diff --git a/2006/5xxx/CVE-2006-5276.json b/2006/5xxx/CVE-2006-5276.json index 164381de38b..7ef2c8529e5 100644 --- a/2006/5xxx/CVE-2006-5276.json +++ b/2006/5xxx/CVE-2006-5276.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5276", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5276", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070219 Sourcefire Snort Remote Buffer Overflow", - "refsource" : "ISS", - "url" : "http://iss.net/threats/257.html" - }, - { - "name" : "20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461810/100/0/threaded" - }, - { - "name" : "3362", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3362" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=229265", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=229265" - }, - { - "name" : "http://www.snort.org/docs/advisory-2007-02-19.html", - "refsource" : "CONFIRM", - "url" : "http://www.snort.org/docs/advisory-2007-02-19.html" - }, - { - "name" : "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf", - "refsource" : "CONFIRM", - "url" : "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf" - }, - { - "name" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173", - "refsource" : "CONFIRM", - "url" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173" - }, - { - "name" : "FEDORA-2007-2060", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/updates/FEDORA-2007-206.shtml" - }, - { - "name" : "GLSA-200703-01", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-01.xml" - }, - { - "name" : "TA07-050A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-050A.html" - }, - { - "name" : "VU#196240", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/196240" - }, - { - "name" : "22616", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22616" - }, - { - "name" : "ADV-2007-0656", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0656" - }, - { - "name" : "ADV-2007-0668", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0668" - }, - { - "name" : "32094", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32094" - }, - { - "name" : "1017669", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017669" - }, - { - "name" : "1017670", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017670" - }, - { - "name" : "24190", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24190" - }, - { - "name" : "24235", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24235" - }, - { - "name" : "24239", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24239" - }, - { - "name" : "24240", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24240" - }, - { - "name" : "24272", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24272" - }, - { - "name" : "26746", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26746" - }, - { - "name" : "smb-bo(31275)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-050A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-050A.html" + }, + { + "name": "VU#196240", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/196240" + }, + { + "name": "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf", + "refsource": "CONFIRM", + "url": "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf" + }, + { + "name": "GLSA-200703-01", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-01.xml" + }, + { + "name": "26746", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26746" + }, + { + "name": "20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461810/100/0/threaded" + }, + { + "name": "24190", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24190" + }, + { + "name": "http://www.snort.org/docs/advisory-2007-02-19.html", + "refsource": "CONFIRM", + "url": "http://www.snort.org/docs/advisory-2007-02-19.html" + }, + { + "name": "24239", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24239" + }, + { + "name": "24272", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24272" + }, + { + "name": "ADV-2007-0656", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0656" + }, + { + "name": "smb-bo(31275)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31275" + }, + { + "name": "FEDORA-2007-2060", + "refsource": "FEDORA", + "url": "http://fedoranews.org/updates/FEDORA-2007-206.shtml" + }, + { + "name": "ADV-2007-0668", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0668" + }, + { + "name": "32094", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32094" + }, + { + "name": "24235", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24235" + }, + { + "name": "1017670", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017670" + }, + { + "name": "24240", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24240" + }, + { + "name": "20070219 Sourcefire Snort Remote Buffer Overflow", + "refsource": "ISS", + "url": "http://iss.net/threats/257.html" + }, + { + "name": "22616", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22616" + }, + { + "name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173", + "refsource": "CONFIRM", + "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173" + }, + { + "name": "3362", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3362" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=229265", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=229265" + }, + { + "name": "1017669", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017669" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2254.json b/2007/2xxx/CVE-2007-2254.json index deabfb5268e..b71d2600d42 100644 --- a/2007/2xxx/CVE-2007-2254.json +++ b/2007/2xxx/CVE-2007-2254.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as \"Allfaclassfieds\" in the original disclosure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070422 Allfaclassfieds (level2.php dir) remote file inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466648/100/0/threaded" - }, - { - "name" : "20070425 [false but true] \"Allfaclassfieds\" RFI no; PHP Classifieds yes", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-April/001543.html" - }, - { - "name" : "2618", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2618" - }, - { - "name" : "allfaclassfieds-level2-file-include(33798)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as \"Allfaclassfieds\" in the original disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070422 Allfaclassfieds (level2.php dir) remote file inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466648/100/0/threaded" + }, + { + "name": "allfaclassfieds-level2-file-include(33798)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33798" + }, + { + "name": "20070425 [false but true] \"Allfaclassfieds\" RFI no; PHP Classifieds yes", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-April/001543.html" + }, + { + "name": "2618", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2618" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3423.json b/2007/3xxx/CVE-2007-3423.json index 5876a057e59..92504a9ffbf 100644 --- a/2007/3xxx/CVE-2007-3423.json +++ b/2007/3xxx/CVE-2007-3423.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3423", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the (1) imview2 or (2) imview3 function reads (a) an internal IM, or a message from a (b) guest or (c) removed member, which has unknown impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3423", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458", - "refsource" : "CONFIRM", - "url" : "http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458" - }, - { - "name" : "http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip", - "refsource" : "CONFIRM", - "url" : "http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip" - }, - { - "name" : "45409", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the (1) imview2 or (2) imview3 function reads (a) an internal IM, or a message from a (b) guest or (c) removed member, which has unknown impact and remote attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip", + "refsource": "CONFIRM", + "url": "http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip" + }, + { + "name": "http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458", + "refsource": "CONFIRM", + "url": "http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458" + }, + { + "name": "45409", + "refsource": "OSVDB", + "url": "http://osvdb.org/45409" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3716.json b/2007/3xxx/CVE-2007-3716.json index 8a33f2b5b35..a731727bc1e 100644 --- a/2007/3xxx/CVE-2007-3716.json +++ b/2007/3xxx/CVE-2007-3716.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070712 Command Injection in XML Digital Signatures", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473552/100/0/threaded" - }, - { - "name" : "20070712 Whitepaper: Command Injection in XML Digital Signatures and Encryption", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473553/100/0/threaded" - }, - { - "name" : "http://www.isecpartners.com/advisories/2007-04-dsig.txt", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/advisories/2007-04-dsig.txt" - }, - { - "name" : "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf" - }, - { - "name" : "BEA07-177.00", - "refsource" : "BEA", - "url" : "http://dev2dev.bea.com/pub/advisory/248" - }, - { - "name" : "GLSA-200709-15", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml" - }, - { - "name" : "102993", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1" - }, - { - "name" : "ADV-2007-2492", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2492" - }, - { - "name" : "ADV-2007-3009", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3009" - }, - { - "name" : "36664", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36664" - }, - { - "name" : "1018365", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018365" - }, - { - "name" : "26031", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26031" - }, - { - "name" : "26631", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26631" - }, - { - "name" : "26933", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26933" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26933", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26933" + }, + { + "name": "20070712 Command Injection in XML Digital Signatures", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473552/100/0/threaded" + }, + { + "name": "BEA07-177.00", + "refsource": "BEA", + "url": "http://dev2dev.bea.com/pub/advisory/248" + }, + { + "name": "20070712 Whitepaper: Command Injection in XML Digital Signatures and Encryption", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473553/100/0/threaded" + }, + { + "name": "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf", + "refsource": "MISC", + "url": "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf" + }, + { + "name": "102993", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1" + }, + { + "name": "http://www.isecpartners.com/advisories/2007-04-dsig.txt", + "refsource": "MISC", + "url": "http://www.isecpartners.com/advisories/2007-04-dsig.txt" + }, + { + "name": "26031", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26031" + }, + { + "name": "ADV-2007-3009", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3009" + }, + { + "name": "GLSA-200709-15", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml" + }, + { + "name": "1018365", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018365" + }, + { + "name": "ADV-2007-2492", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2492" + }, + { + "name": "36664", + "refsource": "OSVDB", + "url": "http://osvdb.org/36664" + }, + { + "name": "26631", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26631" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6155.json b/2007/6xxx/CVE-2007-6155.json index 2569a4fa389..34f3f10d55c 100644 --- a/2007/6xxx/CVE-2007-6155.json +++ b/2007/6xxx/CVE-2007-6155.