admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 14:00:35 +00:00
parent e2f5ac8592
commit a9c1faa1ec
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
21 changed files with 3792 additions and 2518 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

325
2007/5xxx/CVE-2007-5497.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5497",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
"value": "CVE-2007-5497 e2fsprogs multiple integer overflows"
}
]
},
@ -44,198 +21,266 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 2.1",
"version": {
"version_data": [
{
"version_value": "0:1.26-1.73",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:1.32-15.4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:1.35-12.11.el4_6.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.39-10.el5_1.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "27965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27965"
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083",
"refsource": "MISC",
"name": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
},
{
"name": "1019537",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019537"
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html",
"refsource": "MISC",
"name": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
},
{
"name": "26772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26772"
"url": "http://secunia.com/advisories/27889",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27889"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
"url": "http://secunia.com/advisories/27965",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27965"
},
{
"name": "28541",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28541"
"url": "http://secunia.com/advisories/27987",
"refsource": "MISC",
"name": "http://secunia.com/advisories/27987"
},
{
"name": "28000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28000"
"url": "http://secunia.com/advisories/28000",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28000"
},
{
"name": "e2fsprogs-libext2fs-integer-overflow(38903)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
"url": "http://secunia.com/advisories/28030",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28030"
},
{
"name": "oval:org.mitre.oval:def:10399",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
"url": "http://secunia.com/advisories/28042",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28042"
},
{
"name": "SSRT100018",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
"url": "http://secunia.com/advisories/28360",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28360"
},
{
"name": "RHSA-2008:0003",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
"url": "http://secunia.com/advisories/28541",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28541"
},
{
"name": "ADV-2007-4135",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4135"
"url": "http://secunia.com/advisories/28648",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28648"
},
{
"name": "HPSBMA02554",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
"url": "http://secunia.com/advisories/29224",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29224"
},
{
"name": "20080212 FLEA-2008-0005-1 e2fsprogs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
"url": "http://secunia.com/advisories/32774",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32774"
},
{
"name": "28042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28042"
"url": "http://secunia.com/advisories/40551",
"refsource": "MISC",
"name": "http://secunia.com/advisories/40551"
},
{
"name": "20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
"url": "http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406",
"refsource": "MISC",
"name": "http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406"
},
{
"name": "29224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29224"
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
},
{
"name": "FEDORA-2007-4461",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
"url": "http://support.citrix.com/article/CTX118766",
"refsource": "MISC",
"name": "http://support.citrix.com/article/CTX118766"
},
{
"name": "40551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40551"
"url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
},
{
"name": "DSA-1422",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1422"
"url": "http://www.debian.org/security/2007/dsa-1422",
"refsource": "MISC",
"name": "http://www.debian.org/security/2007/dsa-1422"
},
{
"name": "SUSE-SR:2007:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
},
{
"name": "27987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27987"
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html",
"refsource": "MISC",
"name": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"name": "28030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28030"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
},
{
"name": "ADV-2008-0761",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0761"
"url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
},
{
"name": "http://support.citrix.com/article/CTX118766",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX118766"
"url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
},
{
"name": "27889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27889"
"url": "http://www.securityfocus.com/bid/26772",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/26772"
},
{
"name": "28648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28648"
"url": "http://www.securitytracker.com/id?1019537",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1019537"
},
{
"name": "ADV-2010-1796",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1796"
"url": "http://www.ubuntu.com/usn/usn-555-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-555-1"
},
{
"name": "USN-555-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-555-1"
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
},
{
"name": "28360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28360"
"url": "http://www.vupen.com/english/advisories/2007/4135",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2007/4135"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406"
"url": "http://www.vupen.com/english/advisories/2008/0761",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/0761"
},
{
"name": "32774",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32774"
"url": "http://www.vupen.com/english/advisories/2010/1796",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1796"
},
{
"name": "https://issues.rpath.com/browse/RPL-2011",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2011"
"url": "https://access.redhat.com/errata/RHSA-2008:0003",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0003"
},
{
"name": "FEDORA-2007-4447",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
"url": "https://access.redhat.com/security/cve/CVE-2007-5497",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2007-5497"
},
{
"name": "[Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=403441",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=403441"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2007-0262",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
"url": "https://issues.rpath.com/browse/RPL-2011",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-2011"
},
{
"name": "MDKSA-2007:242",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
}
]
}

505
2007/6xxx/CVE-2007-6284.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-6284",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences."
"value": "CVE-2007-6284 libxml2: infinite loop in UTF-8 decoding"
}
]
},
@ -44,223 +21,291 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 2.1",
"version": {
"version_data": [
{
"version_value": "0:2.4.19-7.ent",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:2.5.10-8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.16-10.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.26-2.1.2.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "28439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28439"
},
{
"name": "GLSA-200801-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200801-20.xml"
},
{
"name": "28466",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28466"
},
{
"name": "ADV-2008-1033",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1033/references"
},
{
"name": "103201",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1"
},
{
"name": "DSA-1461",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1461"
},
{
"name": "USN-569-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/569-1/"
},
{
"name": "SUSE-SR:2008:002",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
},
{
"name": "20080329 VMSA-2008-0006 Updated libxml2 service console package",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490306/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:5216",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216"
},
{
"name": "27248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27248"
},
{
"name": "28444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28444"
},
{
"name": "MDVSA-2008:010",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010"
},
{
"name": "ADV-2008-0117",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0117"
},
{
"name": "http://www.xmlsoft.org/news.html",
"refsource": "CONFIRM",
"url": "http://www.xmlsoft.org/news.html"
},
{
"name": "28716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28716"
},
{
"name": "28740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28740"
},
{
"name": "[xml] 20080111 Security flaw affecting all previous libxml2 releases",
"refsource": "MLIST",
"url": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html"
},
{
"name": "FEDORA-2008-0462",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html"
},
{
"name": "28475",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28475"
},
{
"name": "oval:org.mitre.oval:def:11594",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594"
},
{
"name": "20080115 rPSA-2008-0017-1 libxml2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486410/100/0/threaded"
},
{
"name": "APPLE-SA-2008-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm"
},
{
"name": "ADV-2008-0144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0144"
},
{
"name": "28458",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28458"
},
{
"name": "29591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29591"
},
{
"name": "ADV-2008-2094",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2094/references"
},
{
"name": "28636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28636"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm"
},
{
"name": "https://issues.rpath.com/browse/RPL-2121",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2121"
},
{
"name": "[Security-announce] 20080328 VMSA-2008-0006 Updated libxml2 service console package",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html"
},
{
"name": "RHSA-2008:0032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0032.html"
},
{
"name": "FEDORA-2008-0477",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html"
},
{
"name": "28470",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28470"
},
{
"name": "201514",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1"
},
{
"name": "28450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28450"
},
{
"name": "31074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31074"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=425927",
"url": "http://secunia.com/advisories/28636",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927"
"name": "http://secunia.com/advisories/28636"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202628",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202628"
"url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html",
"refsource": "MISC",
"name": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
},
{
"name": "28452",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28452"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202628",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202628"
},
{
"name": "1019181",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019181"
"url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html"
},
{
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html",
"refsource": "MISC",
"name": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html"
},
{
"url": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html",
"refsource": "MISC",
"name": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html"
},
{
"url": "http://secunia.com/advisories/28439",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28439"
},
{
"url": "http://secunia.com/advisories/28444",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28444"
},
{
"url": "http://secunia.com/advisories/28450",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28450"
},
{
"url": "http://secunia.com/advisories/28452",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28452"
},
{
"url": "http://secunia.com/advisories/28458",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28458"
},
{
"url": "http://secunia.com/advisories/28466",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28466"
},
{
"url": "http://secunia.com/advisories/28470",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28470"
},
{
"url": "http://secunia.com/advisories/28475",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28475"
},
{
"url": "http://secunia.com/advisories/28716",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28716"
},
{
"url": "http://secunia.com/advisories/28740",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28740"
},
{
"url": "http://secunia.com/advisories/29591",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29591"
},
{
"url": "http://secunia.com/advisories/31074",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31074"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200801-20.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200801-20.xml"
},
{
"url": "http://securitytracker.com/id?1019181",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1019181"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1"
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm"
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm"
},
{
"url": "http://www.debian.org/security/2008/dsa-1461",
"refsource": "MISC",
"name": "http://www.debian.org/security/2008/dsa-1461"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0032.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0032.html"
},
{
"url": "http://www.securityfocus.com/archive/1/486410/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/486410/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/archive/1/490306/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/490306/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/27248",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/27248"
},
{
"url": "http://www.vupen.com/english/advisories/2008/0117",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/0117"
},
{
"url": "http://www.vupen.com/english/advisories/2008/0144",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/0144"
},
{
"url": "http://www.vupen.com/english/advisories/2008/1033/references",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/1033/references"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2094/references",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2094/references"
},
{
"url": "http://www.xmlsoft.org/news.html",
"refsource": "MISC",
"name": "http://www.xmlsoft.org/news.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:0032",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0032"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2007-6284",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2007-6284"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=425927"
},
{
"url": "https://issues.rpath.com/browse/RPL-2121",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-2121"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216"
},
{
"url": "https://usn.ubuntu.com/569-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/569-1/"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html"
}
]
}

