "DSA-1219", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1219" "name": "RHSA-2006:0727",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0727.html"
"name" : "GLSA-200611-16", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200611-16.xml" "name": "22777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22777"
"name" : "MDKSA-2006:203", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:203" "name": "USN-379-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-379-1"
"name" : "OpenPKG-SA-2006.034", },
"refsource" : "OPENPKG", {
"url" : "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.034-texinfo.html" "name": "20959",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20959"
"name" : "RHSA-2006:0727", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0727.html" "name": "22995",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22995"
"name" : "20061101-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P" "name": "ADV-2006-4412",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4412"
"name" : "SUSE-SR:2006:028", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_28_sr.html" "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
"name" : "2006-0063", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2006/0063/" "name": "SUSE-SR:2006:028",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
"name" : "USN-379-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-379-1" "name": "23015",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23015"
"name" : "20959", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20959" "name": "ADV-2007-1267",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1267"
"name" : "oval:org.mitre.oval:def:10893", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10893" "name": "https://issues.rpath.com/browse/RPL-810",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-810"
"name" : "ADV-2006-4412", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4412" "name": "GLSA-200611-16",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200611-16.xml"
"name" : "ADV-2007-1267", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1267" "name": "23335",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23335"
"name" : "22725", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22725" "name": "23112",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23112"
"name" : "22777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22777" "name": "http://www.vmware.com/support/vi3/doc/esx-2559638-patch.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/vi3/doc/esx-2559638-patch.html"
"name" : "22798", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22798" "name": "2006-0063",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2006/0063/"
"name" : "22929", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22929" "name": "20061101-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
"name" : "22898", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22898" "name": "24788",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24788"
"name" : "22995", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22995" "name": "http://cvs.savannah.gnu.org/viewcvs/texinfo/texinfo/util/texindex.c?r1=1.16&r2=1.17",
}, "refsource": "MISC",
{ "url": "http://cvs.savannah.gnu.org/viewcvs/texinfo/texinfo/util/texindex.c?r1=1.16&r2=1.17"
"name" : "23015", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23015" "name": "20061127 rPSA-2006-0219-1 info install-info texinfo",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/452723/100/0/threaded"
"name" : "23112", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23112" "name": "22898",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22898"
"name" : "23335", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23335" "name": "22929",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22929"
"name" : "24788", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24788" "name": "oval:org.mitre.oval:def:10893",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10893"
"name" : "texinfo-texindex-bo(30158)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30158" "name": "texinfo-texindex-bo(30158)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30158"
} },
{
"name": "OpenPKG-SA-2006.034",
"refsource": "OPENPKG",
"url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.034-texinfo.html"
},
{
"name": "http://www.vmware.com/support/vi3/doc/esx-1121906-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vi3/doc/esx-1121906-patch.html"
},
{
"name": "22798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22798"
},
{
"name": "DSA-1219",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1219"
}
]
}
} }

32
2006/4xxx/CVE-2006-4854.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-4854", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2006-4854",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** Unspecified vulnerability in Microsoft Office 2000 (Chinese Edition) and Microsoft PowerPoint 2000 (Chinese Edition) allows user-assisted attackers to execute arbitrary code via a crafted PPT document, as exploited by malware such as Trojan.PPDropper.E. NOTE: on 20060919, Microsoft notified CVE that this is a duplicate of CVE-2006-0009." "value": "** REJECT ** Unspecified vulnerability in Microsoft Office 2000 (Chinese Edition) and Microsoft PowerPoint 2000 (Chinese Edition) allows user-assisted attackers to execute arbitrary code via a crafted PPT document, as exploited by malware such as Trojan.PPDropper.E. NOTE: on 20060919, Microsoft notified CVE that this is a duplicate of CVE-2006-0009."
} }
] ]
} }
} }

138
2006/6xxx/CVE-2006-6741.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6741", "ID": "CVE-2006-6741",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061219 MkPortal Urlobox Cross Site Request Forgery", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/454868/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag."
{ }
"name" : "ADV-2006-5115", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/5115" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23431", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23431" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "23431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23431"
},
{
"name": "ADV-2006-5115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5115"
},
{
"name": "20061219 MkPortal Urlobox Cross Site Request Forgery",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454868/100/0/threaded"
}
]
}
} }

138
2006/6xxx/CVE-2006-6785.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6785", "ID": "CVE-2006-6785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2981", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2981" "lang": "eng",
}, "value": "The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability."
{ }
"name" : "21775", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21775" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23476", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23476" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "2981",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2981"
},
{
"name": "23476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23476"
},
{
"name": "21775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21775"
}
]
}
} }

