admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:41:49 +00:00
parent afbf574f7d
commit afbbef2ab4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 4138 additions and 4138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
2006/0xxx/CVE-2006-0205.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0205",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0205",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to (1) execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php (involving v_login.php and s_user.php) and (2) have other unknown impact via certain other fields in unspecified scripts."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to (1) execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php (involving v_login.php and s_user.php) and (2) have other unknown impact via certain other fields in unspecified scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060112 [eVuln] Wordcircle Authentication Bypass",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421745/100/0/threaded"
"name": "ADV-2006-0185",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0185"
},
{
"name" : "http://evuln.com/vulns/27/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/27/summary.html"
"name": "346",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/346"
},
{
"name" : "20060112 [eVuln] Wordcircle Multiple SQL Injection & XSS Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421746/100/0/threaded"
"name": "http://evuln.com/vulns/27/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/27/summary.html"
},
{
"name" : "http://evuln.com/vulns/28/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/28/summary.html"
"name": "345",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/345"
},
{
"name" : "16227",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16227"
"name": "20060112 [eVuln] Wordcircle Authentication Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421745/100/0/threaded"
},
{
"name" : "ADV-2006-0185",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0185"
"name": "18440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18440"
},
{
"name" : "22358",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22358"
"name": "16227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16227"
},
{
"name" : "18440",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18440"
"name": "22358",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22358"
},
{
"name" : "345",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/345"
"name": "http://evuln.com/vulns/28/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/28/summary.html"
},
{
"name" : "346",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/346"
"name": "20060112 [eVuln] Wordcircle Multiple SQL Injection & XSS Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421746/100/0/threaded"
},
{
"name" : "wordcircle-login-security-bypass(24108)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24108"
"name": "wordcircle-sql-injection(24105)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24105"
},
{
"name" : "wordcircle-sql-injection(24105)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24105"
"name": "wordcircle-login-security-bypass(24108)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24108"
}
]
}

74
2006/0xxx/CVE-2006-0216.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0216",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0216",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to obtain sensitive information, possibly the installation path of the application, via unspecified \"meta characters\" to the cpage parameter."
"lang": "eng",
"value": "admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to obtain sensitive information, possibly the installation path of the application, via unspecified \"meta characters\" to the cpage parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://osvdb.org/ref/22/22352-qualityppc.txt",
"refsource" : "MISC",
"url" : "http://osvdb.org/ref/22/22352-qualityppc.txt"
"name": "22353",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22353"
},
{
"name" : "http://osvdb.org/ref/22/22353-qualityppc.txt",
"refsource" : "MISC",
"url" : "http://osvdb.org/ref/22/22353-qualityppc.txt"
"name": "http://osvdb.org/ref/22/22352-qualityppc.txt",
"refsource": "MISC",
"url": "http://osvdb.org/ref/22/22352-qualityppc.txt"
},
{
"name" : "22353",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22353"
"name": "http://osvdb.org/ref/22/22353-qualityppc.txt",
"refsource": "MISC",
"url": "http://osvdb.org/ref/22/22353-qualityppc.txt"
}
]
}

110
2006/0xxx/CVE-2006-0688.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0688",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0688",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter."
"lang": "eng",
"value": "PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060209 [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/424549/100/0/threaded"
"name": "16565",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16565"
},
{
"name" : "http://echo.or.id/adv/adv27-K-159-2006.txt",
"refsource" : "MISC",
"url" : "http://echo.or.id/adv/adv27-K-159-2006.txt"
"name": "22989",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22989"
},
{
"name" : "http://echo.or.id/adv/adv26-K-159-2006.txt",
"refsource" : "MISC",
"url" : "http://echo.or.id/adv/adv26-K-159-2006.txt"
"name": "18752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18752"
},
{
"name" : "16565",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16565"
"name": "http://echo.or.id/adv/adv26-K-159-2006.txt",
"refsource": "MISC",
"url": "http://echo.or.id/adv/adv26-K-159-2006.txt"
},
{
"name" : "ADV-2006-0494",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0494"
"name": "indexu-application-file-include(24603)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24603"
},
{
"name" : "22989",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22989"
"name": "1015607",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015607"
},
{
"name" : "1015607",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015607"
"name": "ADV-2006-0494",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0494"
},
{
"name" : "18752",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18752"
"name": "http://echo.or.id/adv/adv27-K-159-2006.txt",
"refsource": "MISC",
"url": "http://echo.or.id/adv/adv27-K-159-2006.txt"
},
{
"name" : "indexu-application-file-include(24603)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24603"
"name": "20060209 [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424549/100/0/threaded"
}
]
}

98
2006/0xxx/CVE-2006-0801.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0801",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0801",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is off, allows remote attackers to execute arbitrary SQL commands via the language parameter to admin.php."
"lang": "eng",
"value": "SQL injection vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is off, allows remote attackers to execute arbitrary SQL commands via the language parameter to admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060219 Multiple vulnerabilities in PostNuke <= 0.761",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0469.html"
"name": "ADV-2006-0673",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0673"
},
{
"name" : "http://news.postnuke.com/index.php?name=News&file=article&sid=2754",
"refsource" : "CONFIRM",
"url" : "http://news.postnuke.com/index.php?name=News&file=article&sid=2754"
"name": "16752",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16752"
},
{
"name" : "16752",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16752"
"name": "http://news.postnuke.com/index.php?name=News&file=article&sid=2754",
"refsource": "CONFIRM",
"url": "http://news.postnuke.com/index.php?name=News&file=article&sid=2754"
},
{
"name" : "ADV-2006-0673",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0673"
"name": "postnuke-nslanguages-sql-injection(24827)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24827"
},
{
"name" : "18937",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18937"
"name": "20060219 Multiple vulnerabilities in PostNuke <= 0.761",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0469.html"
},
{
"name" : "454",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/454"
"name": "18937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18937"
},
{
"name" : "postnuke-nslanguages-sql-injection(24827)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24827"
"name": "454",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/454"
}
]
}