340
2008/0xxx/CVE-2008-0600.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-0600",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010."
"value": "CVE-2008-0600 kernel vmsplice_to_pipe flaw"
}
]
},
@ -44,213 +21,278 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-53.1.13.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2"
"url": "http://secunia.com/advisories/28835",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28835"
},
{
"name": "27801",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27801"
"url": "http://secunia.com/advisories/28875",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28875"
},
{
"name": "MDVSA-2008:043",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043"
"url": "http://secunia.com/advisories/28896",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28896"
},
{
"name": "oval:org.mitre.oval:def:11358",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358"
"url": "http://www.debian.org/security/2008/dsa-1494",
"refsource": "MISC",
"name": "http://www.debian.org/security/2008/dsa-1494"
},
{
"name": "28858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28858"
"url": "http://www.securityfocus.com/bid/27704",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/27704"
},
{
"name": "DSA-1494",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1494"
"url": "http://www.vupen.com/english/advisories/2008/0487/references",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/0487/references"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432517",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432517"
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"
},
{
"name": "USN-577-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-577-1"
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"
},
{
"name": "SUSE-SA:2008:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044"
},
{
"name": "28875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28875"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"
},
{
"name": "28933",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28933"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html"
},
{
"name": "FEDORA-2008-1629",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"
},
{
"name": "ADV-2008-0487",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0487/references"
"url": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2"
},
{
"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2"
"url": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2"
},
{
"name": "SUSE-SA:2008:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html"
"url": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2"
},
{
"name": "28889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28889"
"url": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2"
},
{
"name": "28937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28937"
"url": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2"
},
{
"name": "FEDORA-2008-1433",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html"
"url": "http://secunia.com/advisories/28858",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28858"
},
{
"name": "FEDORA-2008-1422",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"
"url": "http://secunia.com/advisories/28889",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28889"
},
{
"name": "5092",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5092"
"url": "http://secunia.com/advisories/28912",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28912"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052"
"url": "http://secunia.com/advisories/28925",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28925"
},
{
"name": "MDVSA-2008:044",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044"
"url": "http://secunia.com/advisories/28933",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28933"
},
{
"name": "29245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29245"
"url": "http://secunia.com/advisories/28937",
"refsource": "MISC",
"name": "http://secunia.com/advisories/28937"
},
{
"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2"
"url": "http://secunia.com/advisories/29245",
"refsource": "MISC",
"name": "http://secunia.com/advisories/29245"
},
{
"name": "28896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28896"
"url": "http://secunia.com/advisories/30818",
"refsource": "MISC",
"name": "http://secunia.com/advisories/30818"
},
{
"name": "28925",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28925"
"url": "http://securitytracker.com/id?1019393",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1019393"
},
{
"name": "28835",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28835"
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0052",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0052"
},
{
"name": "https://issues.rpath.com/browse/RPL-2237",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2237"
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052"
},
{
"name": "FEDORA-2008-1423",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043"
},
{
"name": "20080212 rPSA-2008-0052-1 kernel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488009/100/0/threaded"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0129.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0129.html"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0052",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0052"
"url": "http://www.securityfocus.com/archive/1/488009/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/488009/100/0/threaded"
},
{
"name": "28912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28912"
"url": "http://www.securityfocus.com/bid/27801",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/27801"
},
{
"name": "SUSE-SA:2008:030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"
"url": "http://www.ubuntu.com/usn/usn-577-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-577-1"
},
{
"name": "RHSA-2008:0129",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0129.html"
"url": "https://access.redhat.com/errata/RHSA-2008:0129",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0129"
},
{
"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2"
"url": "https://access.redhat.com/security/cve/CVE-2008-0600",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-0600"
},
{
"name": "1019393",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019393"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432229",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432229"
},
{
"name": "30818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30818"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432251",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432251"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432229",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432229"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432517",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432517"
},
{
"name": "27704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27704"
"url": "https://issues.rpath.com/browse/RPL-2237",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-2237"
},
{
"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358"
},
{
"url": "https://www.exploit-db.com/exploits/5092",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/5092"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

181
2008/2xxx/CVE-2008-2375.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-2375",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962."
"value": "CVE-2008-2375 older vsftpd authentication memory leak"
}
]
},
@ -44,88 +21,144 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:1.2.1-3E.16",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.0.1-6.el4",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "ADV-2008-2820",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2820"
"url": "http://secunia.com/advisories/31007",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31007"
},
{
"name": "30364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30364"
"url": "http://secunia.com/advisories/31223",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31223"
},
{
"name": "RHSA-2008:0680",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0680.html"
"url": "http://secunia.com/advisories/32263",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32263"
},
{
"name": "oval:org.mitre.oval:def:10138",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10138"
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-398.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-398.htm"
},
{
"name": "https://bugzilla.redhat.com/attachment.cgi?id=201051",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=201051"
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0217",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0217"
},
{
"name": "RHSA-2008:0579",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0579.html"
"url": "http://www.openwall.com/lists/oss-security/2008/06/30/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/06/30/2"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-398.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-398.htm"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0579.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0579.html"
},
{
"name": "31223",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31223"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0680.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0680.html"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0217",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0217"
"url": "http://www.securityfocus.com/archive/1/494081/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/494081/100/0/threaded"
},
{
"name": "31007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31007"
"url": "http://www.securityfocus.com/bid/30364",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/30364"
},
{
"name": "https://issues.rpath.com/browse/RPL-2640",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2640"
"url": "http://www.securitytracker.com/id?1020546",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1020546"
},
{
"name": "1020546",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020546"
"url": "http://www.vupen.com/english/advisories/2008/2820",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2820"
},
{
"name": "32263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32263"
"url": "https://access.redhat.com/errata/RHSA-2008:0579",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0579"
},
{
"name": "20080708 rPSA-2008-0217-1 vsftpd",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494081/100/0/threaded"
"url": "https://access.redhat.com/errata/RHSA-2008:0680",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0680"
},
{
"name": "[oss-security] 20080630 CVE-2008-2375 older vsftpd authentication memory leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/06/30/2"
"url": "https://access.redhat.com/security/cve/CVE-2008-2375",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-2375"
},
{
"url": "https://bugzilla.redhat.com/attachment.cgi?id=201051",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/attachment.cgi?id=201051"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=453376",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=453376"
},
{
"url": "https://issues.rpath.com/browse/RPL-2640",
"refsource": "MISC",
"name": "https://issues.rpath.com/browse/RPL-2640"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10138",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10138"
}
]
}