118
2006/7xxx/CVE-2006-7097.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7097", "ID": "CVE-2006-7097",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.taskfreak.com/versions.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.taskfreak.com/versions.html" "lang": "eng",
} "value": "Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have unknown impact and attack vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.taskfreak.com/versions.html",
"refsource": "CONFIRM",
"url": "http://www.taskfreak.com/versions.html"
}
]
}
} }

118
2010/2xxx/CVE-2010-2504.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2504", "ID": "CVE-2010-2504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.splunk.com/view/SP-CAAAFGD", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.splunk.com/view/SP-CAAAFGD" "lang": "eng",
} "value": "Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.splunk.com/view/SP-CAAAFGD",
"refsource": "CONFIRM",
"url": "http://www.splunk.com/view/SP-CAAAFGD"
}
]
}
} }

118
2010/2xxx/CVE-2010-2981.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2981", "ID": "CVE-2010-2981",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html" "lang": "eng",
} "value": "Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"
}
]
}
} }

32
2010/3xxx/CVE-2010-3123.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3123", "ID": "CVE-2010-3123",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2010/3xxx/CVE-2010-3918.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2010-3918", "ID": "CVE-2010-3918",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://fenrir-inc.blogspot.com/2010/11/vulnerability-regarding-allow-paste.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://fenrir-inc.blogspot.com/2010/11/vulnerability-regarding-allow-paste.html" "lang": "eng",
}, "value": "Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site."
{ }
"name" : "http://www.fenrir.co.jp/blog/2010/11/post_47.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.fenrir.co.jp/blog/2010/11/post_47.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#64764004", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN64764004/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JVNDB-2010-000057", ]
"refsource" : "JVNDB", }
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000057.html" ]
}, },
{ "references": {
"name" : "69604", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/69604" "name": "JVNDB-2010-000057",
}, "refsource": "JVNDB",
{ "url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000057.html"
"name" : "42427", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42427" "name": "69604",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/69604"
} },
{
"name": "42427",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42427"
},
{
"name": "http://fenrir-inc.blogspot.com/2010/11/vulnerability-regarding-allow-paste.html",
"refsource": "CONFIRM",
"url": "http://fenrir-inc.blogspot.com/2010/11/vulnerability-regarding-allow-paste.html"
},
{
"name": "JVN#64764004",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN64764004/index.html"
},
{
"name": "http://www.fenrir.co.jp/blog/2010/11/post_47.html",
"refsource": "CONFIRM",
"url": "http://www.fenrir.co.jp/blog/2010/11/post_47.html"
}
]
}
} }

198
2011/0xxx/CVE-2011-0025.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-0025", "ID": "CVE-2011-0025",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are \"partially signed\" or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=3bd328e4b515", "description_data": [
"refsource" : "MISC", {
"url" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=3bd328e4b515" "lang": "eng",
}, "value": "IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are \"partially signed\" or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source."
{ }
"name" : "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/", ]
"refsource" : "CONFIRM", },
"url" : "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2224", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2224" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201406-32", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" ]
}, },
{ "references": {
"name" : "MDVSA-2011:054", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054" "name": "46110",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/46110"
"name" : "USN-1055-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1055-1" "name": "USN-1055-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1055-1"
"name" : "46110", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46110" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "43135", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43135" "name": "icedtea-jar-security-bypass(65151)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65151"
"name" : "icedtea-jar-security-bypass(65151)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65151" "name": "DSA-2224",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2011/dsa-2224"
} },
{
"name": "43135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43135"
},
{
"name": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=3bd328e4b515",
"refsource": "MISC",
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=3bd328e4b515"
},
{
"name": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/"
},
{
"name": "MDVSA-2011:054",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
}
]
}
} }

148
2011/0xxx/CVE-2011-0391.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2011-0391", "ID": "CVE-2011-0391",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an \"ad hoc recording\" issue, aka Bug ID CSCtf97205."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml" "lang": "eng",
}, "value": "Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an \"ad hoc recording\" issue, aka Bug ID CSCtf97205."
{ }
"name" : "46522", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/46522" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1025114", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025114" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "telepresence-adhoc-dos(65607)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607" ]
} },
] "references": {
} "reference_data": [
{
"name": "telepresence-adhoc-dos(65607)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46522"
}
]
}
} }