128
2006/1xxx/CVE-2006-1059.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1059",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-1059",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain."
"lang": "eng",
"value": "The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060330 [SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/429370/100/0/threaded"
"name": "19468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19468"
},
{
"name" : "http://us1.samba.org/samba/security/CAN-2006-1059.html",
"refsource" : "CONFIRM",
"url" : "http://us1.samba.org/samba/security/CAN-2006-1059.html"
"name": "FEDORA-2006-259",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html"
},
{
"name" : "FEDORA-2006-259",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html"
"name": "24263",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24263"
},
{
"name" : "2006-0018",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2006/0018"
"name": "17314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17314"
},
{
"name" : "17314",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17314"
"name": "2006-0018",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0018"
},
{
"name" : "ADV-2006-1179",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1179"
"name": "19455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19455"
},
{
"name" : "24263",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24263"
"name": "19539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19539"
},
{
"name" : "1015850",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015850"
"name": "ADV-2006-1179",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1179"
},
{
"name" : "19455",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19455"
"name": "1015850",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015850"
},
{
"name" : "19468",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19468"
"name": "http://us1.samba.org/samba/security/CAN-2006-1059.html",
"refsource": "CONFIRM",
"url": "http://us1.samba.org/samba/security/CAN-2006-1059.html"
},
{
"name" : "19539",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19539"
"name": "20060330 [SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429370/100/0/threaded"
},
{
"name" : "samba-logfile-account-cleartext(25575)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25575"
"name": "samba-logfile-account-cleartext(25575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25575"
}
]
}

110
2006/1xxx/CVE-2006-1137.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1137",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1137",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) \"navigate through the directory\" or (2) a \"file sent to expose TCP/IP ports\"."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) \"navigate through the directory\" or (2) a \"file sent to expose TCP/IP ports\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf"
"name": "23726",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23726"
},
{
"name" : "17014",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17014"
"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf"
},
{
"name" : "ADV-2006-0857",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0857"
"name": "ADV-2006-0857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0857"
},
{
"name" : "23725",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23725"
"name": "19146",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19146"
},
{
"name" : "23726",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23726"
"name": "17014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17014"
},
{
"name" : "1015738",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015738"
"name": "xerox-postscript-tcpip-dos(25174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25174"
},
{
"name" : "19146",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19146"
"name": "23725",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23725"
},
{
"name" : "xerox-postscript-navigate-dos(25173)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25173"
"name": "1015738",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015738"
},
{
"name" : "xerox-postscript-tcpip-dos(25174)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25174"
"name": "xerox-postscript-navigate-dos(25173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25173"
}
]
}

92
2006/1xxx/CVE-2006-1968.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1968",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1968",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in KCScripts News Publisher, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sort_order parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in KCScripts News Publisher, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sort_order parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2006/04/portal-pack-6-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/04/portal-pack-6-xss-vuln.html"
"name": "portalpack-multiple-xss(25940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25940"
},
{
"name" : "17628",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17628"
"name": "ADV-2006-1440",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1440"
},
{
"name" : "ADV-2006-1440",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1440"
"name": "19695",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19695"
},
{
"name" : "24762",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24762"
"name": "17628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17628"
},
{
"name" : "19695",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19695"
"name": "24762",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24762"
},
{
"name" : "portalpack-multiple-xss(25940)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25940"
"name": "http://pridels0.blogspot.com/2006/04/portal-pack-6-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/04/portal-pack-6-xss-vuln.html"
}
]
}

116
2006/5xxx/CVE-2006-5291.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5291",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5291",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition, so this issue is probably a duplicate of CVE-2006-4656."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition, so this issue is probably a duplicate of CVE-2006-4656."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061012 Download-Engine Remote File Include",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448450/100/0/threaded"
"name": "1723",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1723"
},
{
"name" : "2521",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2521"
"name": "2521",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2521"
},
{
"name" : "http://spaw.cvs.sourceforge.net/spaw/spaw/docs/ChangeLog.txt?view=markup",
"refsource" : "CONFIRM",
"url" : "http://spaw.cvs.sourceforge.net/spaw/spaw/docs/ChangeLog.txt?view=markup"
"name": "downloadengine-spaw-file-include(29493)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29493"
},
{
"name" : "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.19&r2=1.20",
"refsource" : "MISC",
"url" : "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.19&r2=1.20"
"name": "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.19&r2=1.20",
"refsource": "MISC",
"url": "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.19&r2=1.20"
},
{
"name" : "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.25&r2=1.26",
"refsource" : "MISC",
"url" : "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.25&r2=1.26"
"name": "20500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20500"
},
{
"name" : "20500",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20500"
"name": "ADV-2006-4025",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4025"
},
{
"name" : "ADV-2006-4025",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4025"
"name": "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.25&r2=1.26",
"refsource": "MISC",
"url": "http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.25&r2=1.26"
},
{
"name" : "22383",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22383"
"name": "22383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22383"
},
{
"name" : "1723",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1723"
"name": "http://spaw.cvs.sourceforge.net/spaw/spaw/docs/ChangeLog.txt?view=markup",
"refsource": "CONFIRM",
"url": "http://spaw.cvs.sourceforge.net/spaw/spaw/docs/ChangeLog.txt?view=markup"
},
{
"name" : "downloadengine-spaw-file-include(29493)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29493"
"name": "20061012 Download-Engine Remote File Include",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448450/100/0/threaded"
}
]
}