428
2008/4xxx/CVE-2008-4309.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-4309",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats."
"value": "CVE-2008-4309 net-snmp: numresponses calculation integer overflow in snmp_agent.c"
}
]
},
@ -44,228 +21,285 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:5.0.9-2.30E.25",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:5.1.2-13.el4_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "1:5.3.1-24.el5_2.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "33631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33631"
},
{
"name": "32664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32664"
},
{
"name": "32560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32560"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "SUSE-SR:2009:003",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"name": "ADV-2009-0301",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"name": "33746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33746"
},
{
"name": "RHSA-2008:0971",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0971.html"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "35679",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35679"
},
{
"name": "oval:org.mitre.oval:def:9860",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "33003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33003"
},
{
"name": "262908",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1"
},
{
"name": "32539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32539"
},
{
"name": "32711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32711"
},
{
"name": "DSA-1663",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "oval:org.mitre.oval:def:6353",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353"
},
{
"name": "netsnmp-netsnmpcreatesubtreecache-dos(46262)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46262"
},
{
"name": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"refsource": "MISC",
"url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272"
"name": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "[oss-security] 20081031 New net-snmp DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/31/1"
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"
},
{
"name": "APPLE-SA-2010-12-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
"url": "http://marc.info/?l=bugtraq&m=125017764422557&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=125017764422557&w=2"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=882903",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=882903"
"url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272",
"refsource": "MISC",
"name": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272"
},
{
"name": "oval:org.mitre.oval:def:6171",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171"
"url": "http://secunia.com/advisories/32539",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32539"
},
{
"name": "33095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33095"
"url": "http://secunia.com/advisories/32560",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32560"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
"url": "http://secunia.com/advisories/32664",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32664"
},
{
"name": "1021129",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021129"
"url": "http://secunia.com/advisories/32711",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32711"
},
{
"name": "http://support.apple.com/kb/HT4298",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4298"
"url": "http://secunia.com/advisories/33003",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33003"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315"
"url": "http://secunia.com/advisories/33095",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33095"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm"
"url": "http://secunia.com/advisories/33631",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33631"
},
{
"name": "ADV-2008-2973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2973"
"url": "http://secunia.com/advisories/33746",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33746"
},
{
"name": "32020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32020"
"url": "http://secunia.com/advisories/33821",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33821"
},
{
"name": "33821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33821"
"url": "http://secunia.com/advisories/35074",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35074"
},
{
"name": "ADV-2009-1771",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1771"
"url": "http://secunia.com/advisories/35679",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35679"
},
{
"name": "GLSA-200901-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200901-15.xml"
"url": "http://security.gentoo.org/glsa/glsa-200901-15.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200901-15.xml"
},
{
"name": "20081112 rPSA-2008-0315-1 net-snmp net-snmp-client net-snmp-server net-snmp-utils",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498280/100/0/threaded"
"url": "http://sourceforge.net/forum/forum.php?forum_id=882903",
"refsource": "MISC",
"name": "http://sourceforge.net/forum/forum.php?forum_id=882903"
},
{
"name": "HPSBMA02447",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=125017764422557&w=2"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1"
},
{
"name": "USN-685-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-685-1"
"url": "http://support.apple.com/kb/HT3549",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3549"
},
{
"name": "SSRT090062",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=125017764422557&w=2"
"url": "http://support.apple.com/kb/HT4298",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4298"
},
{
"name": "ADV-2008-3400",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3400"
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm"
},
{
"name": "MDVSA-2008:225",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:225"
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315",
"refsource": "MISC",
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315"
},
{
"url": "http://www.debian.org/security/2008/dsa-1663",
"refsource": "MISC",
"name": "http://www.debian.org/security/2008/dsa-1663"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:225",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:225"
},
{
"url": "http://www.openwall.com/lists/oss-security/2008/10/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/10/31/1"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0971.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0971.html"
},
{
"url": "http://www.securityfocus.com/archive/1/498280/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/498280/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/32020",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/32020"
},
{
"url": "http://www.securitytracker.com/id?1021129",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021129"
},
{
"url": "http://www.ubuntu.com/usn/usn-685-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"refsource": "MISC",
"name": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0001.html"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2973",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2973"
},
{
"url": "http://www.vupen.com/english/advisories/2008/3400",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/3400"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0301",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0301"
},
{
"url": "http://www.vupen.com/english/advisories/2009/1297",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"url": "http://www.vupen.com/english/advisories/2009/1771",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1771"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:0971",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0971"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-4309",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-4309"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=469349",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=469349"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46262",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46262"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860"
}
]
}

373
2008/4xxx/CVE-2008-4316.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-4316",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation."
"value": "CVE-2008-4316 glib2: integer overflows in the base64 handling functions (oCERT-2008-015)"
}
]
},
@ -44,168 +21,208 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.12.3-4.el5_3.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff",
"url": "http://openwall.com/lists/oss-security/2009/03/12/2",
"refsource": "MISC",
"url": "http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff"
"name": "http://openwall.com/lists/oss-security/2009/03/12/2"
},
{
"name": "20090312 rPSA-2009-0045-1 glib",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501766/100/0/threaded"
},
{
"name": "USN-738-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-738-1"
},
{
"name": "34560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34560"
},
{
"name": "[oss-security] 20090317 Re: [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/03/16/2"
},
{
"name": "38794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38794"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "MDVSA-2009:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:080"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0045",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0045"
},
{
"name": "oval:org.mitre.oval:def:11401",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401"
},
{
"name": "FEDORA-2009-2688",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html"
},
{
"name": "[oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2009/03/12/2"
},
{
"name": "34100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34100"
},
{
"name": "34854",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34854"
},
{
"name": "20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501712/100/0/threaded"
},
{
"name": "34267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34267"
},
{
"name": "RHSA-2009:0336",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0336.html"
},
{
"name": "38833",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38833"
},
{
"name": "1021884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021884"
},
{
"name": "DSA-1747",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1747"
},
{
"name": "34317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34317"
},
{
"name": "SUSE-SA:2009:026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html"
},
{
"name": "FEDORA-2009-2657",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html"
},
{
"name": "34416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34416"
},
{
"name": "http://svn.gnome.org/viewvc/glib?view=revision&revision=7973",
"refsource": "CONFIRM",
"url": "http://svn.gnome.org/viewvc/glib?view=revision&revision=7973"
},
{
"name": "oval:org.mitre.oval:def:8360",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360"
},
{
"name": "34404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34404"
},
{
"name": "glib-gbase64-bo(49272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49272"
},
{
"name": "34890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34890"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "http://www.ocert.org/advisories/ocert-2008-015.html",
"url": "http://www.ocert.org/advisories/ocert-2008-015.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2008-015.html"
"name": "http://www.ocert.org/advisories/ocert-2008-015.html"
},
{
"url": "http://www.securityfocus.com/archive/1/501712/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/501712/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/34100",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34100"
},
{
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"refsource": "MISC",
"name": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"url": "http://secunia.com/advisories/38794",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38794"
},
{
"url": "http://www.vupen.com/english/advisories/2010/0528",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html"
},
{
"url": "http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff",
"refsource": "MISC",
"name": "http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff"
},
{
"url": "http://secunia.com/advisories/34267",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34267"
},
{
"url": "http://secunia.com/advisories/34317",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34317"
},
{
"url": "http://secunia.com/advisories/34404",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34404"
},
{
"url": "http://secunia.com/advisories/34416",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34416"
},
{
"url": "http://secunia.com/advisories/34560",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34560"
},
{
"url": "http://secunia.com/advisories/34854",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34854"
},
{
"url": "http://secunia.com/advisories/34890",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34890"
},
{
"url": "http://secunia.com/advisories/38833",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38833"
},
{
"url": "http://svn.gnome.org/viewvc/glib?view=revision&revision=7973",
"refsource": "MISC",
"name": "http://svn.gnome.org/viewvc/glib?view=revision&revision=7973"
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0045",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0045"
},
{
"url": "http://www.debian.org/security/2009/dsa-1747",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1747"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:080",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:080"
},
{
"url": "http://www.openwall.com/lists/oss-security/2009/03/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/03/16/2"
},
{
"url": "http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html",
"refsource": "MISC",
"name": "http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0336.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0336.html"
},
{
"url": "http://www.securityfocus.com/archive/1/501766/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/501766/100/0/threaded"
},
{
"url": "http://www.securitytracker.com/id?1021884",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021884"
},
{
"url": "http://www.ubuntu.com/usn/usn-738-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-738-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:0336",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0336"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-4316",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-4316"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=474770",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=474770"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49272",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49272"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html"
}
]
}