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6155", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6155", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6406.json b/2007/6xxx/CVE-2007-6406.json index cf557fd39a7..f8ccbd3cc83 100644 --- a/2007/6xxx/CVE-2007-6406.json +++ b/2007/6xxx/CVE-2007-6406.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6406", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly Computer Associates) eTrust Threat Management Console allow remote attackers to inject arbitrary web script or HTML via the IP Address field and other unspecified fields." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071205 [ELEYTT] Public Advisory 05-12-2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484607/100/0/threaded" - }, - { - "name" : "1019047", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019047" - }, - { - "name" : "3458", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3458" - }, - { - "name" : "threatmanagement-ipaddress-xss(38868)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38868" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly Computer Associates) eTrust Threat Management Console allow remote attackers to inject arbitrary web script or HTML via the IP Address field and other unspecified fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1019047", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019047" + }, + { + "name": "20071205 [ELEYTT] Public Advisory 05-12-2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484607/100/0/threaded" + }, + { + "name": "threatmanagement-ipaddress-xss(38868)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38868" + }, + { + "name": "3458", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3458" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6560.json b/2007/6xxx/CVE-2007-6560.json index 95016bc8572..8a655a5cd44 100644 --- a/2007/6xxx/CVE-2007-6560.json +++ b/2007/6xxx/CVE-2007-6560.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6560", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6560", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071223 Logaholic Web Analytics Software", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485480/100/0/threaded" - }, - { - "name" : "20080326 Re: Logaholic Web Analytics Software", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490101/100/0/threaded" - }, - { - "name" : "27003", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27003" - }, - { - "name" : "39792", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39792" - }, - { - "name" : "39793", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39793" - }, - { - "name" : "28263", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28263" - }, - { - "name" : "3496", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3496" - }, - { - "name" : "logaholic-profiles-xss(39223)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39793", + "refsource": "OSVDB", + "url": "http://osvdb.org/39793" + }, + { + "name": "28263", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28263" + }, + { + "name": "3496", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3496" + }, + { + "name": "logaholic-profiles-xss(39223)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39223" + }, + { + "name": "39792", + "refsource": "OSVDB", + "url": "http://osvdb.org/39792" + }, + { + "name": "27003", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27003" + }, + { + "name": "20071223 Logaholic Web Analytics Software", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485480/100/0/threaded" + }, + { + "name": "20080326 Re: Logaholic Web Analytics Software", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490101/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6577.json b/2007/6xxx/CVE-2007-6577.json index b2ddb59d199..a7eb12dcb03 100644 --- a/2007/6xxx/CVE-2007-6577.json +++ b/2007/6xxx/CVE-2007-6577.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4772", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4772" - }, - { - "name" : "26994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26994" - }, - { - "name" : "39774", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39774" - }, - { - "name" : "39775", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39775" - }, - { - "name" : "zblog-index-sql-injection(39239)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "zblog-index-sql-injection(39239)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39239" + }, + { + "name": "39774", + "refsource": "OSVDB", + "url": "http://osvdb.org/39774" + }, + { + "name": "4772", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4772" + }, + { + "name": "26994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26994" + }, + { + "name": "39775", + "refsource": "OSVDB", + "url": "http://osvdb.org/39775" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6658.json b/2007/6xxx/CVE-2007-6658.json index a9caa589ea1..2edc7cde8e6 100644 --- a/2007/6xxx/CVE-2007-6658.json +++ b/2007/6xxx/CVE-2007-6658.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071229 CCMS v3.1 Demo <= SQL Injection Vulnerability 0day", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485633/100/0/threaded" - }, - { - "name" : "4809", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4809" - }, - { - "name" : "27069", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27069" - }, - { - "name" : "39894", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39894" - }, - { - "name" : "3510", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3510" - }, - { - "name" : "customcms-vars-sql-injection(39317)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39317" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3510", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3510" + }, + { + "name": "27069", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27069" + }, + { + "name": "39894", + "refsource": "OSVDB", + "url": "http://osvdb.org/39894" + }, + { + "name": "4809", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4809" + }, + { + "name": "20071229 CCMS v3.1 Demo <= SQL Injection Vulnerability 0day", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485633/100/0/threaded" + }, + { + "name": "customcms-vars-sql-injection(39317)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39317" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0301.json b/2010/0xxx/CVE-2010-0301.json index 3f00f2cc267..7ff79d33ab6 100644 --- a/2010/0xxx/CVE-2010-0301.json +++ b/2010/0xxx/CVE-2010-0301.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0301", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100127 CVE id request: maildrop", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=oss-security&m=126462927918840&w=2" - }, - { - "name" : "[oss-security] 20100128 Re: CVE id request: maildrop", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=oss-security&m=126468324913920&w=2" - }, - { - "name" : "[oss-security] 20100128 Re: CVE id request: maildrop", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=oss-security&m=126468551017070&w=2" - }, - { - "name" : "[oss-security] 20100128 Re: CVE id request: maildrop", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=oss-security&m=126468618017829&w=2" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564601", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564601" - }, - { - "name" : "http://www.courier-mta.org/maildrop/changelog.html", - "refsource" : "CONFIRM", - "url" : "http://www.courier-mta.org/maildrop/changelog.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=559681", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=559681" - }, - { - "name" : "DSA-1981", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-1981" - }, - { - "name" : "1023515", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023515" - }, - { - "name" : "38367", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38367" - }, - { - "name" : "38374", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38374" - }, - { - "name" : "maildrop-group-priv-escalation(55980)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1981", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-1981" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564601", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564601" + }, + { + "name": "38374", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38374" + }, + { + "name": "[oss-security] 20100128 Re: CVE id request: maildrop", + "refsource": "MLIST", + "url": "http://marc.info/?l=oss-security&m=126468618017829&w=2" + }, + { + "name": "http://www.courier-mta.org/maildrop/changelog.html", + "refsource": "CONFIRM", + "url": "http://www.courier-mta.org/maildrop/changelog.html" + }, + { + "name": "maildrop-group-priv-escalation(55980)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55980" + }, + { + "name": "[oss-security] 20100128 Re: CVE id request: maildrop", + "refsource": "MLIST", + "url": "http://marc.info/?l=oss-security&m=126468324913920&w=2" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=559681", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=559681" + }, + { + "name": "[oss-security] 20100128 Re: CVE id request: maildrop", + "refsource": "MLIST", + "url": "http://marc.info/?l=oss-security&m=126468551017070&w=2" + }, + { + "name": "1023515", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023515" + }, + { + "name": "38367", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38367" + }, + { + "name": "[oss-security] 20100127 CVE id request: maildrop", + "refsource": "MLIST", + "url": "http://marc.info/?l=oss-security&m=126462927918840&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0392.json b/2010/0xxx/CVE-2010-0392.json index 6c6b449e5db..cdb743a9206 100644 --- a/2010/0xxx/CVE-2010-0392.json +++ b/2010/0xxx/CVE-2010-0392.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0392", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to \"phase 2.