68
2006/5xxx/CVE-2006-5529.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in smumdadotcom_ascyb_alumni/mod.php in SchoolAlumni Portal 2.26 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the katalog module. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in smumdadotcom_ascyb_alumni/mod.php in SchoolAlumni Portal 2.26 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the katalog module. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20673",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20673"
"name": "1017105",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017105"
},
{
"name" : "1017105",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017105"
"name": "20673",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20673"
}
]
}

194
2006/5xxx/CVE-2006-5757.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5757",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5757",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures."
"lang": "eng",
"value": "Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070615 rPSA-2007-0124-1 kernel xen",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/471457"
"name": "24098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24098"
},
{
"name" : "http://projects.info-pull.com/mokb/MOKB-05-11-2006.html",
"refsource" : "MISC",
"url" : "http://projects.info-pull.com/mokb/MOKB-05-11-2006.html"
"name": "SUSE-SA:2006:079",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm"
"name": "20920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20920"
},
{
"name" : "DSA-1304",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1304"
"name": "kernel-iso9660-dos(30029)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30029"
},
{
"name" : "MDKSA-2007:002",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:002"
"name": "ADV-2006-4359",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4359"
},
{
"name" : "MDKSA-2007:012",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:012"
"name": "RHSA-2007:0014",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0014.html"
},
{
"name" : "RHSA-2007:0014",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0014.html"
"name": "MDKSA-2007:012",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:012"
},
{
"name" : "SUSE-SA:2006:079",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
"name": "23593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23593"
},
{
"name" : "USN-416-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-416-1"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm"
},
{
"name" : "20920",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20920"
"name": "USN-416-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-416-1"
},
{
"name" : "oval:org.mitre.oval:def:10111",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10111"
"name": "oval:org.mitre.oval:def:10111",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10111"
},
{
"name" : "ADV-2006-4359",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4359"
"name": "23752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23752"
},
{
"name" : "22702",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22702"
"name": "24206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24206"
},
{
"name" : "22746",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22746"
"name": "23474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23474"
},
{
"name" : "23593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23593"
"name": "22746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22746"
},
{
"name" : "23752",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23752"
"name": "23997",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23997"
},
{
"name" : "23997",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23997"
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name" : "24098",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24098"
"name": "MDKSA-2007:002",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:002"
},
{
"name" : "24206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24206"
"name": "DSA-1304",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1304"
},
{
"name" : "25714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25714"
"name": "25714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25714"
},
{
"name" : "25691",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25691"
"name": "25691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25691"
},
{
"name" : "23474",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23474"
"name": "22702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22702"
},
{
"name" : "kernel-iso9660-dos(30029)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30029"
"name": "http://projects.info-pull.com/mokb/MOKB-05-11-2006.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/mokb/MOKB-05-11-2006.html"
}
]
}

146
2006/5xxx/CVE-2006-5855.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5855",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5855",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message."
"lang": "eng",
"value": "Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453544/100/0/threaded"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21250261",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21250261"
},
{
"name" : "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html",
"refsource" : "MISC",
"url" : "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html"
"name": "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html",
"refsource": "MISC",
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-14.html"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21250261",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21250261"
"name": "tivoli-registration-message-bo(30702)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30702"
},
{
"name" : "IC50347",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347"
"name": "IC50347",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347"
},
{
"name" : "VU#350625",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/350625"
"name": "VU#350625",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/350625"
},
{
"name" : "VU#478753",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/478753"
"name": "1979",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1979"
},
{
"name" : "VU#887249",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/887249"
"name": "ADV-2006-4856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4856"
},
{
"name" : "21440",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21440"
"name": "21440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21440"
},
{
"name" : "ADV-2006-4856",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4856"
"name": "VU#887249",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/887249"
},
{
"name" : "1017333",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017333"
"name": "1017333",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017333"
},
{
"name" : "23177",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23177"
"name": "20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453544/100/0/threaded"
},
{
"name" : "1979",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1979"
"name": "tivoli-login-language-bo(30699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30699"
},
{
"name" : "tivoli-login-language-bo(30699)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30699"
"name": "23177",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23177"
},
{
"name" : "tivoli-registration-message-bo(30702)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30702"
"name": "tivoli-smexecutewdsfsession-bo(30701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30701"
},
{
"name" : "tivoli-smexecutewdsfsession-bo(30701)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30701"
"name": "VU#478753",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/478753"
}
]
}

74
2007/2xxx/CVE-2007-2310.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2310",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2310",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php in BloofoxCMS 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the img_url parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php in BloofoxCMS 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the img_url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070414 bloofoxCMS 0.2.2 Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465719/100/0/threaded"
"name": "2640",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2640"
},
{
"name" : "23487",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23487"
"name": "23487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23487"
},
{
"name" : "2640",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2640"
"name": "20070414 bloofoxCMS 0.2.2 Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465719/100/0/threaded"
}
]
}

104
2007/2xxx/CVE-2007-2389.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2389",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2389",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets."
"lang": "eng",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "APPLE-SA-2007-05-29",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
"name": "APPLE-SA-2007-05-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name" : "VU#434748",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/434748"
"name": "VU#434748",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/434748"
},
{
"name" : "24222",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24222"
"name": "ADV-2007-1974",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name" : "ADV-2007-1974",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1974"
"name": "1018136",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name" : "35575",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/35575"
"name": "quicktime-applet-information-disclosure(34571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
},
{
"name" : "1018136",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018136"
"name": "25130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25130"
},
{
"name" : "25130",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25130"
"name": "35575",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35575"
},
{
"name" : "quicktime-applet-information-disclosure(34571)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
"name": "24222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24222"
}
]
}