273
2009/0xxx/CVE-2009-0585.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0585",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation."
"value": "CVE-2009-0585 libsoup: integer overflow in soup_base64_encode()"
}
]
},
@ -44,98 +21,178 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.2.98-5.el4.1",
"version_affected": "!"
},
{
"version_value": "0:2.2.1-4.el4.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.98-2.el5_3.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2009:0344",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0344.html"
},
{
"name": "oval:org.mitre.oval:def:9599",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9599"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm"
},
{
"name": "MDVSA-2009:081",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:081"
},
{
"name": "[oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2009/03/12/2"
},
{
"name": "34100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34100"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "libsoup-soupmisc-bo(49273)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49273"
},
{
"name": "34310",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34310"
},
{
"name": "20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501712/100/0/threaded"
},
{
"name": "DSA-1748",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1748"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "34401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34401"
},
{
"name": "http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html",
"refsource": "MISC",
"url": "http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff"
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "USN-737-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-737-1"
},
{
"name": "34337",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34337"
},
{
"name": "http://www.ocert.org/advisories/ocert-2008-015.html",
"url": "http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2008-015.html"
"name": "http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff"
},
{
"url": "http://openwall.com/lists/oss-security/2009/03/12/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2009/03/12/2"
},
{
"url": "http://secunia.com/advisories/34310",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34310"
},
{
"url": "http://secunia.com/advisories/34337",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34337"
},
{
"url": "http://secunia.com/advisories/34401",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34401"
},
{
"url": "http://secunia.com/advisories/35065",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35065"
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm",
"refsource": "MISC",
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm"
},
{
"url": "http://www.debian.org/security/2009/dsa-1748",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1748"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:081",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:081"
},
{
"url": "http://www.ocert.org/advisories/ocert-2008-015.html",
"refsource": "MISC",
"name": "http://www.ocert.org/advisories/ocert-2008-015.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0344.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0344.html"
},
{
"url": "http://www.securityfocus.com/archive/1/501712/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/501712/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/34100",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34100"
},
{
"url": "http://www.ubuntu.com/usn/USN-737-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-737-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:0344",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0344"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-0585",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0585"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=488026",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=488026"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49273",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49273"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9599",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9599"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

238
2009/0xxx/CVE-2009-0586.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0586",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow."
"value": "CVE-2009-0586 gstreamer-plugins-base: integer overflow in gst_vorbis_tag_add_coverart()"
}
]
},
@ -44,88 +21,153 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.10.20-3.0.1.el5_3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9694",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9694"
},
{
"name": "34335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34335"
},
{
"name": "35777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35777"
},
{
"name": "34350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34350"
},
{
"name": "GLSA-200907-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200907-11.xml"
},
{
"name": "http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9"
},
{
"name": "[oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2009/03/12/2"
},
{
"name": "34100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34100"
},
{
"name": "MDVSA-2009:085",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:085"
},
{
"name": "20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501712/100/0/threaded"
},
{
"name": "http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff",
"url": "http://openwall.com/lists/oss-security/2009/03/12/2",
"refsource": "MISC",
"url": "http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff"
"name": "http://openwall.com/lists/oss-security/2009/03/12/2"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "USN-735-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-735-1"
},
{
"name": "gstreamer-gstvorbistagaddcoverart-bo(49274)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49274"
},
{
"name": "http://www.ocert.org/advisories/ocert-2008-015.html",
"url": "http://www.ocert.org/advisories/ocert-2008-015.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2008-015.html"
"name": "http://www.ocert.org/advisories/ocert-2008-015.html"
},
{
"url": "http://www.securityfocus.com/archive/1/501712/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/501712/100/0/threaded"
},
{
"url": "http://www.securityfocus.com/bid/34100",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34100"
},
{
"url": "http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"url": "http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff",
"refsource": "MISC",
"name": "http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff"
},
{
"url": "http://secunia.com/advisories/34335",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34335"
},
{
"url": "http://secunia.com/advisories/34350",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34350"
},
{
"url": "http://secunia.com/advisories/35777",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35777"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200907-11.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200907-11.xml"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:085",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:085"
},
{
"url": "http://www.ubuntu.com/usn/USN-735-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-735-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:0352",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0352"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-0586",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0586"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=488208",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=488208"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49274",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49274"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9694",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9694"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

251
2009/0xxx/CVE-2009-0793.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0793",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for \"transformations of monochrome profiles.\""
"value": "CVE-2009-0793 lcms: Null pointer dereference (DoS) by handling transformations of monochrome profiles"
}
]
},
@ -44,143 +21,203 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "1:1.6.0.0-0.30.b09.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "MDVSA-2009:137",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
"url": "http://secunia.com/advisories/34623",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34623"
},
{
"name": "34635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34635"
"url": "http://secunia.com/advisories/34632",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34632"
},
{
"name": "34632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34632"
"url": "http://secunia.com/advisories/34634",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34634"
},
{
"name": "FEDORA-2009-3914",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html"
"url": "http://secunia.com/advisories/34635",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34635"
},
{
"name": "34623",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34623"
"url": "http://secunia.com/advisories/34675",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34675"
},
{
"name": "USN-1043-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1043-1"
"url": "http://secunia.com/advisories/34782",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34782"
},
{
"name": "34675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34675"
"url": "http://secunia.com/advisories/35048",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35048"
},
{
"name": "ADV-2009-0964",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0964"
"url": "http://secunia.com/advisories/42870",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42870"
},
{
"name": "35048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35048"
"url": "http://security.gentoo.org/glsa/glsa-200904-19.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
},
{
"name": "FEDORA-2009-3426",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
"url": "http://www.debian.org/security/2009/dsa-1769",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1769"
},
{
"name": "RHSA-2009:0377",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
},
{
"name": "34782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34782"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
},
{
"name": "ADV-2011-0087",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0087"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
},
{
"name": "oval:org.mitre.oval:def:11340",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340"
"url": "http://www.securityfocus.com/bid/34411",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34411"
},
{
"name": "MDVSA-2009:162",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
"url": "http://www.securityfocus.com/bid/34420",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34420"
},
{
"name": "FEDORA-2009-3425",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
"url": "http://www.ubuntu.com/usn/USN-1043-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1043-1"
},
{
"name": "34411",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34411"
"url": "http://www.vupen.com/english/advisories/2009/0963",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0963"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=492353",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=492353"
"url": "http://www.vupen.com/english/advisories/2009/0964",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0964"
},
{
"name": "34420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34420"
"url": "http://www.vupen.com/english/advisories/2011/0087",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0087"
},
{
"name": "DSA-1769",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1769"
"url": "https://access.redhat.com/errata/RHSA-2009:0377",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0377"
},
{
"name": "ADV-2009-0963",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0963"
"url": "https://access.redhat.com/security/cve/CVE-2009-0793",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0793"
},
{
"name": "FEDORA-2009-3967",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=492353",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=492353"
},
{
"name": "34634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34634"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340"
},
{
"name": "MDVSA-2009:121",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
"url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
},
{
"name": "42870",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42870"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
},
{
"name": "GLSA-200904-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