178
2011/0xxx/CVE-2011-0497.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0497", "ID": "CVE-2011-0497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via \"../\\\" (dot dot forward-slash backslash) sequences in a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110110 Sybase EAServer Remote Directory Traversal Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=889" "lang": "eng",
}, "value": "Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via \"../\\\" (dot dot forward-slash backslash) sequences in a crafted request."
{ }
"name" : "http://www.sybase.com/detail?id=1091057", ]
"refsource" : "CONFIRM", },
"url" : "http://www.sybase.com/detail?id=1091057" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45809", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45809" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "70427", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/70427" ]
}, },
{ "references": {
"name" : "42904", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42904" "name": "easerver-unspec-file-include(64695)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64695"
"name" : "ADV-2011-0125", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0125" "name": "42904",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42904"
"name" : "easerver-unspec-file-include(64695)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64695" "name": "http://www.sybase.com/detail?id=1091057",
} "refsource": "CONFIRM",
] "url": "http://www.sybase.com/detail?id=1091057"
} },
{
"name": "45809",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45809"
},
{
"name": "70427",
"refsource": "OSVDB",
"url": "http://osvdb.org/70427"
},
{
"name": "20110110 Sybase EAServer Remote Directory Traversal Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=889"
},
{
"name": "ADV-2011-0125",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0125"
}
]
}
} }

32
2011/0xxx/CVE-2011-0632.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0632", "ID": "CVE-2011-0632",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2011/0xxx/CVE-2011-0877.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-0877", "ID": "CVE-2011-0877",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors."
{ }
"name" : "TA11-201A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA11-201A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
}
]
}
} }

288
2011/1xxx/CVE-2011-1143.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1143", "ID": "CVE-2011-1143",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018" "lang": "eng",
}, "value": "epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file."
{ }
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2011-2620", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html" ]
}, },
{ "references": {
"name" : "FEDORA-2011-2632", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157"
"name" : "FEDORA-2011-2648", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html" "name": "openSUSE-SU-2011:0347",
}, "refsource": "SUSE",
{ "url": "https://hermes.opensuse.org/messages/8086844"
"name" : "RHSA-2011:0370", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0370.html" "name": "43759",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43759"
"name" : "openSUSE-SU-2011:0347", },
"refsource" : "SUSE", {
"url" : "https://hermes.opensuse.org/messages/8086844" "name": "FEDORA-2011-2648",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html"
"name" : "VU#215900", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/215900" "name": "FEDORA-2011-2620",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html"
"name" : "46796", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46796" "name": "44169",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44169"
"name" : "oval:org.mitre.oval:def:16209", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209" "name": "ADV-2011-0626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0626"
"name" : "1025148", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025148" "name": "48947",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48947"
"name" : "43821", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43821" "name": "VU#215900",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/215900"
"name" : "44169", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44169" "name": "RHSA-2011:0370",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0370.html"
"name" : "43759", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43759" "name": "ADV-2011-0719",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0719"
"name" : "48947", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48947" "name": "oval:org.mitre.oval:def:16209",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209"
"name" : "ADV-2011-0719", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0719" "name": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html"
"name" : "ADV-2011-0626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0626" "name": "FEDORA-2011-2632",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html"
} },
{
"name": "46796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46796"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018"
},
{
"name": "1025148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025148"
},
{
"name": "43821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43821"
}
]
}
} }

148
2011/1xxx/CVE-2011-1307.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1307", "ID": "CVE-2011-1307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than CVE-2009-1173."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27014463", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27014463" "lang": "eng",
}, "value": "The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than CVE-2009-1173."
{ }
"name" : "PM20021", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM20021" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46736", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46736" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2011-0564", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2011/0564" ]
} },
] "references": {
} "reference_data": [
{
"name": "PM20021",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM20021"
},
{
"name": "46736",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46736"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463"
},
{
"name": "ADV-2011-0564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0564"
}
]
}
} }

138
2011/1xxx/CVE-2011-1594.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-1594", "ID": "CVE-2011-1594",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Spacewalk-announce-list] 20111222 Spacewalk 1.6 has been released", "description_data": [
"refsource" : "MLIST", {
"url" : "https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html" "lang": "eng",
}, "value": "Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=672167", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=672167" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2011:1299", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1299.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "[Spacewalk-announce-list] 20111222 Spacewalk 1.6 has been released",
"refsource": "MLIST",
"url": "https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html"
},
{
"name": "RHSA-2011:1299",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1299.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=672167",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=672167"
}
]
}
} }

