diff --git a/1999/0xxx/CVE-1999-0118.json b/1999/0xxx/CVE-1999-0118.json index a07f33740d3..a2ba36d4451 100644 --- a/1999/0xxx/CVE-1999-0118.json +++ b/1999/0xxx/CVE-1999-0118.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AIX infod allows local users to gain root access through an X display." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981119 RSI.0011.11-09-98.AIX.INFOD", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91158980826979&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AIX infod allows local users to gain root access through an X display." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19981119 RSI.0011.11-09-98.AIX.INFOD", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91158980826979&w=2" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0954.json b/1999/0xxx/CVE-1999-0954.json index 7bd39dac980..1ed94c49dbe 100644 --- a/1999/0xxx/CVE-1999-0954.json +++ b/1999/0xxx/CVE-1999-0954.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WWWBoard has a default username and default password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "649", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/649" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WWWBoard has a default username and default password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "649", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/649" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1464.json b/1999/1xxx/CVE-1999-1464.json index 3ffc8302320..7b63d0924c3 100644 --- a/1999/1xxx/CVE-1999-1464.json +++ b/1999/1xxx/CVE-1999-1464.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981105 Cisco IOS DFS Access List Leakage", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml" - }, - { - "name" : "J-016", - "refsource" : "CIAC", - "url" : "http://ciac.llnl.gov/ciac/bulletins/j-016.shtml" - }, - { - "name" : "cisco-acl-leakage(1401)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1401" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "J-016", + "refsource": "CIAC", + "url": "http://ciac.llnl.gov/ciac/bulletins/j-016.shtml" + }, + { + "name": "19981105 Cisco IOS DFS Access List Leakage", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml" + }, + { + "name": "cisco-acl-leakage(1401)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1401" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1484.json b/1999/1xxx/CVE-1999-1484.json index b521d6eea20..105c955aeb9 100644 --- a/1999/1xxx/CVE-1999-1484.json +++ b/1999/1xxx/CVE-1999-1484.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1484", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990924 Several ActiveX Buffer Overruns", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/28719" - }, - { - "name" : "msn-setup-bbs-activex-bo(3310)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3310" - }, - { - "name" : "668", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/668" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "668", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/668" + }, + { + "name": "msn-setup-bbs-activex-bo(3310)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3310" + }, + { + "name": "19990924 Several ActiveX Buffer Overruns", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/28719" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1089.json b/2000/1xxx/CVE-2000-1089.json index 0acc353413a..148eed959bd 100644 --- a/2000/1xxx/CVE-2000-1089.json +++ b/2000/1xxx/CVE-2000-1089.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the \"Phone Book Service Buffer Overflow\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "A120400-1", - "refsource" : "ATSTAKE", - "url" : "http://www.stake.com/research/advisories/2000/a120400-1.txt" - }, - { - "name" : "MS00-094", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-094" - }, - { - "name" : "2048", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2048" - }, - { - "name" : "phone-book-service-bo(5623)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the \"Phone Book Service Buffer Overflow\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2048", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2048" + }, + { + "name": "A120400-1", + "refsource": "ATSTAKE", + "url": "http://www.stake.com/research/advisories/2000/a120400-1.txt" + }, + { + "name": "phone-book-service-bo(5623)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5623" + }, + { + "name": "MS00-094", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-094" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2089.json b/2005/2xxx/CVE-2005-2089.json index 2eda358cb4a..d032ff9ff58 100644 --- a/2005/2xxx/CVE-2005-2089.json +++ b/2005/2xxx/CVE-2005-2089.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/lists/bugtraq/2005/Jun/0025.html" - }, - { - "name" : "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", - "refsource" : "MISC", - "url" : "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf" - }, - { - "name" : "http://www.securiteam.com/securityreviews/5GP0220G0U.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/securityreviews/5GP0220G0U.html" - }, - { - "name" : "microsoft-iis-hrs(42899)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "microsoft-iis-hrs(42899)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42899" + }, + { + "name": "http://www.securiteam.com/securityreviews/5GP0220G0U.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html" + }, + { + "name": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", + "refsource": "MISC", + "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf" + }, + { + "name": "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0477.json b/2007/0xxx/CVE-2007-0477.json index fb40ff3f9bd..41ab3cf6e36 100644 --- a/2007/0xxx/CVE-2007-0477.json +++ b/2007/0xxx/CVE-2007-0477.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Openads 2.0.x before 2.0.10, 2.3 before 2.3.31 (aka Max Media Manager before 0.3.31-alpha-pr2), and phpAdsNew/phpPgAds before 2.0.9-pr1 allows remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in admin-search.php and (2) affiliate-search.php. NOTE: this issue may overlap CVE-2007-0363." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070126 [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458197/100/100/threaded" - }, - { - "name" : "20070127 Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458296/100/100/threaded" - }, - { - "name" : "20070124 [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457990/100/200/threaded" - }, - { - "name" : "http://forum.openads.org/index.php?showtopic=503412651", - "refsource" : "MISC", - "url" : "http://forum.openads.org/index.php?showtopic=503412651" - }, - { - "name" : "https://developer.openads.org/browser/branches/max/trunk/CHANGELOG.txt?format=raw", - "refsource" : "CONFIRM", - "url" : "https://developer.openads.org/browser/branches/max/trunk/CHANGELOG.txt?format=raw" - }, - { - "name" : "JVN#07274813", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2307274813/index.html" - }, - { - "name" : "ADV-2007-0315", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0315" - }, - { - "name" : "32926", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Openads 2.0.x before 2.0.10, 2.3 before 2.3.31 (aka Max Media Manager before 0.3.31-alpha-pr2), and phpAdsNew/phpPgAds before 2.0.9-pr1 allows remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in admin-search.php and (2) affiliate-search.php. NOTE: this issue may overlap CVE-2007-0363." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070126 [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458197/100/100/threaded" + }, + { + "name": "JVN#07274813", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2307274813/index.html" + }, + { + "name": "32926", + "refsource": "OSVDB", + "url": "http://osvdb.org/32926" + }, + { + "name": "20070124 [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457990/100/200/threaded" + }, + { + "name": "http://forum.openads.org/index.php?showtopic=503412651", + "refsource": "MISC", + "url": "http://forum.openads.org/index.php?showtopic=503412651" + }, + { + "name": "20070127 Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458296/100/100/threaded" + }, + { + "name": "https://developer.openads.org/browser/branches/max/trunk/CHANGELOG.txt?format=raw", + "refsource": "CONFIRM", + "url": "https://developer.openads.org/browser/branches/max/trunk/CHANGELOG.txt?format=raw" + }, + { + "name": "ADV-2007-0315", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0315" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1250.json b/2007/1xxx/CVE-2007-1250.json index 789b865bb31..70c95ae1359 100644 --- a/2007/1xxx/CVE-2007-1250.json +++ b/2007/1xxx/CVE-2007-1250.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1250", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070301 Angel LMS 7.1 - Remote SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461638/100/0/threaded" - }, - { - "name" : "20070301 Re: Angel LMS 7.1 - Remote SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461673/100/0/threaded" - }, - { - "name" : "20070301 [Fwd: Re: Angel LMS 7.1 - Remote SQL Injection]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461811/100/0/threaded" - }, - { - "name" : "3390", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3390" - }, - { - "name" : "22768", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22768" - }, - { - "name" : "ADV-2007-0807", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0807" - }, - { - "name" : "33846", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33846" - }, - { - "name" : "24368", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24368" - }, - { - "name" : "angellms-default-sql-injection(32756)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32756" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070301 [Fwd: Re: Angel LMS 7.1 - Remote SQL Injection]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461811/100/0/threaded" + }, + { + "name": "angellms-default-sql-injection(32756)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32756" + }, + { + "name": "33846", + "refsource": "OSVDB", + "url": "http://osvdb.org/33846" + }, + { + "name": "20070301 Angel LMS 7.1 - Remote SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461638/100/0/threaded" + }, + { + "name": "20070301 Re: Angel LMS 7.1 - Remote SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461673/100/0/threaded" + }, + { + "name": "ADV-2007-0807", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0807" + }, + { + "name": "22768", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22768" + }, + { + "name": "3390", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3390" + }, + { + "name": "24368", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24368" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1311.json b/2007/1xxx/CVE-2007-1311.json index 7fdd3e0df00..02826f04517 100644 --- a/2007/1xxx/CVE-2007-1311.json +++ b/2007/1xxx/CVE-2007-1311.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1311", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1311", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1334.json b/2007/1xxx/CVE-2007-1334.json index a4d85ee12a0..8d960fb1487 100644 --- a/2007/1xxx/CVE-2007-1334.json +++ b/2007/1xxx/CVE-2007-1334.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1334", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1334", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1371.json b/2007/1xxx/CVE-2007-1371.json index 2a193b33fd2..66cfcc30b11 100644 --- a/2007/1xxx/CVE-2007-1371.json +++ b/2007/1xxx/CVE-2007-1371.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462184/100/0/threaded" - }, - { - "name" : "[conquest] 20070303 Re: security bugs in conquest", - "refsource" : "MLIST", - "url" : "http://www.radscan.com/conquest/cq-ml/msg00169.html" - }, - { - "name" : "22855", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22855" - }, - { - "name" : "ADV-2007-0854", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0854" - }, - { - "name" : "24370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24370" - }, - { - "name" : "2399", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2399" - }, - { - "name" : "conquest-metagetserverlist-bo(32849)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849" - }, - { - "name" : "conquest-processpacket-dos(32860)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22855", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22855" + }, + { + "name": "24370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24370" + }, + { + "name": "2399", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2399" + }, + { + "name": "conquest-processpacket-dos(32860)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32860" + }, + { + "name": "20070307 Buffer-overflow in Conquest client 8.2a (svn 691)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462184/100/0/threaded" + }, + { + "name": "ADV-2007-0854", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0854" + }, + { + "name": "[conquest] 20070303 Re: security bugs in conquest", + "refsource": "MLIST", + "url": "http://www.radscan.com/conquest/cq-ml/msg00169.html" + }, + { + "name": "conquest-metagetserverlist-bo(32849)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32849" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1394.json b/2007/1xxx/CVE-2007-1394.json index 06d2709b886..c504de04e07 100644 --- a/2007/1xxx/CVE-2007-1394.json +++ b/2007/1xxx/CVE-2007-1394.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1394", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote attackers to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3428", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3428" - }, - { - "name" : "22865", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22865" - }, - { - "name" : "ADV-2007-0871", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0871" - }, - { - "name" : "33890", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33890" - }, - { - "name" : "24433", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24433" - }, - { - "name" : "flatchat-startsession-code-execution(32882)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote attackers to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0871", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0871" + }, + { + "name": "3428", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3428" + }, + { + "name": "24433", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24433" + }, + { + "name": "22865", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22865" + }, + { + "name": "33890", + "refsource": "OSVDB", + "url": "http://osvdb.org/33890" + }, + { + "name": "flatchat-startsession-code-execution(32882)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32882" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5066.json b/2007/5xxx/CVE-2007-5066.json index fb705f1df06..fe6c77dc795 100644 --- a/2007/5xxx/CVE-2007-5066.json +++ b/2007/5xxx/CVE-2007-5066.