427
2009/0xxx/CVE-2009-0800.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0800",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
"value": "CVE-2009-0800 PDF JBIG2 multiple input validation flaws"
}
]
},
@ -44,223 +21,363 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "1:2.02-14.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "1:1.1.22-0.rc1.9.27.el4_7.5",
"version_affected": "!"
},
{
"version_value": "1:3.00-20.el4",
"version_affected": "!"
},
{
"version_value": "7:3.3.1-13.el4",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-7.7.2.el4_7.4",
"version_affected": "!"
},
{
"version_value": "0:2.0.2-22.0.1.EL4.16",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "1:1.3.7-8.el5_3.4",
"version_affected": "!"
},
{
"version_value": "7:3.5.4-12.el5_3",
"version_affected": "!"
},
{
"version_value": "0:0.5.4-4.4.el5_3.9",
"version_affected": "!"
},
{
"version_value": "0:3.0-33.8.el5_5.5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-1793",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1793"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "34963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34963"
"url": "http://secunia.com/advisories/35685",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35685"
},
{
"name": "DSA-1790",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1790"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35037"
"url": "http://secunia.com/advisories/35065",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35065"
},
{
"name": "ADV-2009-1077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1077"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
"url": "http://poppler.freedesktop.org/releases.html",
"refsource": "MISC",
"name": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "ADV-2009-1066",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1066"
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
"url": "http://secunia.com/advisories/34291",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34291"
},
{
"name": "SSA:2009-129-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477"
"url": "http://secunia.com/advisories/34481",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34481"
},
{
"name": "RHSA-2009:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
"url": "http://secunia.com/advisories/34746",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34746"
},
{
"name": "ADV-2009-1065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1065"
"url": "http://secunia.com/advisories/34755",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34755"
},
{
"name": "RHSA-2009:0430",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
"url": "http://secunia.com/advisories/34756",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34756"
},
{
"name": "FEDORA-2009-6972",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
"url": "http://secunia.com/advisories/34852",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34852"
},
{
"name": "35618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35618"
"url": "http://secunia.com/advisories/34959",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34959"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=495887",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
"url": "http://secunia.com/advisories/34963",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34963"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
"url": "http://secunia.com/advisories/34991",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34991"
},
{
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
"url": "http://secunia.com/advisories/35037",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35037"
},
{
"name": "http://poppler.freedesktop.org/releases.html",
"refsource": "CONFIRM",
"url": "http://poppler.freedesktop.org/releases.html"
"url": "http://secunia.com/advisories/35064",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35064"
},
{
"name": "34568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34568"
"url": "http://secunia.com/advisories/35618",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35618"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477",
"refsource": "MISC",
"name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477"
},
{
"name": "VU#196617",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/196617"
"url": "http://www.debian.org/security/2009/dsa-1790",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
"url": "http://www.debian.org/security/2009/dsa-1793",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "SUSE-SA:2009:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
"url": "http://www.kb.cert.org/vuls/id/196617",
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "RHSA-2009:0458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "FEDORA-2009-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "34991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34991"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "MDVSA-2009:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "ADV-2009-1076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1076"
"url": "http://www.securityfocus.com/bid/34568",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34568"
},
{
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
"url": "http://www.vupen.com/english/advisories/2009/1065",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "34291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34291"
"url": "http://www.vupen.com/english/advisories/2009/1066",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34755"
"url": "http://www.vupen.com/english/advisories/2009/1076",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34852"
"url": "http://www.vupen.com/english/advisories/2009/1077",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
"url": "http://www.vupen.com/english/advisories/2010/1040",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "FEDORA-2009-6973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
"url": "https://access.redhat.com/errata/RHSA-2009:0429",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0429"
},
{
"name": "34959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34959"
"url": "https://access.redhat.com/errata/RHSA-2009:0430",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0430"
},
{
"name": "oval:org.mitre.oval:def:11323",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
"url": "https://access.redhat.com/errata/RHSA-2009:0431",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0431"
},
{
"name": "34746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34746"
"url": "https://access.redhat.com/errata/RHSA-2009:0458",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0458"
},
{
"name": "RHSA-2009:0429",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
"url": "https://access.redhat.com/errata/RHSA-2009:0480",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0480"
},
{
"name": "1022073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022073"
"url": "https://access.redhat.com/errata/RHSA-2010:0399",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0399"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0400",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0400"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"url": "http://www.securitytracker.com/id?1022073",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1022073"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-0800",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-0800"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

390
2009/1xxx/CVE-2009-1188.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-1188",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document."
"value": "CVE-2009-1188 xpdf/poppler: SplashBitmap integer overflow"
}
]
},
@ -44,223 +21,326 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "1:3.00-22.el4_8.1",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-7.7.2.el4_8.5",
"version_affected": "!"
},
{
"version_value": "7:3.3.1-15.el4_8.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.5.4-4.4.el5_3.9",
"version_affected": "!"
},
{
"version_value": "7:3.5.4-15.el5_4.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "39938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39938"
"url": "http://poppler.freedesktop.org/releases.html",
"refsource": "MISC",
"name": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "oval:org.mitre.oval:def:9957",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957"
"url": "http://secunia.com/advisories/34746",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34746"
},
{
"name": "37028",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37028"
"url": "http://secunia.com/advisories/35064",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35064"
},
{
"name": "FEDORA-2010-1377",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
"url": "http://secunia.com/advisories/35618",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35618"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
"url": "http://www.kb.cert.org/vuls/id/196617",
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "RHSA-2009:1501",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "37079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37079"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
"url": "http://www.securityfocus.com/bid/34568",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/34568"
},
{
"name": "DSA-2028",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2028"
"url": "http://www.vupen.com/english/advisories/2009/1076",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "DSA-2050",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2050"
"url": "http://www.vupen.com/english/advisories/2010/1040",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "FEDORA-2010-1805",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
"url": "https://access.redhat.com/errata/RHSA-2009:0480",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0480"
},
{
"name": "RHSA-2009:1512",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "FEDORA-2009-6972",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "35618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35618"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "37077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37077"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
},
{
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
},
{
"name": "http://poppler.freedesktop.org/releases.html",
"refsource": "CONFIRM",
"url": "http://poppler.freedesktop.org/releases.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
},
{
"name": "RHSA-2009:1503",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
},
{
"name": "34568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34568"
"url": "http://secunia.com/advisories/37028",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37028"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "http://secunia.com/advisories/37037",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37037"
},
{
"name": "VU#196617",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/196617"
"url": "http://secunia.com/advisories/37043",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37043"
},
{
"name": "37037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37037"
"url": "http://secunia.com/advisories/37053",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37053"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
"url": "http://secunia.com/advisories/37077",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37077"
},
{
"name": "ADV-2010-0802",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0802"
"url": "http://secunia.com/advisories/37079",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37079"
},
{
"name": "RHSA-2009:1502",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
"url": "http://secunia.com/advisories/39327",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39327"
},
{
"name": "poppler-jbig2-splashbitmap-code-execution(50185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185"
"url": "http://secunia.com/advisories/39938",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39938"
},
{
"name": "FEDORA-2009-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "FEDORA-2010-1842",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
"url": "http://www.debian.org/security/2010/dsa-2028",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2028"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
"url": "http://www.debian.org/security/2010/dsa-2050",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2050"
},
{
"name": "ADV-2009-2928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2928"
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
"url": "http://www.vupen.com/english/advisories/2009/2928",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"name": "ADV-2010-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1220"
"url": "http://www.vupen.com/english/advisories/2010/0802",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0802"
},
{
"name": "ADV-2009-1076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1076"
"url": "http://www.vupen.com/english/advisories/2010/1220",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1220"
},
{
"name": "37053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37053"
"url": "https://access.redhat.com/errata/RHSA-2009:1501",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1501"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
"url": "https://access.redhat.com/errata/RHSA-2009:1502",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1502"
},
{
"name": "39327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39327"
"url": "https://access.redhat.com/errata/RHSA-2009:1503",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1503"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=495907",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907"
"url": "https://access.redhat.com/errata/RHSA-2009:1512",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1512"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526915",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
"url": "https://access.redhat.com/security/cve/CVE-2009-1188",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-1188"
},
{
"name": "FEDORA-2009-6973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
"url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
},
{
"name": "37043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37043"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=495907"
},
{
"name": "34746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34746"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