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0392", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100121 TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security Advisory - SOS-10-001", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/509091/100/0/threaded" - }, - { - "name" : "http://www.senseofsecurity.com.au/advisories/SOS-10-001", - "refsource" : "MISC", - "url" : "http://www.senseofsecurity.com.au/advisories/SOS-10-001" - }, - { - "name" : "http://www.thegreenbow.com/download.php?id=1000150", - "refsource" : "CONFIRM", - "url" : "http://www.thegreenbow.com/download.php?id=1000150" - }, - { - "name" : "40387", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40387" - }, - { - "name" : "61866", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/61866" - }, - { - "name" : "38262", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38262" - }, - { - "name" : "ipsecvpnclient-tgb-bo(55793)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to \"phase 2.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.senseofsecurity.com.au/advisories/SOS-10-001", + "refsource": "MISC", + "url": "http://www.senseofsecurity.com.au/advisories/SOS-10-001" + }, + { + "name": "ipsecvpnclient-tgb-bo(55793)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55793" + }, + { + "name": "38262", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38262" + }, + { + "name": "40387", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40387" + }, + { + "name": "http://www.thegreenbow.com/download.php?id=1000150", + "refsource": "CONFIRM", + "url": "http://www.thegreenbow.com/download.php?id=1000150" + }, + { + "name": "61866", + "refsource": "OSVDB", + "url": "http://osvdb.org/61866" + }, + { + "name": "20100121 TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security Advisory - SOS-10-001", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/509091/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0441.json b/2010/0xxx/CVE-2010-0441.json index d50b11c8b93..f8724cc22e9 100644 --- a/2010/0xxx/CVE-2010-0441.json +++ b/2010/0xxx/CVE-2010-0441.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0441", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100202 AST-2010-001: T.38 Remote Crash Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/509327/100/0/threaded" - }, - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff", - "refsource" : "CONFIRM", - "url" : "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff" - }, - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff", - "refsource" : "CONFIRM", - "url" : "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff" - }, - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff", - "refsource" : "CONFIRM", - "url" : "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff" - }, - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2010-001.html", - "refsource" : "CONFIRM", - "url" : "http://downloads.asterisk.org/pub/security/AST-2010-001.html" - }, - { - "name" : "https://issues.asterisk.org/view.php?id=16517", - "refsource" : "CONFIRM", - "url" : "https://issues.asterisk.org/view.php?id=16517" - }, - { - "name" : "https://issues.asterisk.org/view.php?id=16634", - "refsource" : "CONFIRM", - "url" : "https://issues.asterisk.org/view.php?id=16634" - }, - { - "name" : "https://issues.asterisk.org/view.php?id=16724", - "refsource" : "CONFIRM", - "url" : "https://issues.asterisk.org/view.php?id=16724" - }, - { - "name" : "FEDORA-2010-3724", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html" - }, - { - "name" : "38047", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38047" - }, - { - "name" : "1023532", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023532" - }, - { - "name" : "38395", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38395" - }, - { - "name" : "39096", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39096" - }, - { - "name" : "ADV-2010-0289", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0289" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff", + "refsource": "CONFIRM", + "url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff" + }, + { + "name": "https://issues.asterisk.org/view.php?id=16517", + "refsource": "CONFIRM", + "url": "https://issues.asterisk.org/view.php?id=16517" + }, + { + "name": "https://issues.asterisk.org/view.php?id=16634", + "refsource": "CONFIRM", + "url": "https://issues.asterisk.org/view.php?id=16634" + }, + { + "name": "ADV-2010-0289", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0289" + }, + { + "name": "38047", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38047" + }, + { + "name": "39096", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39096" + }, + { + "name": "FEDORA-2010-3724", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html" + }, + { + "name": "https://issues.asterisk.org/view.php?id=16724", + "refsource": "CONFIRM", + "url": "https://issues.asterisk.org/view.php?id=16724" + }, + { + "name": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff", + "refsource": "CONFIRM", + "url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff" + }, + { + "name": "20100202 AST-2010-001: T.38 Remote Crash Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/509327/100/0/threaded" + }, + { + "name": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff", + "refsource": "CONFIRM", + "url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff" + }, + { + "name": "38395", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38395" + }, + { + "name": "1023532", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023532" + }, + { + "name": "http://downloads.asterisk.org/pub/security/AST-2010-001.html", + "refsource": "CONFIRM", + "url": "http://downloads.asterisk.org/pub/security/AST-2010-001.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0540.json b/2010/0xxx/CVE-2010-0540.json index b8aece9cd05..a6d95f851bf 100644 --- a/2010/0xxx/CVE-2010-0540.json +++ b/2010/0xxx/CVE-2010-0540.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-0540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4188", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4188" - }, - { - "name" : "http://cups.org/articles.php?L596", - "refsource" : "CONFIRM", - "url" : "http://cups.org/articles.php?L596" - }, - { - "name" : "http://cups.org/str.php?L3498", - "refsource" : "CONFIRM", - "url" : "http://cups.org/str.php?L3498" - }, - { - "name" : "APPLE-SA-2010-06-15-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html" - }, - { - "name" : "DSA-2176", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2176" - }, - { - "name" : "GLSA-201207-10", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201207-10.xml" - }, - { - "name" : "MDVSA-2010:232", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232" - }, - { - "name" : "MDVSA-2010:233", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:233" - }, - { - "name" : "MDVSA-2010:234", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234" - }, - { - "name" : "40871", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40871" - }, - { - "name" : "oval:org.mitre.oval:def:10382", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10382" - }, - { - "name" : "1024122", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024122" - }, - { - "name" : "40220", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40220" - }, - { - "name" : "43521", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43521" - }, - { - "name" : "ADV-2010-1481", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1481" - }, - { - "name" : "ADV-2011-0535", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0535" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2010-06-15-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html" + }, + { + "name": "MDVSA-2010:234", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234" + }, + { + "name": "ADV-2010-1481", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1481" + }, + { + "name": "http://cups.org/articles.php?L596", + "refsource": "CONFIRM", + "url": "http://cups.org/articles.php?L596" + }, + { + "name": "40871", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40871" + }, + { + "name": "MDVSA-2010:232", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232" + }, + { + "name": "DSA-2176", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2176" + }, + { + "name": "http://support.apple.com/kb/HT4188", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4188" + }, + { + "name": "GLSA-201207-10", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201207-10.xml" + }, + { + "name": "ADV-2011-0535", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0535" + }, + { + "name": "40220", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40220" + }, + { + "name": "http://cups.org/str.php?L3498", + "refsource": "CONFIRM", + "url": "http://cups.org/str.php?L3498" + }, + { + "name": "MDVSA-2010:233", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:233" + }, + { + "name": "oval:org.mitre.oval:def:10382", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10382" + }, + { + "name": "43521", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43521" + }, + { + "name": "1024122", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024122" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0821.json b/2010/0xxx/CVE-2010-0821.json index 5afc55faf7a..82fd9ebaf65 100644 --- a/2010/0xxx/CVE-2010-0821.json +++ b/2010/0xxx/CVE-2010-0821.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0821", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with a crafted SxView record, related to improper validation of unspecified structures, aka \"Excel Record Parsing Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-0824 and CVE-2010-1245." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-0821", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100608 ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/511729/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-104", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-104" - }, - { - "name" : "MS10-038", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" - }, - { - "name" : "TA10-159B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" - }, - { - "name" : "oval:org.mitre.oval:def:6771", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6771" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with a crafted SxView record, related to improper validation of unspecified structures, aka \"Excel Record Parsing Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-0824 and CVE-2010-1245." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100608 ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/511729/100/0/threaded" + }, + { + "name": "MS10-038", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-104", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-104" + }, + { + "name": "TA10-159B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" + }, + { + "name": "oval:org.mitre.oval:def:6771", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6771" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1127.json b/2010/1xxx/CVE-2010-1127.json index 382d8ce8cef..42a98292aaa 100644 --- a/2010/1xxx/CVE-2010-1127.json +++ b/2010/1xxx/CVE-2010-1127.