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users to execute arbitrary commands via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.webmin.com/security.html", - "refsource" : "CONFIRM", - "url" : "http://www.webmin.com/security.html" - }, - { - "name" : "25773", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25773" - }, - { - "name" : "ADV-2007-3243", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3243" - }, - { - "name" : "40772", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40772" - }, - { - "name" : "1018731", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018731" - }, - { - "name" : "26885", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26885" - }, - { - "name" : "webmin-url-command-execution(36759)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users to execute arbitrary commands via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.webmin.com/security.html", + "refsource": "CONFIRM", + "url": "http://www.webmin.com/security.html" + }, + { + "name": "webmin-url-command-execution(36759)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36759" + }, + { + "name": "ADV-2007-3243", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3243" + }, + { + "name": "40772", + "refsource": "OSVDB", + "url": "http://osvdb.org/40772" + }, + { + "name": "26885", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26885" + }, + { + "name": "25773", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25773" + }, + { + "name": "1018731", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018731" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5140.json b/2007/5xxx/CVE-2007-5140.json index c583017110c..cef8b899d15 100644 --- a/2007/5xxx/CVE-2007-5140.json +++ b/2007/5xxx/CVE-2007-5140.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4463", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4463" - }, - { - "name" : "25832", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25832" - }, - { - "name" : "ADV-2007-3307", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3307" - }, - { - "name" : "26991", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26991" - }, - { - "name" : "integramod-archivetopic-file-include(36832)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3307", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3307" + }, + { + "name": "4463", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4463" + }, + { + "name": "integramod-archivetopic-file-include(36832)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832" + }, + { + "name": "25832", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25832" + }, + { + "name": "26991", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26991" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5339.json b/2007/5xxx/CVE-2007-5339.json index ba3a7d62d3e..f9a0d5a2521 100644 --- a/2007/5xxx/CVE-2007-5339.json +++ b/2007/5xxx/CVE-2007-5339.json @@ -1,432 +1,432 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5339", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5339", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071029 FLEA-2007-0062-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482925/100/0/threaded" - }, - { - "name" : "20071026 rPSA-2007-0225-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482876/100/200/threaded" - }, - { - "name" : "20071029 rPSA-2007-0225-2 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482932/100/200/threaded" - }, - { - "name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322,330563,341858,344064,348126,354645,361745,362901,378670,378682,379799,382376,384105,386382,386914,387033,387460,387844,391974,392285,393770,394014,394418", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322,330563,341858,344064,348126,354645,361745,362901,378670,378682,379799,382376,384105,386382,386914,387033,387460,387844,391974,392285,393770,394014,394418" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1858", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1858" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1884", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1884" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=196481", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=196481" - }, - { - "name" : "DSA-1396", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1396" - }, - { - "name" : "DSA-1401", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1401" - }, - { - "name" : "DSA-1391", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1391" - }, - { - "name" : "DSA-1392", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1392" - }, - { - "name" : "FEDORA-2007-2601", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html" - }, - { - "name" : "FEDORA-2007-2664", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html" - }, - { - "name" : "FEDORA-2007-3431", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html" - }, - { - "name" : "GLSA-200711-14", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml" - }, - { - "name" : "GLSA-200711-24", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-24.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "HPSBUX02156", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061236", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" - }, - { - "name" : "MDKSA-2007:202", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202" - }, - { - "name" : "MDVSA-2007:047", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2007:047" - }, - { - "name" : "MDVSA-2008:047", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:047" - }, - { - "name" : "RHSA-2007:0979", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0979.html" - }, - { - "name" : "RHSA-2007:0980", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0980.html" - }, - { - "name" : "RHSA-2007:0981", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0981.html" - }, - { - "name" : "SSA:2007-324-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007" - }, - { - "name" : "231441", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1" - }, - { - "name" : "201516", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" - }, - { - "name" : "1018977", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1" - }, - { - "name" : "SUSE-SA:2007:057", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" - }, - { - "name" : "SUSE-SR:2008:002", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" - }, - { - "name" : "USN-535-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/535-1/" - }, - { - "name" : "USN-536-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-536-1" - }, - { - "name" : "VU#559977", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/559977" - }, - { - "name" : "26132", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26132" - }, - { - "name" : "oval:org.mitre.oval:def:10459", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10459" - }, - { - "name" : "ADV-2007-3544", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3544" - }, - { - "name" : "ADV-2007-3545", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3545" - }, - { - "name" : "ADV-2007-4272", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4272" - }, - { - "name" : "ADV-2007-3587", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3587" - }, - { - "name" : "ADV-2008-0082", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0082" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "ADV-2008-0643", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0643" - }, - { - "name" : "1018834", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018834" - }, - { - "name" : "1018835", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018835" - }, - { - "name" : "27276", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27276" - }, - { - "name" : "27325", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27325" - }, - { - "name" : "27327", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27327" - }, - { - "name" : "27335", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27335" - }, - { - "name" : "27356", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27356" - }, - { - "name" : "27383", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27383" - }, - { - "name" : "27425", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27425" - }, - { - "name" : "27403", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27403" - }, - { - "name" : "27480", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27480" - }, - { - "name" : "27387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27387" - }, - { - "name" : "27298", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27298" - }, - { - "name" : "27311", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27311" - }, - { - "name" : "27313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27313" - }, - { - "name" : "27315", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27315" - }, - { - "name" : "27326", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27326" - }, - { - "name" : "27336", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27336" - }, - { - "name" : "27665", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27665" - }, - { - "name" : "27704", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27704" - }, - { - "name" : "27414", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27414" - }, - { - "name" : "27680", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27680" - }, - { - "name" : "28179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28179" - }, - { - "name" : "27360", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27360" - }, - { - "name" : "28363", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28363" - }, - { - "name" : "28398", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28398" - }, - { - "name" : "28636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28636" - }, - { - "name" : "27744", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27744" - }, - { - "name" : "mozilla-multiple-browser-code-execution(37281)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2007-2601", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html" + }, + { + "name": "20071026 rPSA-2007-0225-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482876/100/200/threaded" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html" + }, + { + "name": "1018835", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018835" + }, + { + "name": "ADV-2007-3545", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3545" + }, + { + "name": "MDVSA-2008:047", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:047" + }, + { + "name": "ADV-2007-3587", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3587" + }, + { + "name": "27414", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27414" + }, + { + "name": "SUSE-SR:2008:002", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" + }, + { + "name": "20071029 FLEA-2007-0062-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482925/100/0/threaded" + }, + { + "name": "ADV-2008-0643", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0643" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1858", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1858" + }, + { + "name": "GLSA-200711-14", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml" + }, + { + "name": "oval:org.mitre.oval:def:10459", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10459" + }, + { + "name": "HPSBUX02156", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" + }, + { + "name": "27360", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27360" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "27298", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27298" + }, + { + "name": "27315", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27315" + }, + { + "name": "27327", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27327" + }, + { + "name": "ADV-2007-3544", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3544" + }, + { + "name": "27276", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27276" + }, + { + "name": "USN-535-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/535-1/" + }, + { + "name": "DSA-1391", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1391" + }, + { + "name": "GLSA-200711-24", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-24.xml" + }, + { + "name": "28179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28179" + }, + { + "name": "1018977", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1" + }, + { + "name": "VU#559977", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/559977" + }, + { + "name": "1018834", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018834" + }, + { + "name": "DSA-1401", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1401" + }, + { + "name": "DSA-1392", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1392" + }, + { + "name": "SSA:2007-324-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007" + }, + { + "name": "RHSA-2007:0980", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0980.html" + }, + { + "name": "27383", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27383" + }, + { + "name": "SUSE-SA:2007:057", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" + }, + { + "name": "MDVSA-2007:047", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2007:047" + }, + { + "name": "27356", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27356" + }, + { + "name": "RHSA-2007:0981", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0981.html" + }, + { + "name": "27704", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27704" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "27387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27387" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=196481", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=196481" + }, + { + "name": "SSRT061236", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" + }, + { + "name": "FEDORA-2007-3431", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html" + }, + { + "name": "27313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27313" + }, + { + "name": "27403", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27403" + }, + { + "name": "mozilla-multiple-browser-code-execution(37281)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37281" + }, + { + "name": "27744", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27744" + }, + { + "name": "27336", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27336" + }, + { + "name": "ADV-2008-0082", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0082" + }, + { + "name": "231441", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1" + }, + { + "name