92
2007/2xxx/CVE-2007-2463.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2463",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2463",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry."
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
"name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
},
{
"name" : "23768",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23768"
"name": "35332",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35332"
},
{
"name" : "ADV-2007-1636",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1636"
"name": "ADV-2007-1636",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1636"
},
{
"name" : "35332",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/35332"
"name": "cisco-asa-vpn-dos(34021)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
},
{
"name" : "25109",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25109"
"name": "23768",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23768"
},
{
"name" : "cisco-asa-vpn-dos(34021)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
"name": "25109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25109"
}
]
}

80
2010/0xxx/CVE-2010-0364.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0364",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0364",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field."
"lang": "eng",
"value": "Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "11174",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11174"
"name": "vlcmediaplayer-asas-bo(55717)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55717"
},
{
"name" : "37832",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37832"
"name": "37832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37832"
},
{
"name" : "oval:org.mitre.oval:def:14342",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342"
"name": "oval:org.mitre.oval:def:14342",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342"
},
{
"name" : "vlcmediaplayer-asas-bo(55717)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55717"
"name": "11174",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11174"
}
]
}

110
2010/0xxx/CVE-2010-0890.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0890",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0890",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel."
"lang": "eng",
"value": "Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
"name": "TA10-103B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
},
{
"name" : "242386",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242386-1"
"name": "osps-solaris-unspecified-var3(57758)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57758"
},
{
"name" : "1019619",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019619.1-1"
"name": "1019619",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019619.1-1"
},
{
"name" : "TA10-103B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
"name": "39459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39459"
},
{
"name" : "39459",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39459"
"name": "39435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39435"
},
{
"name" : "oval:org.mitre.oval:def:7594",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7594"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
},
{
"name" : "1023874",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023874"
"name": "1023874",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023874"
},
{
"name" : "39435",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39435"
"name": "242386",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242386-1"
},
{
"name" : "osps-solaris-unspecified-var3(57758)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57758"
"name": "oval:org.mitre.oval:def:7594",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7594"
}
]
}

62
2010/0xxx/CVE-2010-0914.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0914",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0914",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail, Calendar, Address Book, and Instant Messaging."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail, Calendar, Address Book, and Instant Messaging."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}
]
}

266
2010/0xxx/CVE-2010-0926.json
View File

@ -1,231 +1,231 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0926",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0926",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options."
"lang": "eng",
"value": "The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100204 Re: Samba Remote Zero-Day Exploit",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0107.html"
"name": "[samba-technical] 20100207 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126555346721629&w=2"
},
{
"name" : "20100204 Re: Samba Remote Zero-Day Exploit",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0108.html"
"name": "39317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39317"
},
{
"name" : "20100204 Samba Remote Zero-Day Exploit",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0083.html"
"name": "[oss-security] 20100206 Re: Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/06/3"
},
{
"name" : "20100205 Re: Samba Remote Zero-Day Exploit",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=126538598820903&w=2"
"name": "[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126549111204428&w=2"
},
{
"name" : "[oss-security] 20100205 Re: Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126540402215620&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540376915283&w=2"
},
{
"name" : "[oss-security] 20100205 Re: Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126540733320471&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540539117328&w=2"
},
{
"name" : "[oss-security] 20100205 Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126539592603079&w=2"
"name": "[oss-security] 20100305 Re: Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/05/3"
},
{
"name" : "[oss-security] 20100206 Re: Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/02/06/3"
"name": "http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html",
"refsource": "MISC",
"url": "http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html"
},
{
"name" : "[oss-security] 20100206 Re: Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126545363428745&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540477016522&w=2"
},
{
"name" : "[oss-security] 20100305 Re: Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/03/05/3"
"name": "20100204 Re: Samba Remote Zero-Day Exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0107.html"
},
{
"name" : "[oss-security] 20100305 Re: Samba symlink 0day flaw",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126777580624790&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540248613395&w=2"
},
{
"name" : "[samba-technical] 20100205 Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126539387432412&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540290614053&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540100511357&w=2"
"name": "20100205 Re: Samba Remote Zero-Day Exploit",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=126538598820903&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540277713815&w=2"
"name": "[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126548356728379&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540290614053&w=2"
"name": "[oss-security] 20100206 Re: Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126545363428745&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540248613395&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540475116511&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540376915283&w=2"
"name": "[samba-technical] 20100205 Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126539387432412&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540475116511&w=2"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540695819735&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540477016522&w=2"
"name": "http://gitweb.samba.org/?p=samba.git;a=commit;h=bd269443e311d96ef495a9db47d1b95eb83bb8f4",
"refsource": "CONFIRM",
"url": "http://gitweb.samba.org/?p=samba.git;a=commit;h=bd269443e311d96ef495a9db47d1b95eb83bb8f4"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540539117328&w=2"
"name": "[oss-security] 20100305 Re: Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126777580624790&w=2"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540608318301&w=2"
"name": "20100204 Samba Remote Zero-Day Exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0083.html"
},
{
"name" : "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540695819735&w=2"
"name": "SUSE-SR:2010:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name" : "[samba-technical] 20100205 re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126540011609753&w=2"
"name": "http://www.samba.org/samba/news/symlink_attack.html",
"refsource": "CONFIRM",
"url": "http://www.samba.org/samba/news/symlink_attack.html"
},
{
"name" : "[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126547903723628&w=2"
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name" : "[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126548356728379&w=2"
"name": "[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126547903723628&w=2"
},
{
"name" : "[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126549111204428&w=2"
"name": "[samba-technical] 20100205 re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540011609753&w=2"
},
{
"name" : "[samba-technical] 20100207 Re: Claimed Zero Day exploit in Samba.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=samba-technical&m=126555346721629&w=2"
"name": "https://bugzilla.samba.org/show_bug.cgi?id=7104",
"refsource": "CONFIRM",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=7104"
},
{
"name" : "http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html",
"refsource" : "MISC",
"url" : "http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html"
"name": "[oss-security] 20100205 Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126539592603079&w=2"
},
{
"name" : "http://gitweb.samba.org/?p=samba.git;a=commit;h=bd269443e311d96ef495a9db47d1b95eb83bb8f4",
"refsource" : "CONFIRM",
"url" : "http://gitweb.samba.org/?p=samba.git;a=commit;h=bd269443e311d96ef495a9db47d1b95eb83bb8f4"
"name": "[oss-security] 20100205 Re: Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126540733320471&w=2"
},
{
"name" : "http://www.samba.org/samba/news/symlink_attack.html",
"refsource" : "CONFIRM",
"url" : "http://www.samba.org/samba/news/symlink_attack.html"
"name": "20100204 Re: Samba Remote Zero-Day Exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0108.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=562568",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=562568"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540608318301&w=2"
},
{
"name" : "https://bugzilla.samba.org/show_bug.cgi?id=7104",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.samba.org/show_bug.cgi?id=7104"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540100511357&w=2"
},
{
"name" : "SUSE-SR:2010:008",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
"name": "[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba.",
"refsource": "MLIST",
"url": "http://marc.info/?l=samba-technical&m=126540277713815&w=2"
},
{
"name" : "SUSE-SR:2010:014",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
"name": "[oss-security] 20100205 Re: Samba symlink 0day flaw",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126540402215620&w=2"
},
{
"name" : "39317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39317"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=562568",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=562568"
}
]
}