178
2011/1xxx/CVE-2011-1861.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-1861", "ID": "CVE-2011-1861",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02674", "description_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130755929821099&w=2" "lang": "eng",
}, "value": "Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors."
{ }
"name" : "SSRT100487", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=130755929821099&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48168", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48168" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1025611", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1025611" ]
}, },
{ "references": {
"name" : "44836", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44836" "name": "hp-service-manager-unauth-access(67912)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67912"
"name" : "8273", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8273" "name": "44836",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44836"
"name" : "hp-service-manager-unauth-access(67912)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67912" "name": "8273",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/8273"
} },
{
"name": "1025611",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025611"
},
{
"name": "SSRT100487",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130755929821099&w=2"
},
{
"name": "HPSBMA02674",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130755929821099&w=2"
},
{
"name": "48168",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48168"
}
]
}
} }

32
2011/1xxx/CVE-2011-1930.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1930", "ID": "CVE-2011-1930",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2011/4xxx/CVE-2011-4774.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4774", "ID": "CVE-2011-4774",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2011/5xxx/CVE-2011-5160.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5160", "ID": "CVE-2011-5160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18274", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/18274" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter."
{ }
"name" : "openemr-setup-xss(71982)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71982" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18274",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18274"
},
{
"name": "openemr-setup-xss(71982)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71982"
}
]
}
} }

138
2011/5xxx/CVE-2011-5196.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5196", "ID": "CVE-2011-5196",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Journal Systems 2.3.6 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload PHP files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18266", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/18266" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Journal Systems 2.3.6 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload PHP files."
{ }
"name" : "77995", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/77995" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "47330", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47330" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "47330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47330"
},
{
"name": "77995",
"refsource": "OSVDB",
"url": "http://osvdb.org/77995"
},
{
"name": "18266",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18266"
}
]
}
} }

32
2014/2xxx/CVE-2014-2705.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2705", "ID": "CVE-2014-2705",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

298
2014/3xxx/CVE-2014-3185.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2014-3185", "ID": "CVE-2014-3185",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140911 Multiple Linux USB driver CVE assignment", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/09/11/21" "lang": "eng",
}, "value": "Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response."
{ }
"name" : "https://code.google.com/p/google-security-research/issues/detail?id=98", ]
"refsource" : "MISC", },
"url" : "https://code.google.com/p/google-security-research/issues/detail?id=98" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6817ae225cd650fb1c3295d769298c38b1eba818", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6817ae225cd650fb1c3295d769298c38b1eba818" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1141400", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1141400" "name": "USN-2377-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2377-1"
"name" : "https://github.com/torvalds/linux/commit/6817ae225cd650fb1c3295d769298c38b1eba818", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/6817ae225cd650fb1c3295d769298c38b1eba818" "name": "RHSA-2014:1318",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1318.html"
"name" : "RHSA-2014:1318", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1318.html" "name": "USN-2375-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2375-1"
"name" : "RHSA-2015:0284", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0284.html" "name": "https://github.com/torvalds/linux/commit/6817ae225cd650fb1c3295d769298c38b1eba818",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/6817ae225cd650fb1c3295d769298c38b1eba818"
"name" : "SUSE-SU-2015:0481", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html" "name": "SUSE-SU-2015:0652",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
"name" : "openSUSE-SU-2015:0566", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6817ae225cd650fb1c3295d769298c38b1eba818",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6817ae225cd650fb1c3295d769298c38b1eba818"
"name" : "SUSE-SU-2015:0652", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html" "name": "https://code.google.com/p/google-security-research/issues/detail?id=98",
}, "refsource": "MISC",
{ "url": "https://code.google.com/p/google-security-research/issues/detail?id=98"
"name" : "SUSE-SU-2015:0812", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2"
"name" : "USN-2374-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2374-1" "name": "SUSE-SU-2015:0481",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
"name" : "USN-2375-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2375-1" "name": "[oss-security] 20140911 Multiple Linux USB driver CVE assignment",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/09/11/21"
"name" : "USN-2376-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2376-1" "name": "USN-2378-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2378-1"
"name" : "USN-2377-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2377-1" "name": "openSUSE-SU-2015:0566",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"name" : "USN-2378-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2378-1" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141400",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141400"
"name" : "USN-2379-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2379-1" "name": "RHSA-2015:0284",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0284.html"
"name" : "69781", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69781" "name": "USN-2374-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2374-1"
} },
{
"name": "69781",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69781"
},
{
"name": "USN-2379-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2379-1"
},
{
"name": "USN-2376-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2376-1"
},
{
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
}
]
}
} }