": "DSA-1396", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1396" + }, + { + "name": "27425", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27425" + }, + { + "name": "28398", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28398" + }, + { + "name": "ADV-2007-4272", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4272" + }, + { + "name": "27311", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27311" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322,330563,341858,344064,348126,354645,361745,362901,378670,378682,379799,382376,384105,386382,386914,387033,387460,387844,391974,392285,393770,394014,394418", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322,330563,341858,344064,348126,354645,361745,362901,378670,378682,379799,382376,384105,386382,386914,387033,387460,387844,391974,392285,393770,394014,394418" + }, + { + "name": "27325", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27325" + }, + { + "name": "MDKSA-2007:202", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202" + }, + { + "name": "27665", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27665" + }, + { + "name": "RHSA-2007:0979", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0979.html" + }, + { + "name": "27335", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27335" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1884", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1884" + }, + { + "name": "28636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28636" + }, + { + "name": "27326", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27326" + }, + { + "name": "FEDORA-2007-2664", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html" + }, + { + "name": "28363", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28363" + }, + { + "name": "27480", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27480" + }, + { + "name": "27680", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27680" + }, + { + "name": "26132", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26132" + }, + { + "name": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html" + }, + { + "name": "201516", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" + }, + { + "name": "20071029 rPSA-2007-0225-2 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482932/100/200/threaded" + }, + { + "name": "USN-536-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-536-1" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5347.json b/2007/5xxx/CVE-2007-5347.json index 8b0a9167eb8..298acb31e81 100644 --- a/2007/5xxx/CVE-2007-5347.json +++ b/2007/5xxx/CVE-2007-5347.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5347", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via \"unexpected method calls to HTML objects,\" aka \"DHTML Object Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-5347", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBST02299", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded" - }, - { - "name" : "SSRT071506", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded" - }, - { - "name" : "MS07-069", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069" - }, - { - "name" : "TA07-345A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" - }, - { - "name" : "26427", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26427" - }, - { - "name" : "ADV-2007-4184", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4184" - }, - { - "name" : "oval:org.mitre.oval:def:4332", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4332" - }, - { - "name" : "1019078", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019078" - }, - { - "name" : "28036", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28036" - }, - { - "name" : "ie-dhtml-object-code-execution(38716)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38716" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via \"unexpected method calls to HTML objects,\" aka \"DHTML Object Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:4332", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4332" + }, + { + "name": "1019078", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019078" + }, + { + "name": "SSRT071506", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" + }, + { + "name": "28036", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28036" + }, + { + "name": "ie-dhtml-object-code-execution(38716)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38716" + }, + { + "name": "26427", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26427" + }, + { + "name": "MS07-069", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069" + }, + { + "name": "ADV-2007-4184", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4184" + }, + { + "name": "HPSBST02299", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" + }, + { + "name": "TA07-345A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5562.json b/2007/5xxx/CVE-2007-5562.json index e082420380b..c19f4fc0f7c 100644 --- a/2007/5xxx/CVE-2007-5562.json +++ b/2007/5xxx/CVE-2007-5562.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5562", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5562", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071013 Netgear SSL312 XSS vulnerability", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-10/0358.html" - }, - { - "name" : "http://www.smash-the-stack.net/articles/Netgear_SSL312_XSS_Advisory.txt", - "refsource" : "MISC", - "url" : "http://www.smash-the-stack.net/articles/Netgear_SSL312_XSS_Advisory.txt" - }, - { - "name" : "26073", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26073" - }, - { - "name" : "ADV-2007-3542", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3542" - }, - { - "name" : "1018817", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018817" - }, - { - "name" : "27238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27238" - }, - { - "name" : "netgear-prosafe-interface-xss(37216)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26073", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26073" + }, + { + "name": "1018817", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018817" + }, + { + "name": "http://www.smash-the-stack.net/articles/Netgear_SSL312_XSS_Advisory.txt", + "refsource": "MISC", + "url": "http://www.smash-the-stack.net/articles/Netgear_SSL312_XSS_Advisory.txt" + }, + { + "name": "ADV-2007-3542", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3542" + }, + { + "name": "20071013 Netgear SSL312 XSS vulnerability", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-10/0358.html" + }, + { + "name": "netgear-prosafe-interface-xss(37216)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37216" + }, + { + "name": "27238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27238" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3550.json b/2015/3xxx/CVE-2015-3550.json index 984b13a2a6d..8af82cbda35 100644 --- a/2015/3xxx/CVE-2015-3550.json +++ b/2015/3xxx/CVE-2015-3550.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3550", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3550", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3561.json b/2015/3xxx/CVE-2015-3561.json index 5a580ab5241..dd853172800 100644 --- a/2015/3xxx/CVE-2015-3561.json +++ b/2015/3xxx/CVE-2015-3561.