74
2010/3xxx/CVE-2010-3106.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method."
"lang": "eng",
"value": "The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06",
"refsource" : "MISC",
"url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06"
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06"
},
{
"name" : "http://download.novell.com/Download?buildid=ftwZBxEFjIg~",
"refsource" : "CONFIRM",
"url" : "http://download.novell.com/Download?buildid=ftwZBxEFjIg~"
"name": "oval:org.mitre.oval:def:12044",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044"
},
{
"name" : "oval:org.mitre.oval:def:12044",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044"
"name": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~"
}
]
}

74
2010/3xxx/CVE-2010-3159.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3159",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3159",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
"lang": "eng",
"value": "Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ponsoftware.com/en/",
"refsource" : "MISC",
"url" : "http://www.ponsoftware.com/en/"
"name": "JVNDB-2010-000043",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000043.html"
},
{
"name" : "JVN#85599999",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN85599999/index.html"
"name": "JVN#85599999",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN85599999/index.html"
},
{
"name" : "JVNDB-2010-000043",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000043.html"
"name": "http://www.ponsoftware.com/en/",
"refsource": "MISC",
"url": "http://www.ponsoftware.com/en/"
}
]
}

80
2010/3xxx/CVE-2010-3479.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3479",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3479",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
"lang": "eng",
"value": "SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15049",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15049"
"name": "boutikone-list-sql-injection(61911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61911"
},
{
"name" : "http://packetstormsecurity.org/1009-exploits/boutikone-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1009-exploits/boutikone-sql.txt"
"name": "http://packetstormsecurity.org/1009-exploits/boutikone-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1009-exploits/boutikone-sql.txt"
},
{
"name" : "ADV-2010-2436",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2436"
"name": "ADV-2010-2436",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2436"
},
{
"name" : "boutikone-list-sql-injection(61911)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61911"
"name": "15049",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15049"
}
]
}

92
2010/3xxx/CVE-2010-3598.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3598",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-3598",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
"name": "ADV-2011-0143",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0143"
},
{
"name" : "45846",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45846"
"name": "1024981",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024981"
},
{
"name" : "1024981",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024981"
"name": "45846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45846"
},
{
"name" : "42976",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42976"
"name": "oracle-document-utility-unauth-access(64771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64771"
},
{
"name" : "ADV-2011-0143",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0143"
"name": "42976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42976"
},
{
"name" : "oracle-document-utility-unauth-access(64771)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64771"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
}
]
}

140
2010/3xxx/CVE-2010-3962.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3962",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3962",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an \"invalid flag reference\" issue or \"Uninitialized Memory Corruption Vulnerability,\" as exploited in the wild in November 2010."
"lang": "eng",
"value": "Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an \"invalid flag reference\" issue or \"Uninitialized Memory Corruption Vulnerability,\" as exploited in the wild in November 2010."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15418",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15418"
"name": "44536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44536"
},
{
"name" : "15421",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15421"
"name": "TA10-348A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
},
{
"name" : "http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks",
"refsource" : "MISC",
"url" : "http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks"
"name": "MS10-090",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090"
},
{
"name" : "http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx",
"refsource" : "CONFIRM",
"url" : "http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx"
"name": "VU#899748",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/899748"
},
{
"name" : "http://www.microsoft.com/technet/security/advisory/2458511.mspx",
"refsource" : "CONFIRM",
"url" : "http://www.microsoft.com/technet/security/advisory/2458511.mspx"
"name": "42091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42091"
},
{
"name" : "MS10-090",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090"
"name": "ADV-2010-2880",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2880"
},
{
"name" : "TA10-348A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name": "http://www.microsoft.com/technet/security/advisory/2458511.mspx",
"refsource": "CONFIRM",
"url": "http://www.microsoft.com/technet/security/advisory/2458511.mspx"
},
{
"name" : "VU#899748",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/899748"
"name": "1024676",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024676"
},
{
"name" : "44536",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44536"
"name": "15421",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15421"
},
{
"name" : "oval:org.mitre.oval:def:12279",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12279"
"name": "http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks"
},
{
"name" : "1024676",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024676"
"name": "ms-ie-flag-code-execution(62962)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62962"
},
{
"name" : "42091",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42091"
"name": "http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx"
},
{
"name" : "ADV-2010-2880",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2880"
"name": "oval:org.mitre.oval:def:12279",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12279"
},
{
"name" : "ms-ie-flag-code-execution(62962)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62962"
"name": "15418",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15418"
}
]
}