118
2014/3xxx/CVE-2014-3391.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-3391", "ID": "CVE-2014-3391",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload because of an incorrect LD_LIBRARY_PATH value, aka Bug ID CSCtq52661."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141008 Multiple Vulnerabilities in Cisco ASA Software", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa" "lang": "eng",
} "value": "Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload because of an incorrect LD_LIBRARY_PATH value, aka Bug ID CSCtq52661."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141008 Multiple Vulnerabilities in Cisco ASA Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa"
}
]
}
} }

168
2014/3xxx/CVE-2014-3437.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@symantec.com",
"ID" : "CVE-2014-3437", "ID": "CVE-2014-3437",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141106 SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/533918/100/0/threaded" "lang": "eng",
}, "value": "The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
{ }
"name" : "20141106 SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Nov/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "70843", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/70843" ]
}, },
{ "references": {
"name" : "1031176", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031176" "name": "20141106 SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2014/Nov/7"
"name" : "symantec-endpoint-cve20143437-info-disc(98525)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98525" "name": "symantec-endpoint-cve20143437-info-disc(98525)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98525"
} },
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00"
},
{
"name": "70843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70843"
},
{
"name": "20141106 SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533918/100/0/threaded"
},
{
"name": "1031176",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031176"
}
]
}
} }

258
2014/3xxx/CVE-2014-3522.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3522", "ID": "CVE-2014-3522",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt" "lang": "eng",
}, "value": "The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
{ }
"name" : "https://support.apple.com/HT204427", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT204427" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-03-09-4", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html" ]
}, },
{ "references": {
"name" : "GLSA-201610-05", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-05" "name": "59432",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59432"
"name" : "openSUSE-SU-2014:1059", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html" "name": "USN-2316-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2316-1"
"name" : "USN-2316-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2316-1" "name": "https://support.apple.com/HT204427",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT204427"
"name" : "69237", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69237" "name": "109996",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/109996"
"name" : "109996", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/109996" "name": "APPLE-SA-2015-03-09-4",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html"
"name" : "60100", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60100" "name": "apache-subversion-cve20143522-spoofing(95311)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311"
"name" : "60722", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60722" "name": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt",
}, "refsource": "CONFIRM",
{ "url": "https://subversion.apache.org/security/CVE-2014-3522-advisory.txt"
"name" : "59432", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59432" "name": "60100",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60100"
"name" : "59584", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59584" "name": "60722",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60722"
"name" : "apache-subversion-cve20143528-info-disc(95090)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090" "name": "69237",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/69237"
"name" : "apache-subversion-cve20143522-spoofing(95311)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95311" "name": "openSUSE-SU-2014:1059",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html"
} },
{
"name": "GLSA-201610-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-05"
},
{
"name": "59584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59584"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "apache-subversion-cve20143528-info-disc(95090)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95090"
}
]
}
} }

128
2014/3xxx/CVE-2014-3904.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2014-3904", "ID": "CVE-2014-3904",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#48039501", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN48039501/index.html" "lang": "eng",
}, "value": "SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "JVNDB-2014-000095", ]
"refsource" : "JVNDB", },
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000095" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#48039501",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN48039501/index.html"
},
{
"name": "JVNDB-2014-000095",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000095"
}
]
}
} }

148
2014/6xxx/CVE-2014-6182.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-6182", "ID": "CVE-2014-6182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21692540", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21692540" "lang": "eng",
}, "value": "Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
{ }
"name" : "JR51234", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR51234" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031379", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031379" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ibm-bpm-cve20146182-traversal(98518)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98518" ]
} },
] "references": {
} "reference_data": [
{
"name": "1031379",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031379"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21692540",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21692540"
},
{
"name": "JR51234",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR51234"
},
{
"name": "ibm-bpm-cve20146182-traversal(98518)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98518"
}
]
}
} }

148
2014/6xxx/CVE-2014-6516.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-6516", "ID": "CVE-2014-6516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 8.98 allows local users to affect confidentiality, integrity, and availability via vectors related to Installation SEC."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 8.98 allows local users to affect confidentiality, integrity, and availability via vectors related to Installation SEC."
{ }
"name" : "70571", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/70571" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031047", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031047" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "61698", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/61698" ]
} },
] "references": {
} "reference_data": [
{
"name": "70571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70571"
},
{
"name": "1031047",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031047"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "61698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61698"
}
]
}
} }