398
2009/1xxx/CVE-2009-1385.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-1385",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size."
"value": "CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service"
}
]
},
@ -44,203 +21,338 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.24.7-126.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:2.4.21-63.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.0.3.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.4.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.2 Z Stream",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-92.1.35.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.4.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "35265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35265"
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "MDVSA-2009:135",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "DSA-1865",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1865"
"url": "http://www.vupen.com/english/advisories/2009/3316",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/512019/100/0/threaded"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea30e11970a96cfe5e32c03a29332554573b4a10",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea30e11970a96cfe5e32c03a29332554573b4a10"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0111",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0111"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302"
"url": "http://osvdb.org/54892",
"refsource": "MISC",
"name": "http://osvdb.org/54892"
},
{
"name": "36131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36131"
"url": "http://secunia.com/advisories/35265",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35265"
},
{
"name": "FEDORA-2009-6883",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01048.html"
"url": "http://secunia.com/advisories/35566",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35566"
},
{
"name": "FEDORA-2009-6768",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01094.html"
"url": "http://secunia.com/advisories/35623",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35623"
},
{
"name": "37471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37471"
"url": "http://secunia.com/advisories/35656",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35656"
},
{
"name": "MDVSA-2009:148",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:148"
"url": "http://secunia.com/advisories/35847",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35847"
},
{
"name": "35656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35656"
"url": "http://secunia.com/advisories/36051",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36051"
},
{
"name": "DSA-1844",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1844"
"url": "http://secunia.com/advisories/36131",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36131"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
"url": "http://secunia.com/advisories/36327",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36327"
},
{
"name": "RHSA-2009:1193",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
"url": "http://secunia.com/advisories/37471",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37471"
},
{
"name": "http://www.intel.com/support/network/sb/CS-030543.htm",
"refsource": "CONFIRM",
"url": "http://www.intel.com/support/network/sb/CS-030543.htm"
"url": "http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302",
"refsource": "MISC",
"name": "http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302"
},
{
"name": "35566",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35566"
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0111",
"refsource": "MISC",
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0111"
},
{
"name": "54892",
"refsource": "OSVDB",
"url": "http://osvdb.org/54892"
"url": "http://www.debian.org/security/2009/dsa-1844",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1844"
},
{
"name": "oval:org.mitre.oval:def:11598",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11598"
"url": "http://www.debian.org/security/2009/dsa-1865",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1865"
},
{
"name": "RHSA-2009:1157",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1157.html"
"url": "http://www.intel.com/support/network/sb/CS-030543.htm",
"refsource": "MISC",
"name": "http://www.intel.com/support/network/sb/CS-030543.htm"
},
{
"name": "35185",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35185"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc8",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc8"
},
{
"name": "20090724 rPSA-2009-0111-1 kernel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505254/100/0/threaded"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
},
{
"name": "35623",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35623"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:148",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:148"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
"url": "http://www.openwall.com/lists/oss-security/2009/06/03/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/06/03/2"
},
{
"name": "36051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36051"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1157.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1157.html"
},
{
"name": "36327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36327"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
},
{
"name": "USN-793-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-793-1"
"url": "http://www.securityfocus.com/archive/1/505254/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/505254/100/0/threaded"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=502981",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502981"
"url": "http://www.securityfocus.com/archive/1/512019/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/512019/100/0/threaded"
},
{
"name": "[oss-security] 20090603 CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/06/03/2"
"url": "http://www.securityfocus.com/bid/35185",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/35185"
},
{
"name": "oval:org.mitre.oval:def:11681",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11681"
"url": "http://www.ubuntu.com/usn/usn-793-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-793-1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc8"
"url": "https://access.redhat.com/errata/RHSA-2009:1132",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1132"
},
{
"name": "RHSA-2009:1550",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1550.html"
"url": "https://access.redhat.com/errata/RHSA-2009:1157",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1157"
},
{
"name": "oval:org.mitre.oval:def:8340",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8340"
"url": "https://access.redhat.com/errata/RHSA-2009:1193",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1193"
},
{
"name": "FEDORA-2009-6846",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01193.html"
"url": "https://access.redhat.com/errata/RHSA-2009:1550",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1550"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea30e11970a96cfe5e32c03a29332554573b4a10",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea30e11970a96cfe5e32c03a29332554573b4a10"
"url": "https://access.redhat.com/errata/RHSA-2010:0079",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0079"
},
{
"name": "SUSE-SA:2009:038",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html"
"url": "https://access.redhat.com/security/cve/CVE-2009-1385",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-1385"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502981",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=502981"
},
{
"name": "35847",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35847"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11598",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11598"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11681",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11681"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8340",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8340"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1550.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1550.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01048.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01048.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01094.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01094.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01193.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01193.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

545
2009/2xxx/CVE-2009-2412.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-2412",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information."
"value": "CVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management"
}
]
},
@ -44,268 +21,472 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "JBEWS 1.0 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:2.2.10-24.1.ep5.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Certificate System 7.3",
"version": {
"version_data": [
{
"version_value": "0:1.6.5-1jpp_1rh",
"version_affected": "!"
},
{
"version_value": "0:1.2-2jpp_4rh",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1jpp_3rh",
"version_affected": "!"
},
{
"version_value": "0:1.0-2jpp_6rh",
"version_affected": "!"
},
{
"version_value": "0:1.1.1-2jpp_8rh",
"version_affected": "!"
},
{
"version_value": "0:1.0-0.M4.1jpp_10rh",
"version_affected": "!"
},
{
"version_value": "0:2.0-3jpp_2rh",
"version_affected": "!"
},
{
"version_value": "0:1.2.12-1jpp_1rh",
"version_affected": "!"
},
{
"version_value": "1:3.0.1-1jpp_4rh",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-3.el4",
"version_affected": "!"
},
{
"version_value": "0:7.3.0-20.el4",
"version_affected": "!"
},
{
"version_value": "0:7.3.0-10.el4",
"version_affected": "!"
},
{
"version_value": "0:7.3.0-14.el4",
"version_affected": "!"
},
{
"version_value": "0:7.3.0-19.el4",
"version_affected": "!"
},
{
"version_value": "0:7.3.0-6.el4",
"version_affected": "!"
},
{
"version_value": "0:7.3.0-13.el4",
"version_affected": "!"
},
{
"version_value": "0:5.5.23-0jpp_4rh.16",
"version_affected": "!"
},
{
"version_value": "0:2.7.1-1jpp_1rh",
"version_affected": "!"
},
{
"version_value": "0:1.3.02-2jpp_1rh",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:2.0.46-75.ent",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:0.9.4-24.9.el4_8.2",
"version_affected": "!"
},
{
"version_value": "0:0.9.4-22.el4_8.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.2.7-11.el5_3.1",
"version_affected": "!"
},
{
"version_value": "0:1.2.7-7.el5_3.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2009:050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0602",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0602"
},
{
"name": "36233",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36233"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name": "ADV-2010-1107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1107"
"url": "http://www.vupen.com/english/advisories/2010/1107",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/CHANGES?revision=800736&view=markup",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/CHANGES?revision=800736&view=markup"
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "37152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37152"
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "SUSE-SR:2010:011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "36140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36140"
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "56765",
"refsource": "OSVDB",
"url": "http://osvdb.org/56765"
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "PK99482",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK99482"
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "56766",
"refsource": "OSVDB",
"url": "http://osvdb.org/56766"
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/misc/apr_rmm.c?r1=230441&r2=800736",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/misc/apr_rmm.c?r1=230441&r2=800736"
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "35949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35949"
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "PK93225",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK93225"
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "36166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36166"
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?revision=800735&view=markup",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?revision=800735&view=markup"
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "oval:org.mitre.oval:def:8394",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8394"
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "36138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36138"
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/memory/unix/apr_pools.c?r1=585356&r2=800733",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/memory/unix/apr_pools.c?r1=585356&r2=800733"
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "USN-813-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-813-2"
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "37221",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37221"
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?revision=800733&view=markup",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?revision=800733&view=markup"
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:9958",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9958"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?revision=800732&view=markup",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?revision=800732&view=markup"
"url": "http://osvdb.org/56765",
"refsource": "MISC",
"name": "http://osvdb.org/56765"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/misc/apr_rmm.c?r1=647687&r2=800735",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/misc/apr_rmm.c?r1=647687&r2=800735"
"url": "http://osvdb.org/56766",
"refsource": "MISC",
"name": "http://osvdb.org/56766"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
"url": "http://secunia.com/advisories/36138",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36138"
},
{
"name": "MDVSA-2009:195",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:195"
"url": "http://secunia.com/advisories/36140",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36140"
},
{
"name": "FEDORA-2009-8336",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00320.html"
"url": "http://secunia.com/advisories/36166",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36166"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/memory/unix/apr_pools.c?r1=678140&r2=800732",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/memory/unix/apr_pools.c?r1=678140&r2=800732"
"url": "http://secunia.com/advisories/36233",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36233"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
"url": "http://secunia.com/advisories/37152",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37152"
},
{
"name": "FEDORA-2009-8360",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00353.html"
"url": "http://secunia.com/advisories/37221",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37221"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
"url": "http://support.apple.com/kb/HT3937",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3937"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/CHANGES?revision=800736&view=markup",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/CHANGES?revision=800736&view=markup"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/misc/apr_rmm.c?r1=230441&r2=800736",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/misc/apr_rmm.c?r1=230441&r2=800736"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?revision=800735&view=markup",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?revision=800735&view=markup"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/misc/apr_rmm.c?r1=647687&r2=800735",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/misc/apr_rmm.c?r1=647687&r2=800735"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?revision=800733&view=markup",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?revision=800733&view=markup"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/memory/unix/apr_pools.c?r1=585356&r2=800733",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/memory/unix/apr_pools.c?r1=585356&r2=800733"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?revision=800732&view=markup",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?revision=800732&view=markup"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/memory/unix/apr_pools.c?r1=678140&r2=800732",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/memory/unix/apr_pools.c?r1=678140&r2=800732"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/",
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E"
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK93225",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK93225"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK99482",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK99482"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:195",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:195"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.securityfocus.com/bid/35949",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/35949"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.ubuntu.com/usn/usn-813-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-813-2"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E"
"url": "http://www.vupen.com/english/advisories/2009/3184",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
"url": "https://access.redhat.com/errata/RHSA-2009:1204",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1204"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
"url": "https://access.redhat.com/errata/RHSA-2009:1205",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1205"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
"url": "https://access.redhat.com/errata/RHSA-2009:1462",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1462"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
"url": "https://access.redhat.com/security/cve/CVE-2009-2412",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-2412"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=515698"
},
{
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E"
},
{
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8394",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8394"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9958",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9958"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00320.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00320.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00353.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00353.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