22
2010/4xxx/CVE-2010-4316.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4316",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4316",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2010/4xxx/CVE-2010-4744.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4744",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4744",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014"
"name": "FEDORA-2011-1851",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054424.html"
},
{
"name" : "http://moinejf.free.fr/abcm2ps-5.txt",
"refsource" : "CONFIRM",
"url" : "http://moinejf.free.fr/abcm2ps-5.txt"
"name": "ADV-2011-0390",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0390"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=600729",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=600729"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014"
},
{
"name" : "FEDORA-2011-1092",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054015.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=600729",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=600729"
},
{
"name" : "FEDORA-2011-1851",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054424.html"
"name": "43338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43338"
},
{
"name" : "43338",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43338"
"name": "FEDORA-2011-1092",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054015.html"
},
{
"name" : "ADV-2011-0390",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0390"
"name": "http://moinejf.free.fr/abcm2ps-5.txt",
"refsource": "CONFIRM",
"url": "http://moinejf.free.fr/abcm2ps-5.txt"
}
]
}

22
2014/0xxx/CVE-2014-0687.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0687",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0687",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/4xxx/CVE-2014-4058.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4058",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4058",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-051",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
"name": "1030715",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030715"
},
{
"name" : "69131",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69131"
"name": "MS14-051",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
},
{
"name" : "1030715",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030715"
"name": "69131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69131"
},
{
"name" : "60670",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60670"
"name": "60670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60670"
}
]
}

80
2014/4xxx/CVE-2014-4162.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote attackers to hijack the authentication of administrators for requests that change the (1) wifi password or (2) SSID via a request to Forms/WLAN_General_1."
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote attackers to hijack the authentication of administrators for requests that change the (1) wifi password or (2) SSID via a request to Forms/WLAN_General_1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "33518",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/33518"
"name": "33518",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33518"
},
{
"name" : "http://packetstormsecurity.com/files/126812/Zyxel-P-660HW-T1-Cross-Site-Request-Forgery.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/126812/Zyxel-P-660HW-T1-Cross-Site-Request-Forgery.html"
"name": "http://packetstormsecurity.com/files/126812/Zyxel-P-660HW-T1-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126812/Zyxel-P-660HW-T1-Cross-Site-Request-Forgery.html"
},
{
"name" : "107449",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/107449"
"name": "58513",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58513"
},
{
"name" : "58513",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58513"
"name": "107449",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/107449"
}
]
}

98
2014/4xxx/CVE-2014-4612.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4612",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4612",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140623 CVE request: XSS in coppermine gallery before 1.5.28",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q2/608"
"name": "68140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68140"
},
{
"name" : "[oss-security] 20140624 Re: CVE request: XSS in coppermine gallery before 1.5.28",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q2/620"
"name": "[oss-security] 20140623 CVE request: XSS in coppermine gallery before 1.5.28",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/608"
},
{
"name" : "http://forum.coppermine-gallery.net/index.php/topic,77376.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.coppermine-gallery.net/index.php/topic,77376.0.html"
"name": "[oss-security] 20140624 Re: CVE request: XSS in coppermine gallery before 1.5.28",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/620"
},
{
"name" : "http://sourceforge.net/p/coppermine/code/8674",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/p/coppermine/code/8674"
"name": "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt"
},
{
"name" : "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt",
"refsource" : "CONFIRM",
"url" : "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt"
"name": "http://sourceforge.net/p/coppermine/code/8674",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/coppermine/code/8674"
},
{
"name" : "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt",
"refsource" : "CONFIRM",
"url" : "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt"
"name": "http://forum.coppermine-gallery.net/index.php/topic,77376.0.html",
"refsource": "CONFIRM",
"url": "http://forum.coppermine-gallery.net/index.php/topic,77376.0.html"
},
{
"name" : "68140",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68140"
"name": "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt"
}
]
}

22
2014/8xxx/CVE-2014-8063.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8063",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8063",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

22
2014/8xxx/CVE-2014-8193.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8193",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8193",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

22
2014/8xxx/CVE-2014-8286.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8286",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8286",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

22
2014/8xxx/CVE-2014-8876.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8876",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8876",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/9xxx/CVE-2014-9071.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9071",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9071",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

104
2014/9xxx/CVE-2014-9571.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9571",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9571",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150117 CVE-2014-9571: XSS in install.php",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2015/q1/156"
"name": "1031633",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031633"
},
{
"name" : "https://www.htbridge.com/advisory/HTB23243",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23243"
"name": "mantisbt-cve20149571-xss(100209)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100209"
},
{
"name" : "https://github.com/mantisbt/mantisbt/commit/132cd6d0",
"refsource" : "CONFIRM",
"url" : "https://github.com/mantisbt/mantisbt/commit/132cd6d0"
"name": "https://github.com/mantisbt/mantisbt/commit/132cd6d0",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/132cd6d0"
},
{
"name" : "https://github.com/mantisbt/mantisbt/commit/6d47c047",
"refsource" : "CONFIRM",
"url" : "https://github.com/mantisbt/mantisbt/commit/6d47c047"
"name": "https://github.com/mantisbt/mantisbt/commit/6d47c047",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/6d47c047"
},
{
"name" : "https://www.mantisbt.org/bugs/view.php?id=17937",
"refsource" : "CONFIRM",
"url" : "https://www.mantisbt.org/bugs/view.php?id=17937"
"name": "https://www.mantisbt.org/bugs/view.php?id=17938",
"refsource": "CONFIRM",
"url": "https://www.mantisbt.org/bugs/view.php?id=17938"
},
{
"name" : "https://www.mantisbt.org/bugs/view.php?id=17938",
"refsource" : "CONFIRM",
"url" : "https://www.mantisbt.org/bugs/view.php?id=17938"
"name": "https://www.htbridge.com/advisory/HTB23243",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23243"
},
{
"name" : "1031633",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031633"
"name": "[oss-security] 20150117 CVE-2014-9571: XSS in install.php",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q1/156"
},
{
"name" : "mantisbt-cve20149571-xss(100209)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100209"
"name": "https://www.mantisbt.org/bugs/view.php?id=17937",
"refsource": "CONFIRM",
"url": "https://www.mantisbt.org/bugs/view.php?id=17937"
}
]
}