138
2014/6xxx/CVE-2014-6724.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6724", "ID": "CVE-2014-6724",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Soap Making (aka com.tapatalk.soapmakingforumcom) application 3.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Soap Making (aka com.tapatalk.soapmakingforumcom) application 3.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#709657", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/709657" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#709657",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/709657"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

138
2014/6xxx/CVE-2014-6937.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6937", "ID": "CVE-2014-6937",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The China CITIC Bank Credit Card (aka com.citiccard.mobilebank) application 3.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The China CITIC Bank Credit Card (aka com.citiccard.mobilebank) application 3.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#907041", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/907041" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#907041",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/907041"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

32
2014/7xxx/CVE-2014-7257.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7257", "ID": "CVE-2014-7257",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2014/7xxx/CVE-2014-7725.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7725", "ID": "CVE-2014-7725",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#399017", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/399017" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#399017",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/399017"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

32
2014/7xxx/CVE-2014-7977.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7977", "ID": "CVE-2014-7977",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2014/7xxx/CVE-2014-7987.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7987", "ID": "CVE-2014-7987",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141029 Multiple vulnerabilities in EspoCRM", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/533844/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php."
{ }
"name" : "http://blog.espocrm.com/news/espocrm-2-6-0-released", ]
"refsource" : "MISC", },
"url" : "http://blog.espocrm.com/news/espocrm-2-6-0-released" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/128888/EspoCRM-2.5.2-XSS-LFI-Access-Control.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/128888/EspoCRM-2.5.2-XSS-LFI-Access-Control.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.htbridge.com/advisory/HTB23238", ]
"refsource" : "MISC", }
"url" : "https://www.htbridge.com/advisory/HTB23238" ]
}, },
{ "references": {
"name" : "70806", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70806" "name": "20141029 Multiple vulnerabilities in EspoCRM",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/533844/100/0/threaded"
} },
{
"name": "http://blog.espocrm.com/news/espocrm-2-6-0-released",
"refsource": "MISC",
"url": "http://blog.espocrm.com/news/espocrm-2-6-0-released"
},
{
"name": "http://packetstormsecurity.com/files/128888/EspoCRM-2.5.2-XSS-LFI-Access-Control.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128888/EspoCRM-2.5.2-XSS-LFI-Access-Control.html"
},
{
"name": "70806",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70806"
},
{
"name": "https://www.htbridge.com/advisory/HTB23238",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23238"
}
]
}
} }

188
2016/2xxx/CVE-2016-2039.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2039", "ID": "CVE-2016-2039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-2.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-2.php" "lang": "eng",
}, "value": "libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value."
{ }
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3627", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3627" ]
}, },
{ "references": {
"name" : "FEDORA-2016-e1fe01e96e", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" "name": "https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813"
"name" : "FEDORA-2016-e55278763e", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" "name": "openSUSE-SU-2016:0378",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html"
"name" : "openSUSE-SU-2016:0357", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" "name": "DSA-3627",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3627"
"name" : "openSUSE-SU-2016:0378", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" "name": "openSUSE-SU-2016:0357",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html"
} },
{
"name": "FEDORA-2016-e55278763e",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html"
},
{
"name": "FEDORA-2016-e1fe01e96e",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html"
},
{
"name": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-2.php",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-2.php"
},
{
"name": "https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e",
"refsource": "CONFIRM",
"url": "https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e"
}
]
}
} }

198
2016/2xxx/CVE-2016-2099.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-2099", "ID": "CVE-2016-2099",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160509 CVE-2016-2099: use-after-free in Xerces 3.1.3", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/09/7" "lang": "eng",
}, "value": "Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document."
{ }
"name" : "https://issues.apache.org/jira/browse/XERCESC-2066", ]
"refsource" : "CONFIRM", },
"url" : "https://issues.apache.org/jira/browse/XERCESC-2066" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3579", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3579" ]
}, },
{ "references": {
"name" : "GLSA-201612-46", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-46" "name": "DSA-3579",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3579"
"name" : "openSUSE-SU-2016:1744", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name" : "openSUSE-SU-2016:2232", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html" "name": "https://issues.apache.org/jira/browse/XERCESC-2066",
}, "refsource": "CONFIRM",
{ "url": "https://issues.apache.org/jira/browse/XERCESC-2066"
"name" : "openSUSE-SU-2016:1808", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html" "name": "90502",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/90502"
"name" : "90502", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90502" "name": "GLSA-201612-46",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201612-46"
} },
{
"name": "openSUSE-SU-2016:1744",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html"
},
{
"name": "openSUSE-SU-2016:2232",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"
},
{
"name": "[oss-security] 20160509 CVE-2016-2099: use-after-free in Xerces 3.1.3",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/7"
},
{
"name": "openSUSE-SU-2016:1808",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"
}
]
}
} }