310
2009/3xxx/CVE-2009-3080.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3080",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request."
"value": "CVE-2009-3080 kernel: gdth: Prevent negative offsets in ioctl"
}
]
},
@ -44,148 +21,261 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.24.7-146.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3 Extended Lifecycle Support",
"version": {
"version_data": [
{
"version_value": "0:2.4.21-66.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.0.20.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.11.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "38276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38276"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0"
},
{
"name": "MDVSA-2010:030",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:030"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
},
{
"name": "SUSE-SA:2009:061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
},
{
"name": "USN-864-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-864-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
},
{
"name": "SUSE-SA:2010:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html"
},
{
"name": "37435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37435"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
},
{
"name": "http://support.avaya.com/css/P8/documents/100073666",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100073666"
"url": "http://secunia.com/advisories/37435",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37435"
},
{
"name": "37720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37720"
"url": "http://secunia.com/advisories/37720",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37720"
},
{
"name": "37909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37909"
"url": "http://secunia.com/advisories/37909",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37909"
},
{
"name": "RHSA-2010:0882",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
"url": "http://secunia.com/advisories/38017",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38017"
},
{
"name": "MDVSA-2011:051",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
"url": "http://secunia.com/advisories/38276",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38276"
},
{
"name": "SUSE-SA:2009:064",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
"url": "http://support.avaya.com/css/P8/documents/100073666",
"refsource": "MISC",
"name": "http://support.avaya.com/css/P8/documents/100073666"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc8"
"url": "http://www.debian.org/security/2010/dsa-2005",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "oval:org.mitre.oval:def:7101",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7101"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc8",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc8"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:030",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:030"
},
{
"name": "SUSE-SA:2010:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
},
{
"name": "37068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37068"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0041.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
},
{
"name": "SUSE-SA:2010:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html"
"url": "http://www.securityfocus.com/bid/37068",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/37068"
},
{
"name": "RHSA-2010:0046",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0046.html"
"url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-864-1"
},
{
"name": "oval:org.mitre.oval:def:12862",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12862"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=690e744869f3262855b83b4fb59199cf142765b0",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=690e744869f3262855b83b4fb59199cf142765b0"
"url": "https://access.redhat.com/errata/RHSA-2010:0041",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0041"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
"url": "https://access.redhat.com/errata/RHSA-2010:0046",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0046"
},
{
"name": "FEDORA-2009-13098",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0076",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0076"
},
{
"name": "oval:org.mitre.oval:def:10989",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10989"
"url": "https://access.redhat.com/errata/RHSA-2010:0882",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0882"
},
{
"name": "RHSA-2010:0041",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
"url": "https://access.redhat.com/security/cve/CVE-2009-3080",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3080"
},
{
"name": "38017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38017"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=539414",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=539414"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10989",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10989"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12862",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12862"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7101",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7101"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0046.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0046.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

305
2009/3xxx/CVE-2009-3603.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3603",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188."
"value": "CVE-2009-3603 xpdf/poppler: SplashBitmap::SplashBitmap integer overflow"
}
]
},
@ -44,188 +21,248 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.5.4-4.4.el5_4.11",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "39938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39938"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "RHSA-2009:1504",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch",
"refsource": "CONFIRM",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
"url": "http://www.vupen.com/english/advisories/2010/1040",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "MDVSA-2009:287",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
},
{
"name": "FEDORA-2010-1377",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
},
{
"name": "FEDORA-2009-10823",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
},
{
"name": "http://poppler.freedesktop.org/",
"refsource": "CONFIRM",
"url": "http://poppler.freedesktop.org/"
"url": "http://secunia.com/advisories/37053",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37053"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
"url": "http://secunia.com/advisories/39327",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39327"
},
{
"name": "DSA-2028",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2028"
"url": "http://secunia.com/advisories/39938",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39938"
},
{
"name": "DSA-2050",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2050"
"url": "http://www.debian.org/security/2010/dsa-2028",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2028"
},
{
"name": "37159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37159"
"url": "http://www.debian.org/security/2010/dsa-2050",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2050"
},
{
"name": "37054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37054"
"url": "http://www.vupen.com/english/advisories/2010/0802",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0802"
},
{
"name": "FEDORA-2010-1805",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
"url": "http://www.vupen.com/english/advisories/2010/1220",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1220"
},
{
"name": "1021706",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch",
"refsource": "MISC",
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
},
{
"name": "FEDORA-2009-10845",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "37114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37114"
"url": "http://poppler.freedesktop.org/",
"refsource": "MISC",
"name": "http://poppler.freedesktop.org/"
},
{
"name": "1023029",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023029"
"url": "http://secunia.com/advisories/37034",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37034"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "http://secunia.com/advisories/37054",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37054"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
"url": "http://secunia.com/advisories/37114",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37114"
},
{
"name": "USN-850-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-3"
"url": "http://secunia.com/advisories/37159",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37159"
},
{
"name": "ADV-2010-0802",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0802"
"url": "http://securitytracker.com/id?1023029",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1023029"
},
{
"name": "FEDORA-2010-1842",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
},
{
"name": "xpdf-splashbitmap-bo(53793)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
},
{
"name": "37034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37034"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
},
{
"name": "ADV-2009-2924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2924"
"url": "http://www.securityfocus.com/bid/36703",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36703"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
"url": "http://www.ubuntu.com/usn/USN-850-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-1"
},
{
"name": "274030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
"url": "http://www.ubuntu.com/usn/USN-850-3",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-3"
},
{
"name": "ADV-2010-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1220"
"url": "http://www.vupen.com/english/advisories/2009/2924",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2924"
},
{
"name": "USN-850-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-1"
"url": "http://www.vupen.com/english/advisories/2009/2925",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2925"
},
{
"name": "37053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37053"
"url": "https://access.redhat.com/errata/RHSA-2009:1504",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1504"
},
{
"name": "39327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39327"
"url": "https://access.redhat.com/security/cve/CVE-2009-3603",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3603"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526915",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
},
{
"name": "oval:org.mitre.oval:def:9671",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793"
},
{
"name": "36703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36703"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"
},
{
"name": "ADV-2009-2925",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2925"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