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100126 Microsoft IE 6&7 Crash Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2010-01/0237.html" - }, - { - "name" : "20100128 Re: Microsoft IE 6&7 Crash Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2010-01/0278.html" - }, - { - "name" : "http://securityreason.com/exploitalert/7731", - "refsource" : "MISC", - "url" : "http://securityreason.com/exploitalert/7731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100126 Microsoft IE 6&7 Crash Exploit", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2010-01/0237.html" + }, + { + "name": "http://securityreason.com/exploitalert/7731", + "refsource": "MISC", + "url": "http://securityreason.com/exploitalert/7731" + }, + { + "name": "20100128 Re: Microsoft IE 6&7 Crash Exploit", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2010-01/0278.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1281.json b/2010/1xxx/CVE-2010-1281.json index f8ff72eb787..6668e91f90c 100644 --- a/2010/1xxx/CVE-2010-1281.json +++ b/2010/1xxx/CVE-2010-1281.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1281", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-1281", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100511 ZDI-10-087: Adobe Shockwave Invalid Offset Memory Corruption Remote Code Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/511252/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-087/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-087/" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html" - }, - { - "name" : "oval:org.mitre.oval:def:7268", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7268" - }, - { - "name" : "38751", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38751" - }, - { - "name" : "ADV-2010-1128", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38751", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38751" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-087/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-087/" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html" + }, + { + "name": "ADV-2010-1128", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1128" + }, + { + "name": "oval:org.mitre.oval:def:7268", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7268" + }, + { + "name": "20100511 ZDI-10-087: Adobe Shockwave Invalid Offset Memory Corruption Remote Code Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/511252/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1651.json b/2010/1xxx/CVE-2010-1651.json index 0407992c724..9839f126991 100644 --- a/2010/1xxx/CVE-2010-1651.json +++ b/2010/1xxx/CVE-2010-1651.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of all inbound and outbound SIP messages, which allows local users to obtain sensitive information by reading the trace log." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PM08892", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08892" - }, - { - "name" : "PM12247", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" - }, - { - "name" : "PM15829", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829" - }, - { - "name" : "65437", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/65437" - }, - { - "name" : "39628", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39628" - }, - { - "name" : "40096", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40096" - }, - { - "name" : "ADV-2010-1411", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1411" - }, - { - "name" : "ibm-was-trace-information-disclosure(58324)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of all inbound and outbound SIP messages, which allows local users to obtain sensitive information by reading the trace log." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-1411", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1411" + }, + { + "name": "39628", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39628" + }, + { + "name": "ibm-was-trace-information-disclosure(58324)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58324" + }, + { + "name": "PM12247", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" + }, + { + "name": "PM15829", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829" + }, + { + "name": "65437", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/65437" + }, + { + "name": "40096", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40096" + }, + { + "name": "PM08892", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08892" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1765.json b/2010/1xxx/CVE-2010-1765.json index 09104dfe813..91afc612544 100644 --- a/2010/1xxx/CVE-2010-1765.json +++ b/2010/1xxx/CVE-2010-1765.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1765", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1765", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1819.json b/2010/1xxx/CVE-2010-1819.json index 5d84e6ee8e2..f5ba30f6898 100644 --- a/2010/1xxx/CVE-2010-1819.json +++ b/2010/1xxx/CVE-2010-1819.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in the same folder as a .pic image file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.fortiguard.com/advisory/FGA-2010-46/", - "refsource" : "MISC", - "url" : "http://www.fortiguard.com/advisory/FGA-2010-46/" - }, - { - "name" : "http://support.apple.com/kb/HT4339", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4339" - }, - { - "name" : "APPLE-SA-2010-09-15-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in the same folder as a .pic image file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT4339", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4339" + }, + { + "name": "http://www.fortiguard.com/advisory/FGA-2010-46/", + "refsource": "MISC", + "url": "http://www.fortiguard.com/advisory/FGA-2010-46/" + }, + { + "name": "APPLE-SA-2010-09-15-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1871.json b/2010/1xxx/CVE-2010-1871.json index c9f5dd18e6b..1017ec595e3 100644 --- a/2010/1xxx/CVE-2010-1871.json +++ b/2010/1xxx/CVE-2010-1871.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1871", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1871", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=615956", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=615956" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20161017-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20161017-0001/" - }, - { - "name" : "RHSA-2010:0564", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0564.html" - }, - { - "name" : "41994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/41994" - }, - { - "name" : "1024253", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024253" - }, - { - "name" : "ADV-2010-1929", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1929" - }, - { - "name" : "seam-expressions-code-execution(60794)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/41994" + }, + { + "name": "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html" + }, + { + "name": "1024253", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024253" + }, + { + "name": "ADV-2010-1929", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1929" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=615956", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956" + }, + { + "name": "seam-expressions-code-execution(60794)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794" + }, + { + "name": "RHSA-2010:0564", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20161017-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20161017-0001/" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0006.json b/2014/0xxx/CVE-2014-0006.json index d9d6a607109..cc05ed2dd46 100644 --- a/2014/0xxx/CVE-2014-0006.json +++ b/2014/0xxx/CVE-2014-0006.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140117 [OSSA 2014-002] Swift TempURL timing attack (CVE-2014-0006)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/01/17/5" - }, - { - "name" : "https://bugs.launchpad.net/swift/+bug/1265665", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/swift/+bug/1265665" - }, - { - "name" : "RHSA-2014:0232", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0232.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0232", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0232.html" + }, + { + "name": "https://bugs.launchpad.net/swift/+bug/1265665", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/swift/+bug/1265665" + }, + { + "name": "[oss-security] 20140117 [OSSA 2014-002] Swift TempURL timing attack (CVE-2014-0006)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/01/17/5" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0376.json b/2014/0xxx/CVE-2014-0376.json index f9ba1150fdb..97865dbf431 100644 --- a/2014/0xxx/CVE-2014-0376.json +++ b/2014/0xxx/CVE-2014-0376.json @@ -1,227 +1,227 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/42be8e6266ab", - "refsource" : "MISC", - "url" : "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/42be8e6266ab" - }, - { - "name" : "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/783ceae9b736", - "refsource" : "MISC", - "url" : "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/783ceae9b736" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1051923", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" - }, - { - "name" : "HPSBUX02972", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2" - }, - { - "name" : "HPSBUX02973", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2" - }, - { - "name" : "SSRT101454", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2" - }, - { - "name" : "SSRT101455", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2" - }, - { - "name" : "RHSA-2014:0026", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0026.html" - }, - { - "name" : "RHSA-2014:0027", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0027.html" - }, - { - "name" : "RHSA-2014:0097", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0097.html" - }, - { - "name" : "RHSA-2014:0136", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0136.html" - }, - { - "name" : "RHSA-2014:0030", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0030.html" - }, - { - "name" : "RHSA-2014:0134", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0134.html" - }, - { - "name" : "RHSA-2014:0135", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0135.html" - }, - { - "name" : "RHSA-2014:0414", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0414" - }, - { - "name" : "openSUSE-SU-2014:0174", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" - }, - { - "name" : "SUSE-SU-2014:0246", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html" - }, - { - "name" : "SUSE-SU-2014:0266", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html" - }, - { - "name" : "openSUSE-SU-2014:0177", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" - }, - { - "name" : "openSUSE-SU-2014:0180", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" - }, - { - "name" : "SUSE-SU-2014:0451", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html" - }, - { - "name" : "USN-2089-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2089-1" - }, - { - "name" : "USN-2124-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2124-1" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "64907", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64907" - }, - { - "name" : "102018", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102018" - }, - { - "name" : "1029608", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029608" - }, - { - "name" : "56432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56432" - }, - { - "name" : "56485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56485" - }, - { - "name" : "56486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56486" - }, - { - "name" : "56535", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56535" - }, - { - "name" : "oracle-cpujan2014-cve20140376(90350)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90350" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56432" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" + }, + { + "name": "RHSA-2014:0414", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0414" + }, + { + "name": "RHSA-2014:0136", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html" + }, + { + "name": "openSUSE-SU-2014:0174", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" + }, + { + "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/42be8e6266ab", + "refsource": "MISC", + "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/42be8e6266ab" + }, + { + "name": "SSRT101455", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2" + }, + { + "name": "RHSA-2014:0135", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html" + }, + { + "name": "56535", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56535" + }, + { + "name": "USN-2089-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2089-1" + }, + { + "name": "64907", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64907" + }, + { + "name": "RHSA-2014:0030", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" + }, + { + "name": "RHSA-2014:0097", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html" + }, + { + "name": "56485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56485" + }, + { + "name": "SSRT101454", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" + }, + { + "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/783ceae9b736", + "refsource": "MISC", + "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/783ceae9b736" + }, + { + "name": "102018", + "refsource": "OSVDB", + "url": "http://osvdb.org/102018" + }, + { + "name": "HPSBUX02972", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2" + }, + { + "name": "RHSA-2014:0027", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" + }, + { + "name": "56486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56486" + }, + { + "name": "SUSE-SU-2014:0451", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html" + }, + { + "name": "HPSBUX02973", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2" + }, + { + "name": "1029608", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029608" + }, + { + "name": "USN-2124-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2124-1" + }, + { + "name": "SUSE-SU-2014:0266", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html" + }, + { + "name": "oracle-cpujan2014-cve20140376(90350)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90350" + }, + { + "name": "RHSA-2014:0026", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "SUSE-SU-2014:0246", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + }, + { + "name": "RHSA-2014:0134", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html" + }, + { + "name": "openSUSE-SU-2014:0180", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" + }, + { + "name": "openSUSE-SU-2014:0177", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0396.json b/2014/0xxx/CVE-2014-0396.json index 21a37d6b120..7634bfeed32 100644 --- a/2014/0xxx/CVE-2014-0396.json +++ b/2014/0xxx/CVE-2014-0396.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal - Web Services." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "64841", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64841" - }, - { - "name" : "102031", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102031" - }, - { - "name" : "1029623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029623" - }, - { - "name" : "56478", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56478" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal - Web Services." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64841", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64841" + }, + { + "name": "56478", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56478" + }, + { + "name": "1029623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029623" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + }, + { + "name": "102031", + "refsource": "OSVDB", + "url": "http://osvdb.org/102031" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0489.json b/2014/0xxx/CVE-2014-0489.json index 3fdbdce39e9..3d64da14404 100644 --- a/2014/0xxx/CVE-2014-0489.json +++ b/2014/0xxx/CVE-2014-0489.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0489", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2014-0489", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-3025", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3025" - }, - { - "name" : "USN-2348-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-2348-1" - }, - { - "name" : "61275", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61275" - }, - { - "name" : "61286", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61286" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "61286", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61286" + }, + { + "name": "61275", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61275" + }, + { + "name": "USN-2348-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-2348-1" + }, + { + "name": "DSA-3025", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3025" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0596.json b/2014/0xxx/CVE-2014-0596.json index b6e25c767e0..9ccf4a0f1e5 100644 --- a/2014/0xxx/CVE-2014-0596.json +++ b/2014/0xxx/CVE-2014-0596.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0596", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0596", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0672.json b/2014/0xxx/CVE-2014-0672.json index 0bf3fe3212e..b6c731cfa04 100644 --- a/2014/0xxx/CVE-2014-0672.json +++ b/2014/0xxx/CVE-2014-0672.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32516", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32516" - }, - { - "name" : "20140121 Cisco MediaSense Search and Play Authorization Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0672" - }, - { - "name" : "65054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65054" - }, - { - "name" : "102342", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102342" - }, - { - "name" : "1029668", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029668" - }, - { - "name" : "56600", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56600" - }, - { - "name" : "cisco-mediasense-cve20140672-info-disc(90616)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90616" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1029668", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029668" + }, + { + "name": "102342", + "refsource": "OSVDB", + "url": "http://osvdb.org/102342" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32516", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32516" + }, + { + "name": "cisco-mediasense-cve20140672-info-disc(90616)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90616" + }, + { + "name": "56600", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56600" + }, + { + "name": "65054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65054" + }, + { + "name": "20140121 Cisco MediaSense Search and Play Authorization Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0672" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0879.json b/2014/0xxx/CVE-2014-0879.json index 215517ffdab..0022d0ec34c 100644 --- a/2014/0xxx/CVE-2014-0879.json +++ b/2014/0xxx/CVE-2014-0879.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0879", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Taskmaster Capture ActiveX control in IBM Datacap Taskmaster Capture 8.0.1, and 8.1 before FP2, allows remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666888", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666888" - }, - { - "name" : "ibm-taskmaster-cve20140879-code-exec(91115)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Taskmaster Capture ActiveX control in IBM Datacap Taskmaster Capture 8.0.1, and 8.1 before FP2, allows remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-taskmaster-cve20140879-code-exec(91115)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91115" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21666888", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21666888" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1238.json b/2014/1xxx/CVE-2014-1238.json index 1dfcd7523b7..a1dc63db73f 100644 --- a/2014/1xxx/CVE-2014-1238.json +++ b/2014/1xxx/CVE-2014-1238.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1238", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1238", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1454.json b/2014/1xxx/CVE-2014-1454.json index 42d5c7c60cb..fe47eb5f6dc 100644 --- a/2014/1xxx/CVE-2014-1454.json +++ b/2014/1xxx/CVE-2014-1454.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1454", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1454", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4000.json b/2014/4xxx/CVE-2014-4000.json index 8dd35f572bc..841ec1b0b2e 100644 --- a/2014/4xxx/CVE-2014-4000.json +++ b/2014/4xxx/CVE-2014-4000.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4000", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes())." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://forums.cacti.net/viewtopic.php?f=4&t=56794", - "refsource" : "CONFIRM", - "url" : "https://forums.cacti.net/viewtopic.php?f=4&t=56794" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2014-4000", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2014-4000" - }, - { - "name" : "https://www.cacti.net/release_notes_1_0_0.php", - "refsource" : "CONFIRM", - "url" : "https://www.cacti.net/release_notes_1_0_0.php" - }, - { - "name" : "GLSA-201711-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201711-10" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes())." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security-tracker.debian.org/tracker/CVE-2014-4000", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2014-4000" + }, + { + "name": "https://forums.cacti.net/viewtopic.php?f=4&t=56794", + "refsource": "CONFIRM", + "url": "https://forums.cacti.net/viewtopic.php?f=4&t=56794" + }, + { + "name": "GLSA-201711-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201711-10" + }, + { + "name": "https://www.cacti.net/release_notes_1_0_0.php", + "refsource": "CONFIRM", + "url": "https://www.cacti.net/release_notes_1_0_0.php" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4076.json b/2014/4xxx/CVE-2014-4076.json index 3fa75e59b94..141aec91de8 100644 --- a/2014/4xxx/CVE-2014-4076.json +++ b/2014/4xxx/CVE-2014-4076.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka \"TCP/IP Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-4076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "35936", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/35936" - }, - { - "name" : "37755", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37755/" - }, - { - "name" : "MS14-070", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-070" - }, - { - "name" : "70976", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70976" - }, - { - "name" : "114532", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/114532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka \"TCP/IP Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-070", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-070" + }, + { + "name": "114532", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/114532" + }, + { + "name": "37755", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37755/" + }, + { + "name": "35936", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/35936" + }, + { + "name": "70976", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70976" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4086.json b/2014/4xxx/CVE-2014-4086.json index 941ae73cc0d..705d217d14b 100644 --- a/2014/4xxx/CVE-2014-4086.json +++ b/2014/4xxx/CVE-2014-4086.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-4086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-052", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052" - }, - { - "name" : "69590", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69590" - }, - { - "name" : "1030818", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030818" - }, - { - "name" : "ms-ie-cve20144086-code-exec(95516)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95516" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "69590", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69590" + }, + { + "name": "ms-ie-cve20144086-code-exec(95516)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95516" + }, + { + "name": "1030818", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030818" + }, + { + "name": "MS14-052", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4251.json b/2014/4xxx/CVE-2014-4251.json index f0d7dfe2c3d..405fb2bf923 100644 --- a/2014/4xxx/CVE-2014-4251.json +++ b/2014/4xxx/CVE-2014-4251.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4251", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect integrity via vectors related to plugin 1.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4251", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "68650", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68650" - }, - { - "name" : "1030594", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030594" - }, - { - "name" : "59204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59204" - }, - { - "name" : "oracle-cpujul2014-cve20144251(94560)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94560" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect integrity via vectors related to plugin 1.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "68650", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68650" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "oracle-cpujul2014-cve20144251(94560)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94560" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "59204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59204" + }, + { + "name": "1030594", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030594" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4495.json b/2014/4xxx/CVE-2014-4495.json index 2c2e842ff3f..56647b10526 100644 --- a/2014/4xxx/CVE-2014-4495.json +++ b/2014/4xxx/CVE-2014-4495.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4495", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-4495", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/HT204244", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/HT204244" - }, - { - "name" : "http://support.apple.com/HT204245", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/HT204245" - }, - { - "name" : "http://support.apple.com/HT204246", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/HT204246" - }, - { - "name" : "APPLE-SA-2015-01-27-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-01-27-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-01-27-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" - }, - { - "name" : "1031650", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031650" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/HT204245", + "refsource": "CONFIRM", + "url": "http://support.apple.com/HT204245" + }, + { + "name": "http://support.apple.com/HT204246", + "refsource": "CONFIRM", + "url": "http://support.apple.com/HT204246" + }, + { + "name": "1031650", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031650" + }, + { + "name": "APPLE-SA-2015-01-27-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" + }, + { + "name": "http://support.apple.com/HT204244", + "refsource": "CONFIRM", + "url": "http://support.apple.com/HT204244" + }, + { + "name": "APPLE-SA-2015-01-27-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" + }, + { + "name": "APPLE-SA-2015-01-27-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4971.json b/2014/4xxx/CVE-2014-4971.json index 2f0f547466d..55bd1c0ca01 100644 --- a/2014/4xxx/CVE-2014-4971.json +++ b/2014/4xxx/CVE-2014-4971.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140718 KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532843/100/0/threaded" - }, - { - "name" : "20140718 KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532844/100/0/threaded" - }, - { - "name" : "34112", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34112" - }, - { - "name" : "34982", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34982" - }, - { - "name" : "34131", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34131" - }, - { - "name" : "20140718 KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Jul/96" - }, - { - "name" : "20140718 KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Jul/97" - }, - { - "name" : "https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt", - "refsource" : "MISC", - "url" : "https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt" - }, - { - "name" : "https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt", - "refsource" : "MISC", - "url" : "https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/128674/Microsoft-Bluetooth-Personal-Area-Networking-BthPan.sys-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128674/Microsoft-Bluetooth-Personal-Area-Networking-BthPan.sys-Privilege-Escalation.html" - }, - { - "name" : "http://packetstormsecurity.com/files/127535/Microsoft-XP-SP3-BthPan.sys-Arbitrary-Write-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127535/Microsoft-XP-SP3-BthPan.sys-Arbitrary-Write-Privilege-Escalation.html" - }, - { - "name" : "http://packetstormsecurity.com/files/127536/Microsoft-XP-SP3-MQAC.sys-Arbitrary-Write-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127536/Microsoft-XP-SP3-MQAC.sys-Arbitrary-Write-Privilege-Escalation.html" - }, - { - "name" : "http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx" - }, - { - "name" : "MS14-062", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-062" - }, - { - "name" : "68764", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68764" - }, - { - "name" : "109387", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/109387" - }, - { - "name" : "1031025", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031025" - }, - { - "name" : "60974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031025", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031025" + }, + { + "name": "MS14-062", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-062" + }, + { + "name": "68764", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68764" + }, + { + "name": "http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx" + }, + { + "name": "https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt", + "refsource": "MISC", + "url": "https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt" + }, + { + "name": "20140718 KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532844/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/127536/Microsoft-XP-SP3-MQAC.sys-Arbitrary-Write-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127536/Microsoft-XP-SP3-MQAC.sys-Arbitrary-Write-Privilege-Escalation.html" + }, + { + "name": "34112", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34112" + }, + { + "name": "34131", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34131" + }, + { + "name": "https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt", + "refsource": "MISC", + "url": "https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt" + }, + { + "name": "http://packetstormsecurity.com/files/127535/Microsoft-XP-SP3-BthPan.sys-Arbitrary-Write-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127535/Microsoft-XP-SP3-BthPan.sys-Arbitrary-Write-Privilege-Escalation.html" + }, + { + "name": "http://packetstormsecurity.com/files/128674/Microsoft-Bluetooth-Personal-Area-Networking-BthPan.sys-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128674/Microsoft-Bluetooth-Personal-Area-Networking-BthPan.sys-Privilege-Escalation.html" + }, + { + "name": "34982", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34982" + }, + { + "name": "20140718 KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Jul/97" + }, + { + "name": "20140718 KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532843/100/0/threaded" + }, + { + "name": "109387", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/109387" + }, + { + "name": "60974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60974" + }, + { + "name": "20140718 KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Jul/96" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5142.json b/2014/5xxx/CVE-2014-5142.json index c278a1f9ac4..dc49a7c1220 100644 --- a/2014/5xxx/CVE-2014-5142.json +++ b/2014/5xxx/CVE-2014-5142.