22
2016/2xxx/CVE-2016-2766.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2766",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-2766",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

22
2016/3xxx/CVE-2016-3030.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3030",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3030",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/3xxx/CVE-2016-3082.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3082",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3082",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter."
"lang": "eng",
"value": "XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://struts.apache.org/docs/s2-031.html",
"refsource" : "CONFIRM",
"url" : "http://struts.apache.org/docs/s2-031.html"
"name": "88826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/88826"
},
{
"name" : "88826",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/88826"
"name": "http://struts.apache.org/docs/s2-031.html",
"refsource": "CONFIRM",
"url": "http://struts.apache.org/docs/s2-031.html"
},
{
"name" : "1035664",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035664"
"name": "1035664",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035664"
}
]
}

80
2016/3xxx/CVE-2016-3510.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3510",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3510",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.tenable.com/security/research/tra-2016-21",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2016-21"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name": "1036373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036373"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
"name": "https://www.tenable.com/security/research/tra-2016-21",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-21"
},
{
"name" : "1036373",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036373"
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}

74
2016/3xxx/CVE-2016-3695.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3695",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3695",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set."
"lang": "eng",
"value": "The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1322755",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1322755"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1322755",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1322755"
},
{
"name" : "https://github.com/mjg59/linux/commit/d7a6be58edc01b1c66ecd8fcc91236bfbce0a420",
"refsource" : "CONFIRM",
"url" : "https://github.com/mjg59/linux/commit/d7a6be58edc01b1c66ecd8fcc91236bfbce0a420"
"name": "102327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102327"
},
{
"name" : "102327",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102327"
"name": "https://github.com/mjg59/linux/commit/d7a6be58edc01b1c66ecd8fcc91236bfbce0a420",
"refsource": "CONFIRM",
"url": "https://github.com/mjg59/linux/commit/d7a6be58edc01b1c66ecd8fcc91236bfbce0a420"
}
]
}

62
2016/3xxx/CVE-2016-3720.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3720",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3720",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors."
"lang": "eng",
"value": "XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "FEDORA-2016-13b4cae9df",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184561.html"
"name": "FEDORA-2016-13b4cae9df",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184561.html"
}
]
}

68
2016/3xxx/CVE-2016-3927.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3927",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3927",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244."
"lang": "eng",
"value": "Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-10-01.html"
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name" : "93333",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93333"
"name": "93333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93333"
}
]
}

122
2016/6xxx/CVE-2016-6172.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6172",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-6172",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response."
"lang": "eng",
"value": "PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[dns-operations] 20160704 DNS activities in Japan",
"refsource" : "MLIST",
"url" : "https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html"
"name": "https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401",
"refsource": "CONFIRM",
"url": "https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401"
},
{
"name" : "[oss-security] 20160706 Malicious primary DNS servers can crash secondaries",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/07/06/3"
"name": "DSA-3664",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3664"
},
{
"name" : "https://github.com/sischkg/xfer-limit/blob/master/README.md",
"refsource" : "MISC",
"url" : "https://github.com/sischkg/xfer-limit/blob/master/README.md"
"name": "1036242",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036242"
},
{
"name" : "https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401",
"refsource" : "CONFIRM",
"url" : "https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401"
"name": "[oss-security] 20160706 Malicious primary DNS servers can crash secondaries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/07/06/3"
},
{
"name" : "https://github.com/PowerDNS/pdns/issues/4128",
"refsource" : "CONFIRM",
"url" : "https://github.com/PowerDNS/pdns/issues/4128"
"name": "https://github.com/PowerDNS/pdns/issues/4128",
"refsource": "CONFIRM",
"url": "https://github.com/PowerDNS/pdns/issues/4128"
},
{
"name" : "https://github.com/PowerDNS/pdns/issues/4133",
"refsource" : "CONFIRM",
"url" : "https://github.com/PowerDNS/pdns/issues/4133"
"name": "https://github.com/PowerDNS/pdns/issues/4133",
"refsource": "CONFIRM",
"url": "https://github.com/PowerDNS/pdns/issues/4133"
},
{
"name" : "https://github.com/PowerDNS/pdns/pull/4134",
"refsource" : "CONFIRM",
"url" : "https://github.com/PowerDNS/pdns/pull/4134"
"name": "91678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91678"
},
{
"name" : "DSA-3664",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3664"
"name": "[dns-operations] 20160704 DNS activities in Japan",
"refsource": "MLIST",
"url": "https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html"
},
{
"name" : "openSUSE-SU-2016:2116",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00085.html"
"name": "https://github.com/PowerDNS/pdns/pull/4134",
"refsource": "CONFIRM",
"url": "https://github.com/PowerDNS/pdns/pull/4134"
},
{
"name" : "91678",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91678"
"name": "openSUSE-SU-2016:2116",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00085.html"
},
{
"name" : "1036242",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036242"
"name": "https://github.com/sischkg/xfer-limit/blob/master/README.md",
"refsource": "MISC",
"url": "https://github.com/sischkg/xfer-limit/blob/master/README.md"
}
]
}