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3561", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3561", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3617.json b/2015/3xxx/CVE-2015-3617.json index 131c96a8f27..f360c85cd3a 100644 --- a/2015/3xxx/CVE-2015-3617.json +++ b/2015/3xxx/CVE-2015-3617.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3617", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3617", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://fortiguard.com/psirt/FG-IR-15-011", - "refsource" : "CONFIRM", - "url" : "https://fortiguard.com/psirt/FG-IR-15-011" - }, - { - "name" : "74444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74444" - }, - { - "name" : "1032188", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74444" + }, + { + "name": "https://fortiguard.com/psirt/FG-IR-15-011", + "refsource": "CONFIRM", + "url": "https://fortiguard.com/psirt/FG-IR-15-011" + }, + { + "name": "1032188", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032188" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3964.json b/2015/3xxx/CVE-2015-3964.json index 2cf8d1dd745..42a405748d2 100644 --- a/2015/3xxx/CVE-2015-3964.json +++ b/2015/3xxx/CVE-2015-3964.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3964", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier for remote attackers to obtain access via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-3964", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150914 Sunny WebBox CVE-2015-3964 Fix", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/51" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-181-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-181-02" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier for remote attackers to obtain access via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150914 Sunny WebBox CVE-2015-3964 Fix", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/51" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-181-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-181-02" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4231.json b/2015/4xxx/CVE-2015-4231.json index 83ae95a6d47..dd2d95e4847 100644 --- a/2015/4xxx/CVE-2015-4231.json +++ b/2015/4xxx/CVE-2015-4231.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4231", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568" - }, - { - "name" : "1032763", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032763" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032763", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032763" + }, + { + "name": "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4514.json b/2015/4xxx/CVE-2015-4514.json index eba503debfd..334b73c0c4e 100644 --- a/2015/4xxx/CVE-2015-4514.json +++ b/2015/4xxx/CVE-2015-4514.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4514", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4514", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1185157", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1185157" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186160", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186160" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1196237", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1196237" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1200326", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1200326" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202677", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202677" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1205937", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1205937" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=969309", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=969309" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2015:2229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" - }, - { - "name" : "openSUSE-SU-2015:2245", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" - }, - { - "name" : "openSUSE-SU-2015:1942", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" - }, - { - "name" : "USN-2785-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2785-1" - }, - { - "name" : "77411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77411" - }, - { - "name" : "1034069", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034069", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034069" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "77411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77411" + }, + { + "name": "openSUSE-SU-2015:2229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" + }, + { + "name": "USN-2785-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2785-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1185157", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1185157" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1205937", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1205937" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1200326", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1200326" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=969309", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=969309" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202677", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202677" + }, + { + "name": "openSUSE-SU-2015:1942", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" + }, + { + "name": "openSUSE-SU-2015:2245", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186160", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186160" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1196237", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1196237" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7194.json b/2015/7xxx/CVE-2015-7194.json index b293ef7af2f..7f2e5916554 100644 --- a/2015/7xxx/CVE-2015-7194.json +++ b/2015/7xxx/CVE-2015-7194.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7194", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7194", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-128.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-128.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1211262", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1211262" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3410", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3410" - }, - { - "name" : "DSA-3393", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3393" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:1982", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1982.html" - }, - { - "name" : "openSUSE-SU-2015:2229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" - }, - { - "name" : "openSUSE-SU-2015:2245", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" - }, - { - "name" : "SUSE-SU-2015:1926", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:1942", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:1978", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" - }, - { - "name" : "SUSE-SU-2015:1981", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" - }, - { - "name" : "USN-2819-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2819-1" - }, - { - "name" : "USN-2785-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2785-1" - }, - { - "name" : "77411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77411" - }, - { - "name" : "1034069", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034069", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034069" + }, + { + "name": "DSA-3410", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3410" + }, + { + "name": "SUSE-SU-2015:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "77411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77411" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1211262", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1211262" + }, + { + "name": "SUSE-SU-2015:1981", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" + }, + { + "name": "openSUSE-SU-2015:2229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" + }, + { + "name": "USN-2785-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2785-1" + }, + { + "name": "SUSE-SU-2015:1926", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "RHSA-2015:1982", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1982.html" + }, + { + "name": "USN-2819-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2819-1" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-128.