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5142", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5142", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5505.json b/2014/5xxx/CVE-2014-5505.json index f7d76cb4544..ece8709e4ba 100644 --- a/2014/5xxx/CVE-2014-5505.json +++ b/2014/5xxx/CVE-2014-5505.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5505", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-301/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-301/" - }, - { - "name" : "http://scn.sap.com/docs/DOC-8218", - "refsource" : "CONFIRM", - "url" : "http://scn.sap.com/docs/DOC-8218" - }, - { - "name" : "https://service.sap.com/sap/support/notes/1999142", - "refsource" : "CONFIRM", - "url" : "https://service.sap.com/sap/support/notes/1999142" - }, - { - "name" : "69558", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69558" - }, - { - "name" : "60877", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60877" - }, - { - "name" : "sap-crystal-cve20145505-bo(95740)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95740" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "60877", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60877" + }, + { + "name": "sap-crystal-cve20145505-bo(95740)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95740" + }, + { + "name": "https://service.sap.com/sap/support/notes/1999142", + "refsource": "CONFIRM", + "url": "https://service.sap.com/sap/support/notes/1999142" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-301/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-301/" + }, + { + "name": "69558", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69558" + }, + { + "name": "http://scn.sap.com/docs/DOC-8218", + "refsource": "CONFIRM", + "url": "http://scn.sap.com/docs/DOC-8218" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3339.json b/2016/3xxx/CVE-2016-3339.json index 9881c92fc13..43579b00e4d 100644 --- a/2016/3xxx/CVE-2016-3339.json +++ b/2016/3xxx/CVE-2016-3339.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3339", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-3339", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3447.json b/2016/3xxx/CVE-2016-3447.json index bcc6c3fb853..5280029ed57 100644 --- a/2016/3xxx/CVE-2016-3447.json +++ b/2016/3xxx/CVE-2016-3447.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to OAF Core." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035603", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035603" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to OAF Core." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "1035603", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035603" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3466.json b/2016/3xxx/CVE-2016-3466.json index 6c1ed1cbd95..9ccf53c8833 100644 --- a/2016/3xxx/CVE-2016-3466.json +++ b/2016/3xxx/CVE-2016-3466.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3466", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3466", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035603", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035603" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "1035603", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035603" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3663.json b/2016/3xxx/CVE-2016-3663.json index 8975f7376a9..bfe068925bc 100644 --- a/2016/3xxx/CVE-2016-3663.json +++ b/2016/3xxx/CVE-2016-3663.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3663", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3663", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3836.json b/2016/3xxx/CVE-2016-3836.json index 89fc6203352..3f33f10264c 100644 --- a/2016/3xxx/CVE-2016-3836.json +++ b/2016/3xxx/CVE-2016-3836.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28592402." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/native/+/3bcf0caa8cca9143443814b36676b3bae33a4368", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/native/+/3bcf0caa8cca9143443814b36676b3bae33a4368" - }, - { - "name" : "92224", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92224" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28592402." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/native/+/3bcf0caa8cca9143443814b36676b3bae33a4368", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/native/+/3bcf0caa8cca9143443814b36676b3bae33a4368" + }, + { + "name": "92224", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92224" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3838.json b/2016/3xxx/CVE-2016-3838.json index 023d2b84c14..44a43ad515a 100644 --- a/2016/3xxx/CVE-2016-3838.json +++ b/2016/3xxx/CVE-2016-3838.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Android 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of locked-screen 911 functionality) via a crafted application that uses the app-pinning feature, aka internal bug 28761672." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/base/+/468651c86a8adb7aa56c708d2348e99022088af3", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/base/+/468651c86a8adb7aa56c708d2348e99022088af3" - }, - { - "name" : "92244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Android 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of locked-screen 911 functionality) via a crafted application that uses the app-pinning feature, aka internal bug 28761672." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/base/+/468651c86a8adb7aa56c708d2348e99022088af3", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/base/+/468651c86a8adb7aa56c708d2348e99022088af3" + }, + { + "name": "92244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92244" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3891.json b/2016/3xxx/CVE-2016-3891.json index 01e14a23922..268c9c10872 100644 --- a/2016/3xxx/CVE-2016-3891.json +++ b/2016/3xxx/CVE-2016-3891.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3891", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3891", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3961.json b/2016/3xxx/CVE-2016-3961.json index 1c761c855a1..dfab880f745 100644 --- a/2016/3xxx/CVE-2016-3961.json +++ b/2016/3xxx/CVE-2016-3961.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-174.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-174.html" - }, - { - "name" : "http://xenbits.xen.org/xsa/xsa174.patch", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/xsa174.patch" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "USN-3001-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3001-1" - }, - { - "name" : "USN-3002-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3002-1" - }, - { - "name" : "USN-3003-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3003-1" - }, - { - "name" : "USN-3004-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3004-1" - }, - { - "name" : "USN-3005-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3005-1" - }, - { - "name" : "USN-3006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3006-1" - }, - { - "name" : "USN-3007-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3007-1" - }, - { - "name" : "USN-3049-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3049-1" - }, - { - "name" : "USN-3050-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3050-1" - }, - { - "name" : "86068", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86068" - }, - { - "name" : "1035569", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035569" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://xenbits.xen.org/xsa/xsa174.patch", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/xsa174.patch" + }, + { + "name": "USN-3006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3006-1" + }, + { + "name": "USN-3004-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3004-1" + }, + { + "name": "USN-3001-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3001-1" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-174.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-174.html" + }, + { + "name": "USN-3005-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3005-1" + }, + { + "name": "1035569", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035569" + }, + { + "name": "USN-3049-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3049-1" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "USN-3002-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3002-1" + }, + { + "name": "USN-3050-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3050-1" + }, + { + "name": "USN-3007-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3007-1" + }, + { + "name": "USN-3003-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3003-1" + }, + { + "name": "86068", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86068" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7762.json b/2016/7xxx/CVE-2016-7762.json index 4a56c90169c..2d71ac97dce 100644 --- a/2016/7xxx/CVE-2016-7762.json +++ b/2016/7xxx/CVE-2016-7762.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-7762", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"WebKit\" component, which allows XSS attacks against Safari." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-7762", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207422", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207422" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"WebKit\" component, which allows XSS attacks against Safari." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207422", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207422" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8054.json b/2016/8xxx/CVE-2016-8054.json index 61844181015..fdd2d4f0e27 100644 --- a/2016/8xxx/CVE-2016-8054.json +++ b/2016/8xxx/CVE-2016-8054.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8054", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8054", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8253.json b/2016/8xxx/CVE-2016-8253.json index 081e8ab0a41..a6f9df337c2 100644 --- a/2016/8xxx/CVE-2016-8253.json +++ b/2016/8xxx/CVE-2016-8253.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8253", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8253", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8256.json b/2016/8xxx/CVE-2016-8256.json index e741b0a7341..24007623388 100644 --- a/2016/8xxx/CVE-2016-8256.json +++ b/2016/8xxx/CVE-2016-8256.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8256", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8256", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8761.json b/2016/8xxx/CVE-2016-8761.json index 3e454bc7457..0aa83ed1f09 100644 --- a/2016/8xxx/CVE-2016-8761.json +++ b/2016/8xxx/CVE-2016-8761.