74
2016/6xxx/CVE-2016-6465.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"ID" : "CVE-2016-6465",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6465",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cisco AsyncOS",
"version" : {
"version_data" : [
"product_name": "Cisco AsyncOS",
"version": {
"version_data": [
{
"version_value" : "Cisco AsyncOS"
"version_value": "Cisco AsyncOS"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047."
"lang": "eng",
"value": "A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "unspecified"
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa",
"refsource" : "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa"
"name": "1037404",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037404"
},
{
"name" : "94901",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94901"
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa"
},
{
"name" : "1037404",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037404"
"name": "94901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94901"
}
]
}

92
2016/6xxx/CVE-2016-6508.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6508",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6508",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet."
"lang": "eng",
"value": "epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2016/07/28/3"
"name": "[oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2016/07/28/3"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2016-44.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2016-44.html"
"name": "DSA-3648",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3648"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb"
"name": "http://www.wireshark.org/security/wnpa-sec-2016-44.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2016-44.html"
},
{
"name" : "DSA-3648",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3648"
"name": "1036480",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036480"
},
{
"name" : "1036480",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036480"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660"
}
]
}

68
2016/6xxx/CVE-2016-6747.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-6747",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6747",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.10"
"version_value": "Kernel-3.10"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in Mediaserver in Android before 2016-11-05 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-31244612. References: NVIDIA N-CVE-2016-6747."
"lang": "eng",
"value": "A denial of service vulnerability in Mediaserver in Android before 2016-11-05 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-31244612. References: NVIDIA N-CVE-2016-6747."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of service"
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-11-01.html"
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name" : "94212",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94212"
"name": "94212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94212"
}
]
}

74
2016/6xxx/CVE-2016-6789.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-6789",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6789",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251973. References: N-CVE-2016-6789."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251973. References: N-CVE-2016-6789."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
"name": "94678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94678"
},
{
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource" : "CONFIRM",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name" : "94678",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94678"
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
]
}

68
2016/7xxx/CVE-2016-7107.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7107",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7107",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors."
"lang": "eng",
"value": "Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-uma-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-uma-en"
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-uma-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-uma-en"
},
{
"name" : "92619",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92619"
"name": "92619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92619"
}
]
}

116
2016/7xxx/CVE-2016-7416.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7416",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7416",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument."
"lang": "eng",
"value": "ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/15/10"
"name": "93008",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93008"
},
{
"name" : "http://www.php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php"
"name": "http://www.php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"name" : "http://www.php.net/ChangeLog-7.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-7.php"
"name": "GLSA-201611-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name" : "https://bugs.php.net/bug.php?id=73007",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=73007"
"name": "1036836",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"name" : "https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1",
"refsource" : "CONFIRM",
"url" : "https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1"
"name": "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"name" : "https://www.tenable.com/security/tns-2016-19",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2016-19"
"name": "RHSA-2018:1296",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"name" : "GLSA-201611-22",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-22"
"name": "https://bugs.php.net/bug.php?id=73007",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=73007"
},
{
"name" : "RHSA-2018:1296",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1296"
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name" : "93008",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93008"
"name": "https://www.tenable.com/security/tns-2016-19",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-19"
},
{
"name" : "1036836",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036836"
"name": "https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1",
"refsource": "CONFIRM",
"url": "https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1"
}
]
}

86
2016/7xxx/CVE-2016-7607.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7607",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7607",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component, which allows attackers to obtain sensitive information from kernel memory via a crafted app."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component, which allows attackers to obtain sensitive information from kernel memory via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
"name": "https://support.apple.com/HT207487",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207487"
},
{
"name" : "https://support.apple.com/HT207423",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207423"
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name" : "https://support.apple.com/HT207487",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207487"
"name": "94905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"name" : "94905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94905"
"name": "1037469",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037469"
},
{
"name" : "1037469",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037469"
"name": "https://support.apple.com/HT207423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207423"
}
]
}

74
2016/7xxx/CVE-2016-7665.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7665",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7665",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"Graphics Driver\" component, which allows remote attackers to cause a denial of service via a crafted video."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"Graphics Driver\" component, which allows remote attackers to cause a denial of service via a crafted video."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name" : "94850",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94850"
"name": "1037429",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037429"
},
{
"name" : "1037429",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037429"
"name": "94850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94850"
}
]
}

98
2016/7xxx/CVE-2016-7855.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@adobe.com",
"ID" : "CVE-2016-7855",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7855",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html",
"refsource" : "MISC",
"url" : "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
"name": "GLSA-201610-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-10"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-36.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-36.html"
"name": "MS16-128",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128"
},
{
"name" : "GLSA-201610-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-10"
"name": "1037111",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037111"
},
{
"name" : "MS16-128",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-36.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-36.html"
},
{
"name" : "RHSA-2016:2119",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2119.html"
"name": "RHSA-2016:2119",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2119.html"
},
{
"name" : "93861",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93861"
"name": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html",
"refsource": "MISC",
"url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
},
{
"name" : "1037111",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037111"
"name": "93861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93861"
}
]
}

68
2016/8xxx/CVE-2016-8437.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-8437",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-8437",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695."
"lang": "eng",
"value": "Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Improper Input Validation"
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name" : "95227",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95227"
"name": "95227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95227"
}
]
}

62
2016/8xxx/CVE-2016-8590.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8590",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8590",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter."
"lang": "eng",
"value": "log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/142218/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_dlp.cgi-Remote-Code-Execution.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/142218/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_dlp.cgi-Remote-Code-Execution.html"
"name": "http://packetstormsecurity.com/files/142218/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_dlp.cgi-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/142218/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_dlp.cgi-Remote-Code-Execution.html"
}
]
}