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-128.html" + }, + { + "name": "openSUSE-SU-2015:1942", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" + }, + { + "name": "DSA-3393", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3393" + }, + { + "name": "openSUSE-SU-2015:2245", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" + }, + { + "name": "SUSE-SU-2015:1978", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7731.json b/2015/7xxx/CVE-2015-7731.json index 690dc9c971a..a9965f0e925 100644 --- a/2015/7xxx/CVE-2015-7731.json +++ b/2015/7xxx/CVE-2015-7731.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7731", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7731", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7753.json b/2015/7xxx/CVE-2015-7753.json index f326a0167cc..88af4bca53f 100644 --- a/2015/7xxx/CVE-2015-7753.json +++ b/2015/7xxx/CVE-2015-7753.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7753", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7753", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8015.json b/2015/8xxx/CVE-2015-8015.json index 251a6c75455..72bae9c823c 100644 --- a/2015/8xxx/CVE-2015-8015.json +++ b/2015/8xxx/CVE-2015-8015.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8015", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8015", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8323.json b/2015/8xxx/CVE-2015-8323.json index 71de5820cdf..0687fb258c2 100644 --- a/2015/8xxx/CVE-2015-8323.json +++ b/2015/8xxx/CVE-2015-8323.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8323", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8323", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8654.json b/2015/8xxx/CVE-2015-8654.json index 55f0f90069d..6589d5b8f63 100644 --- a/2015/8xxx/CVE-2015-8654.json +++ b/2015/8xxx/CVE-2015-8654.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-658", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-658" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "84160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "84160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84160" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-658", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-658" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8656.json b/2015/8xxx/CVE-2015-8656.json index ecc39e78cd0..dcd3f777a20 100644 --- a/2015/8xxx/CVE-2015-8656.json +++ b/2015/8xxx/CVE-2015-8656.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-659", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-659" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "84160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8657, CVE-2015-8658, and CVE-2015-8820." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "84160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84160" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-659", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-659" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8759.json b/2015/8xxx/CVE-2015-8759.json index 72aba896cdb..2bea603ee49 100644 --- a/2015/8xxx/CVE-2015-8759.json +++ b/2015/8xxx/CVE-2015-8759.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8759", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8759", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/" - }, - { - "name" : "79250", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79250" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/" + }, + { + "name": "79250", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79250" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8966.json b/2015/8xxx/CVE-2015-8966.json index e848ab02991..7a2acb0d400 100644 --- a/2015/8xxx/CVE-2015-8966.json +++ b/2015/8xxx/CVE-2015-8966.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-12-01.html" - }, - { - "name" : "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42", - "refsource" : "CONFIRM", - "url" : "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42" - }, - { - "name" : "https://github.com/torvalds/linux/commit/76cc404bfdc0d419c720de4daaf2584542734f42", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/76cc404bfdc0d419c720de4daaf2584542734f42" - }, - { - "name" : "94673", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42", + "refsource": "CONFIRM", + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42" + }, + { + "name": "https://github.com/torvalds/linux/commit/76cc404bfdc0d419c720de4daaf2584542734f42", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/76cc404bfdc0d419c720de4daaf2584542734f42" + }, + { + "name": "94673", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94673" + }, + { + "name": "http://source.android.com/security/bulletin/2016-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1516.json b/2016/1xxx/CVE-2016-1516.json index b89bc5ae47e..d240cdde641 100644 --- a/2016/1xxx/CVE-2016-1516.json +++ b/2016/1xxx/CVE-2016-1516.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-1516", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OpenCV 3.0.0", - "version" : { - "version_data" : [ - { - "version_value" : "OpenCV 3.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "double free" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1516", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OpenCV 3.0.0", + "version": { + "version_data": [ + { + "version_value": "OpenCV 3.0.0" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180722 [SECURITY] [DLA 1438-1] opencv security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" - }, - { - "name" : "https://arxiv.org/pdf/1701.04739.pdf", - "refsource" : "MISC", - "url" : "https://arxiv.org/pdf/1701.04739.pdf" - }, - { - "name" : "https://github.com/opencv/opencv/issues/5956", - "refsource" : "MISC", - "url" : "https://github.com/opencv/opencv/issues/5956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "double free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20180722 [SECURITY] [DLA 1438-1] opencv security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" + }, + { + "name": "https://github.com/opencv/opencv/issues/5956", + "refsource": "MISC", + "url": "https://github.com/opencv/opencv/issues/5956" + }, + { + "name": "https://arxiv.org/pdf/1701.04739.pdf", + "refsource": "MISC", + "url": "https://arxiv.org/pdf/1701.04739.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1523.json b/2016/1xxx/CVE-2016-1523.json index 738c3396fb9..9579d012656 100644 --- a/2016/1xxx/CVE-2016-1523.json +++ b/2016/1xxx/CVE-2016-1523.