118
2016/2xxx/CVE-2016-2300.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-2300", "ID": "CVE-2016-2300",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03" "lang": "eng",
} "value": "Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
]
}
} }

224
2016/2xxx/CVE-2016-2987.json
View File

@ -1,115 +1,115 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-2987", "ID": "CVE-2016-2987",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Collaborative Lifecycle Management", "product_name": "Rational Collaborative Lifecycle Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.0.1" "version_value": "3.0.1"
}, },
{ {
"version_value" : "4.0" "version_value": "4.0"
}, },
{ {
"version_value" : "3.0.1.6" "version_value": "3.0.1.6"
}, },
{ {
"version_value" : "4.0.1" "version_value": "4.0.1"
}, },
{ {
"version_value" : "4.0.2" "version_value": "4.0.2"
}, },
{ {
"version_value" : "4.0.3" "version_value": "4.0.3"
}, },
{ {
"version_value" : "4.0.4" "version_value": "4.0.4"
}, },
{ {
"version_value" : "4.0.5" "version_value": "4.0.5"
}, },
{ {
"version_value" : "4.0.6" "version_value": "4.0.6"
}, },
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "4.0.7" "version_value": "4.0.7"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.ibm.com/support/docview.wss?uid=swg21996097", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.ibm.com/support/docview.wss?uid=swg21996097" "lang": "eng",
}, "value": "An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker."
{ }
"name" : "95109", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95109" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95109",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95109"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21996097",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21996097"
}
]
}
} }

130
2017/18xxx/CVE-2017-18132.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2017-18132", "ID": "CVE-2017-18132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile", "product_name": "Snapdragon Automobile, Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM8996" "version_value": "MDM9206, MDM9607, MDM8996"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, MDM8996, an out-of-bounds access can potentially occur in tz_assign()."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Over-read in Core"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, MDM8996, an out-of-bounds access can potentially occur in tz_assign()."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Buffer Over-read in Core"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
} }

32
2017/1xxx/CVE-2017-1006.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1006", "ID": "CVE-2017-1006",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

220
2017/1xxx/CVE-2017-1251.json
View File

@ -1,113 +1,113 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-11-16T00:00:00", "DATE_PUBLIC": "2017-11-16T00:00:00",
"ID" : "CVE-2017-1251", "ID": "CVE-2017-1251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Collaborative Lifecycle Management", "product_name": "Rational Collaborative Lifecycle Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.0" "version_value": "4.0"
}, },
{ {
"version_value" : "4.0.1" "version_value": "4.0.1"
}, },
{ {
"version_value" : "4.0.2" "version_value": "4.0.2"
}, },
{ {
"version_value" : "4.0.3" "version_value": "4.0.3"
}, },
{ {
"version_value" : "4.0.4" "version_value": "4.0.4"
}, },
{ {
"version_value" : "4.0.5" "version_value": "4.0.5"
}, },
{ {
"version_value" : "4.0.6" "version_value": "4.0.6"
}, },
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "4.0.7" "version_value": "4.0.7"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 124631."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/124631", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/124631" "lang": "eng",
}, "value": "An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 124631."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22010682", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22010682" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22010682",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010682"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124631",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124631"
}
]
}
} }

286
2017/1xxx/CVE-2017-1275.json
View File

@ -1,146 +1,146 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-28T00:00:00", "DATE_PUBLIC": "2018-06-28T00:00:00",
"ID" : "CVE-2017-1275", "ID": "CVE-2017-1275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Collaborative Lifecycle Management", "product_name": "Rational Collaborative Lifecycle Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Quality Manager", "product_name": "Rational Quality Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124750."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www-prd-trops.events.ibm.com/node/715749", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www-prd-trops.events.ibm.com/node/715749" "lang": "eng",
}, "value": "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124750."
{ }
"name" : "ibm-rqm-cve20171275-xss(124750)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/124750" "impact": {
} "cvssv3": {
] "BM": {
} "A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-rqm-cve20171275-xss(124750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124750"
},
{
"name": "https://www-prd-trops.events.ibm.com/node/715749",
"refsource": "CONFIRM",
"url": "https://www-prd-trops.events.ibm.com/node/715749"
}
]
}
} }