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@huawei.com", - "ID" : "CVE-2016-8761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1", - "version" : { - "version_data" : [ - { - "version_value" : "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "stack overflow" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@huawei.com", + "ID": "CVE-2016-8761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1", + "version": { + "version_data": [ + { + "version_value": "P9,Honor 6 Versions before EVA-AL10C00B192,Versions before H60-L02_6.10.1" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en" - }, - { - "name" : "93530", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93530" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93530", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93530" + }, + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8817.json b/2016/8xxx/CVE-2016-8817.json index 970c8640a24..07c5794b3ba 100644 --- a/2016/8xxx/CVE-2016-8817.json +++ b/2016/8xxx/CVE-2016-8817.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@nvidia.com", - "ID" : "CVE-2016-8817", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Quadro, NVS, GeForce, GRID and Tesla", - "version" : { - "version_data" : [ - { - "version_value" : "All" - } - ] - } - } - ] - }, - "vendor_name" : "Nvidia Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy(), causing a buffer overflow, leading to denial of service or potential escalation of privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", + "ID": "CVE-2016-8817", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Quadro, NVS, GeForce, GRID and Tesla", + "version": { + "version_data": [ + { + "version_value": "All" + } + ] + } + } + ] + }, + "vendor_name": "Nvidia Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4257", - "refsource" : "CONFIRM", - "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4257" - }, - { - "name" : "95059", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95059" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy(), causing a buffer overflow, leading to denial of service or potential escalation of privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4257", + "refsource": "CONFIRM", + "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4257" + }, + { + "name": "95059", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95059" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8922.json b/2016/8xxx/CVE-2016-8922.json index 8910f35f5fc..bffd43b3d78 100644 --- a/2016/8xxx/CVE-2016-8922.json +++ b/2016/8xxx/CVE-2016-8922.json @@ -1,214 +1,214 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-8922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere Portal", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.0.0" - }, - { - "version_value" : "5.1.0.1" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.5" - }, - { - "version_value" : "6.0.0.0" - }, - { - "version_value" : "6.0.0.1" - }, - { - "version_value" : "6.0.1.1" - }, - { - "version_value" : "6.0.1.3" - }, - { - "version_value" : "6.1.0.0" - }, - { - "version_value" : "6.0.1.5" - }, - { - "version_value" : "6.0.1.2" - }, - { - "version_value" : "6.0.1.4" - }, - { - "version_value" : "6.1.0.1" - }, - { - "version_value" : "6.1.0.2" - }, - { - "version_value" : "6.1.0.3" - }, - { - "version_value" : "6.0.1.5 build wp6015_008_01" - }, - { - "version_value" : "6.0.0.2" - }, - { - "version_value" : "6.0.0.3" - }, - { - "version_value" : "6.0.0.4" - }, - { - "version_value" : "6.0.1.0" - }, - { - "version_value" : "6.0.1.6" - }, - { - "version_value" : "6.0.1.7" - }, - { - "version_value" : "6.1.5.0" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7.0.0.1" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "1.0" - }, - { - "version_value" : "7.0.0.1" - }, - { - "version_value" : "7.0.0.1" - }, - { - "version_value" : "7.0.0.1" - }, - { - "version_value" : "8.0.0.1" - }, - { - "version_value" : "7.0.0.2" - }, - { - "version_value" : "6.1.0.4" - }, - { - "version_value" : "6.1.0.5" - }, - { - "version_value" : "6.1.0.6" - }, - { - "version_value" : "6.1.5.1" - }, - { - "version_value" : "6.1.5.2" - }, - { - "version_value" : "6.1.5.3" - }, - { - "version_value" : "8" - }, - { - "version_value" : "7" - }, - { - "version_value" : "6.1.5" - }, - { - "version_value" : "6.1.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.0.0" - }, - { - "version_value" : "8.5" - }, - { - "version_value" : "6.1" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "8.5.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-8922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebSphere Portal", + "version": { + "version_data": [ + { + "version_value": "5.1.0.0" + }, + { + "version_value": "5.1.0.1" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.5" + }, + { + "version_value": "6.0.0.0" + }, + { + "version_value": "6.0.0.1" + }, + { + "version_value": "6.0.1.1" + }, + { + "version_value": "6.0.1.3" + }, + { + "version_value": "6.1.0.0" + }, + { + "version_value": "6.0.1.5" + }, + { + "version_value": "6.0.1.2" + }, + { + "version_value": "6.0.1.4" + }, + { + "version_value": "6.1.0.1" + }, + { + "version_value": "6.1.0.2" + }, + { + "version_value": "6.1.0.3" + }, + { + "version_value": "6.0.1.5 build wp6015_008_01" + }, + { + "version_value": "6.0.0.2" + }, + { + "version_value": "6.0.0.3" + }, + { + "version_value": "6.0.0.4" + }, + { + "version_value": "6.0.1.0" + }, + { + "version_value": "6.0.1.6" + }, + { + "version_value": "6.0.1.7" + }, + { + "version_value": "6.1.5.0" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7.0.0.1" + }, + { + "version_value": "8.0" + }, + { + "version_value": "1.0" + }, + { + "version_value": "7.0.0.1" + }, + { + "version_value": "7.0.0.1" + }, + { + "version_value": "7.0.0.1" + }, + { + "version_value": "8.0.0.1" + }, + { + "version_value": "7.0.0.2" + }, + { + "version_value": "6.1.0.4" + }, + { + "version_value": "6.1.0.5" + }, + { + "version_value": "6.1.0.6" + }, + { + "version_value": "6.1.5.1" + }, + { + "version_value": "6.1.5.2" + }, + { + "version_value": "6.1.5.3" + }, + { + "version_value": "8" + }, + { + "version_value": "7" + }, + { + "version_value": "6.1.5" + }, + { + "version_value": "6.1.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.0.0" + }, + { + "version_value": "8.5" + }, + { + "version_value": "6.1" + }, + { + "version_value": "6.0" + }, + { + "version_value": "8.5.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21993561", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21993561" - }, - { - "name" : "94413", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94413" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21993561", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21993561" + }, + { + "name": "94413", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94413" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9433.json b/2016/9xxx/CVE-2016-9433.json index 0eda0ffd5a3..85aad9389e9 100644 --- a/2016/9xxx/CVE-2016-9433.json +++ b/2016/9xxx/CVE-2016-9433.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9433", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/3" - }, - { - "name" : "https://github.com/tats/w3m/blob/master/ChangeLog", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/blob/master/ChangeLog" - }, - { - "name" : "https://github.com/tats/w3m/issues/14", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/issues/14" - }, - { - "name" : "GLSA-201701-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-08" - }, - { - "name" : "94407", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94407" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201701-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-08" + }, + { + "name": "https://github.com/tats/w3m/blob/master/ChangeLog", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/blob/master/ChangeLog" + }, + { + "name": "94407", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94407" + }, + { + "name": "https://github.com/tats/w3m/issues/14", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/issues/14" + }, + { + "name": "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/3" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9525.json b/2016/9xxx/CVE-2016-9525.json index b15a85143db..c6b1bd99910 100644 --- a/2016/9xxx/CVE-2016-9525.json +++ b/2016/9xxx/CVE-2016-9525.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9525", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9525", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9758.json b/2016/9xxx/CVE-2016-9758.json index aee2c579dc4..be793fc0a7f 100644 --- a/2016/9xxx/CVE-2016-9758.json +++ b/2016/9xxx/CVE-2016-9758.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9758", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9758", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9770.json b/2016/9xxx/CVE-2016-9770.json index d1f503429fc..39def6bed11 100644 --- a/2016/9xxx/CVE-2016-9770.json +++ b/2016/9xxx/CVE-2016-9770.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9770", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9770", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2049.json b/2019/2xxx/CVE-2019-2049.json index 99578706049..456779a9ec5 100644 --- a/2019/2xxx/CVE-2019-2049.json +++ b/2019/2xxx/CVE-2019-2049.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2049", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2049", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2780.json b/2019/2xxx/CVE-2019-2780.json index 38cbc4c4bc6..03bd57169fc 100644 --- a/2019/2xxx/CVE-2019-2780.json +++ b/2019/2xxx/CVE-2019-2780.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2780", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2780", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2840.json b/2019/2xxx/CVE-2019-2840.json index 66a5d7bc3db..8fda7e15c57 100644 --- a/2019/2xxx/CVE-2019-2840.json +++ b/2019/2xxx/CVE-2019-2840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2995.json b/2019/2xxx/CVE-2019-2995.json index aa5e6a2cc58..1d6ccde25ed 100644 --- a/2019/2xxx/CVE-2019-2995.json +++ b/2019/2xxx/CVE-2019-2995.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2995", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2995", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6168.json b/2019/6xxx/CVE-2019-6168.json index 27966fcf70c..e3a2034e8bf 100644 --- a/2019/6xxx/CVE-2019-6168.json +++ b/2019/6xxx/CVE-2019-6168.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6168", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6168", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6314.json b/2019/6xxx/CVE-2019-6314.json index f597fb0044a..414f17ab708 100644 --- a/2019/6xxx/CVE-2019-6314.json +++ b/2019/6xxx/CVE-2019-6314.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6314", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6314", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6883.json b/2019/6xxx/CVE-2019-6883.json index 561e0fc35b0..bdf2b390691 100644 --- a/2019/6xxx/CVE-2019-6883.json +++ b/2019/6xxx/CVE-2019-6883.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6883", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6883", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file