180
2009/3xxx/CVE-2009-3605.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3605",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791."
"value": "CVE-2009-0791 xpdf: multiple integer overflows"
}
]
},
@ -44,88 +21,143 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz",
"refsource": "CONFIRM",
"url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8"
"url": "http://secunia.com/advisories/37114",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37114"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
},
{
"name": "1021706",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
},
{
"name": "37114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37114"
"url": "http://www.ubuntu.com/usn/USN-850-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-1"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5"
},
{
"name": "oval:org.mitre.oval:def:7731",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"
},
{
"name": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz",
"refsource": "CONFIRM",
"url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz"
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8"
},
{
"name": "274030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
},
{
"name": "USN-850-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-1"
"url": "https://access.redhat.com/security/cve/CVE-2009-3605",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3605"
},
{
"name": "https://bugs.launchpad.net/bugs/cve/2009-3605",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/bugs/cve/2009-3605"
"url": "https://bugs.launchpad.net/bugs/cve/2009-3605",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/bugs/cve/2009-3605"
},
{
"name": "MDVSA-2009:334",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=491840",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
"url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz",
"refsource": "MISC",
"name": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5"
"url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz",
"refsource": "MISC",
"name": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

203
2009/4xxx/CVE-2009-4273.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4273",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request."
"value": "CVE-2009-4273 systemtap: remote code execution via stap-server"
}
]
},
@ -44,103 +21,163 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.9.7-5.el5_4.3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2010-1373",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38154"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0671",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"name": "FEDORA-2010-0688",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz",
"refsource": "CONFIRM",
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "39656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39656"
"url": "http://secunia.com/advisories/38154",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38154"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=550172",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
"url": "http://secunia.com/advisories/38216",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38216"
},
{
"name": "38216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38216"
"url": "http://secunia.com/advisories/38765",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38765"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"refsource": "MLIST",
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
"url": "http://secunia.com/advisories/39656",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39656"
},
{
"name": "ADV-2010-0169",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0169"
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105",
"refsource": "MISC",
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "SUSE-SR:2010:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html",
"refsource": "MISC",
"name": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"refsource": "MLIST",
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz",
"refsource": "MISC",
"name": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105",
"refsource": "CONFIRM",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "RHSA-2010:0124",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
"url": "http://www.vupen.com/english/advisories/2010/0169",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "38765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38765"
"url": "http://www.vupen.com/english/advisories/2010/1001",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"name": "FEDORA-2010-1720",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0124",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0124"
},
{
"name": "ADV-2010-1001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1001"
"url": "https://access.redhat.com/security/cve/CVE-2009-4273",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4273"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

190
2009/4xxx/CVE-2009-4274.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4274",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
"value": "CVE-2009-4274 netpbm: Stack-based buffer overflow by processing X PixMap image header fields"
}
]
},
@ -44,83 +21,154 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:10.35.58-8.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:10.35.58-8.el5_7.3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2011:1811",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076",
"refsource": "CONFIRM",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076"
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076",
"refsource": "MISC",
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076"
},
{
"name": "ADV-2010-0358",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0358"
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup",
"refsource": "MISC",
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"name": "38530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38530"
"url": "http://secunia.com/advisories/38530",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38530"
},
{
"name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
"url": "http://secunia.com/advisories/38915",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-0780",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0780"
"url": "http://www.debian.org/security/2010/dsa-2026",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2026"
},
{
"name": "netpbm-xpm-bo(56207)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=546580",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
"url": "http://www.openwall.com/lists/oss-security/2010/02/09/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
},
{
"name": "SUSE-SR:2010:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
"url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
},
{
"name": "DSA-2026",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2026"
"url": "http://www.securityfocus.com/bid/38164",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/38164"
},
{
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup",
"refsource": "CONFIRM",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
"url": "http://www.vupen.com/english/advisories/2010/0358",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0358"
},
{
"name": "38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38915"
"url": "http://www.vupen.com/english/advisories/2010/0780",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0780"
},
{
"name": "38164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38164"
"url": "https://access.redhat.com/errata/RHSA-2011:1811",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1811"
},
{
"name": "MDVSA-2010:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
"url": "https://access.redhat.com/security/cve/CVE-2009-4274",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4274"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

247
2010/0xxx/CVE-2010-0008.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0008",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length."
"value": "CVE-2010-0008 kernel: sctp remote denial of service"
}
]
},
@ -44,73 +21,213 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.0.23.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4.7 Z Stream",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-78.0.30.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.15.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.2 Z Stream",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-92.1.38.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.14.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Virtualization for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:5.4-2.1.10.el5_4rhev2_1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "39295",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39295"
"url": "http://secunia.com/advisories/43315",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43315"
},
{
"name": "RHSA-2010:0146",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0146.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0147.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0147.html"
},
{
"name": "RHSA-2010:0147",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0147.html"
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "[oss-security] 20100317 CVE-2010-0008 kernel: sctp remote denial of service",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/17/2"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8"
"url": "https://access.redhat.com/errata/RHSA-2010:0146",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0146"
},
{
"name": "43315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43315"
"url": "https://access.redhat.com/errata/RHSA-2010:0147",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0147"
},
{
"name": "oval:org.mitre.oval:def:11160",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11160"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0146.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0146.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"url": "http://secunia.com/advisories/39295",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39295"
},
{
"name": "RHSA-2010:0342",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0342.html"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
"url": "http://www.openwall.com/lists/oss-security/2010/03/17/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/03/17/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=555658",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555658"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0342.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0342.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0148",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0148"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0149",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0149"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0172",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0172"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0342",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0342"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-0008",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-0008"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555658",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=555658"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11160",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11160"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

183
2010/0xxx/CVE-2010-0741.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0741",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO)."
"value": "CVE-2010-0741 qemu: Improper handling of erroneous data provided by Linux virtio-net driver"
}
]
},
@ -44,73 +21,149 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:83-164.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Virtualization for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:5.5-2.2.4.2.el5rhev",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1023798",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023798"
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=184bd0484533b725194fa517ddc271ffd74da7c9",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=184bd0484533b725194fa517ddc271ffd74da7c9"
},
{
"name": "RHSA-2010:0476",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0476.html"
"url": "http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02480.html",
"refsource": "MISC",
"name": "http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02480.html"
},
{
"name": "https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521",
"refsource": "CONFIRM",
"url": "https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521"
"url": "http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02495.html",
"refsource": "MISC",
"name": "http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02495.html"
},
{
"name": "ADV-2010-0760",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0760"
"url": "http://openwall.com/lists/oss-security/2010/03/29/4",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2010/03/29/4"
},
{
"name": "[qemu-devel] 20091029 Re: qemu-kvm-0.11 regression, crashes on older guests with virtio network",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02480.html"
"url": "http://securitytracker.com/id?1023798",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1023798"
},
{
"name": "oval:org.mitre.oval:def:11143",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11143"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0271.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0271.html"
},
{
"name": "https://patchwork.kernel.org/patch/56479/",
"refsource": "CONFIRM",
"url": "https://patchwork.kernel.org/patch/56479/"
"url": "http://www.vupen.com/english/advisories/2010/0760",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0760"
},
{
"name": "[qemu-devel] 20091029 [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...]",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02495.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0271",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0271"
},
{
"name": "RHSA-2010:0271",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0271.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0476",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0476"
},
{
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=184bd0484533b725194fa517ddc271ffd74da7c9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=184bd0484533b725194fa517ddc271ffd74da7c9"
"url": "https://access.redhat.com/security/cve/CVE-2010-0741",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-0741"
},
{
"name": "[oss-security] 20100329 CVE-2010-0741 qemu: Improper handling of erroneous data provided by Linux virtio-net driver",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/03/29/4"
"url": "https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521",
"refsource": "MISC",
"name": "https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=577218",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=577218"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=577218",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=577218"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11143",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11143"
},
{
"url": "https://patchwork.kernel.org/patch/56479/",
"refsource": "MISC",
"name": "https://patchwork.kernel.org/patch/56479/"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0476.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0476.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

18
2023/0xxx/CVE-2023-0651.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0651",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}