168
2017/1xxx/CVE-2017-1452.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-09-07T00:00:00", "DATE_PUBLIC": "2017-09-07T00:00:00",
"ID" : "CVE-2017-1452", "ID": "CVE-2017-1452",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "DB2 for Linux, UNIX and Windows", "product_name": "DB2 for Linux, UNIX and Windows",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.5" "version_value": "10.5"
}, },
{ {
"version_value" : "10.1" "version_value": "10.1"
}, },
{ {
"version_value" : "9.7" "version_value": "9.7"
}, },
{ {
"version_value" : "11.1" "version_value": "11.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180" "lang": "eng",
}, "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006109", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006109" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "100698", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100698" "lang": "eng",
}, "value": "Gain Privileges"
{ }
"name" : "1039299", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1039299" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
},
{
"name": "100698",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100698"
},
{
"name": "1039299",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039299"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006109",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
}
]
}
} }

168
2017/5xxx/CVE-2017-5081.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2017-5081", "ID": "CVE-2017-5081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Android", "product_name": "Google Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Android" "version_value": "Google Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Inappropriate implementation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files."
{ }
"name" : "https://crbug.com/672008", ]
"refsource" : "MISC", },
"url" : "https://crbug.com/672008" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201706-20", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201706-20" "lang": "eng",
}, "value": "Inappropriate implementation"
{ }
"name" : "RHSA-2017:1399", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2017:1399" ]
}, },
{ "references": {
"name" : "98861", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98861" "name": "98861",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/98861"
"name" : "1038622", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038622" "name": "RHSA-2017:1399",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2017:1399"
} },
{
"name": "https://crbug.com/672008",
"refsource": "MISC",
"url": "https://crbug.com/672008"
},
{
"name": "1038622",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038622"
},
{
"name": "GLSA-201706-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-20"
},
{
"name": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html"
}
]
}
} }

168
2017/5xxx/CVE-2017-5095.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2017-5095", "ID": "CVE-2017-5095",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 60.0.3112.78 for Linux, Windows and Mac", "product_name": "Google Chrome prior to 60.0.3112.78 for Linux, Windows and Mac",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 60.0.3112.78 for Linux, Windows and Mac" "version_value": "Google Chrome prior to 60.0.3112.78 for Linux, Windows and Mac"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Stack overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file."
{ }
"name" : "https://crbug.com/732661", ]
"refsource" : "MISC", },
"url" : "https://crbug.com/732661" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3926", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3926" "lang": "eng",
}, "value": "Stack overflow"
{ }
"name" : "GLSA-201709-15", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201709-15" ]
}, },
{ "references": {
"name" : "RHSA-2017:1833", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1833" "name": "GLSA-201709-15",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201709-15"
"name" : "99950", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99950" "name": "DSA-3926",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2017/dsa-3926"
} },
{
"name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
},
{
"name": "99950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99950"
},
{
"name": "RHSA-2017:1833",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1833"
},
{
"name": "https://crbug.com/732661",
"refsource": "MISC",
"url": "https://crbug.com/732661"
}
]
}
} }

130
2017/5xxx/CVE-2017-5175.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2017-02-14T00:00:00", "DATE_PUBLIC": "2017-02-14T00:00:00",
"ID" : "CVE-2017-5175", "ID": "CVE-2017-5175",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Advantech WebAccess Versions 8.1 and prior.", "product_name": "Advantech WebAccess Versions 8.1 and prior.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Advantech WebAccess Versions 8.1 and prior." "version_value": "Advantech WebAccess Versions 8.1 and prior."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "ICS-CERT" "vendor_name": "ICS-CERT"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "UNCONTROLLED SEARCH PATH ELEMENT CWE-427"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-01" "lang": "eng",
}, "value": "Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code."
{ }
"name" : "96210", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96210" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "UNCONTROLLED SEARCH PATH ELEMENT CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96210"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-01"
}
]
}
} }

138
2017/5xxx/CVE-2017-5659.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"ID" : "CVE-2017-5659", "ID": "CVE-2017-5659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Traffic Server", "product_name": "Apache Traffic Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions prior to version 6.2.1" "version_value": "All versions prior to version 6.2.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "DoS attack"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://issues.apache.org/jira/browse/TS-4819", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.apache.org/jira/browse/TS-4819" "lang": "eng",
}, "value": "Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding."
{ }
"name" : "97949", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97949" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038275", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038275" "lang": "eng",
} "value": "DoS attack"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/TS-4819",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/TS-4819"
},
{
"name": "97949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97949"
},
{
"name": "1038275",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038275"
}
]
}
} }