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1523", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1523", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html", - "refsource" : "MISC", - "url" : "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1246093", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1246093" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3479", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3479" - }, - { - "name" : "DSA-3477", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3477" - }, - { - "name" : "DSA-3491", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3491" - }, - { - "name" : "FEDORA-2016-338a7e9925", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html" - }, - { - "name" : "FEDORA-2016-4154a4d0ba", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "GLSA-201701-35", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-35" - }, - { - "name" : "GLSA-201701-63", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-63" - }, - { - "name" : "RHSA-2016:0594", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0594.html" - }, - { - "name" : "RHSA-2016:0197", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0197.html" - }, - { - "name" : "RHSA-2016:0258", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0258.html" - }, - { - "name" : "SUSE-SU-2016:0779", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html" - }, - { - "name" : "openSUSE-SU-2016:0791", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html" - }, - { - "name" : "openSUSE-SU-2016:0875", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html" - }, - { - "name" : "SUSE-SU-2016:0554", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:0564", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html" - }, - { - "name" : "USN-2904-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2904-1" - }, - { - "name" : "USN-2902-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2902-1" - }, - { - "name" : "82991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82991" - }, - { - "name" : "1035017", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035017" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0875", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html" + }, + { + "name": "GLSA-201701-35", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-35" + }, + { + "name": "DSA-3491", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3491" + }, + { + "name": "82991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82991" + }, + { + "name": "DSA-3477", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3477" + }, + { + "name": "USN-2902-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2902-1" + }, + { + "name": "SUSE-SU-2016:0564", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "RHSA-2016:0594", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html" + }, + { + "name": "SUSE-SU-2016:0554", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "1035017", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035017" + }, + { + "name": "openSUSE-SU-2016:0791", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html" + }, + { + "name": "DSA-3479", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3479" + }, + { + "name": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html", + "refsource": "MISC", + "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html" + }, + { + "name": "RHSA-2016:0258", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html" + }, + { + "name": "USN-2904-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2904-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246093", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246093" + }, + { + "name": "FEDORA-2016-4154a4d0ba", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "RHSA-2016:0197", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html" + }, + { + "name": "SUSE-SU-2016:0779", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html" + }, + { + "name": "GLSA-201701-63", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-63" + }, + { + "name": "FEDORA-2016-338a7e9925", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5127.json b/2016/5xxx/CVE-2016-5127.json index 9f2f0572034..cf1ea1d4d3d 100644 --- a/2016/5xxx/CVE-2016-5127.json +++ b/2016/5xxx/CVE-2016-5127.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" - }, - { - "name" : "https://codereview.chromium.org/2082893005/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2082893005/" - }, - { - "name" : "https://codereview.chromium.org/2091633002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2091633002" - }, - { - "name" : "https://crbug.com/618237", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/618237" - }, - { - "name" : "DSA-3637", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3637" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:1485", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1485.html" - }, - { - "name" : "openSUSE-SU-2016:1865", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" - }, - { - "name" : "openSUSE-SU-2016:1868", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" - }, - { - "name" : "openSUSE-SU-2016:1869", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" - }, - { - "name" : "openSUSE-SU-2016:1918", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" - }, - { - "name" : "USN-3041-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3041-1" - }, - { - "name" : "92053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92053" - }, - { - "name" : "1036428", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1868", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" + }, + { + "name": "openSUSE-SU-2016:1869", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" + }, + { + "name": "92053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92053" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" + }, + { + "name": "https://codereview.chromium.org/2082893005/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2082893005/" + }, + { + "name": "https://codereview.chromium.org/2091633002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2091633002" + }, + { + "name": "https://crbug.com/618237", + "refsource": "CONFIRM", + "url": "https://crbug.com/618237" + }, + { + "name": "USN-3041-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3041-1" + }, + { + "name": "openSUSE-SU-2016:1918", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "openSUSE-SU-2016:1865", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" + }, + { + "name": "RHSA-2016:1485", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html" + }, + { + "name": "1036428", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036428" + }, + { + "name": "DSA-3637", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3637" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5397.json b/2016/5xxx/CVE-2016-5397.json index 4939268c948..132d30ca0fe 100644 --- a/2016/5xxx/CVE-2016-5397.json +++ b/2016/5xxx/CVE-2016-5397.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2017-01-13T00:00:00", - "ID" : "CVE-2016-5397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache Thrift", - "version" : { - "version_data" : [ - { - "version_value" : "versions prior to 0.10.0" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Command Injection" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "DATE_PUBLIC": "2017-01-13T00:00:00", + "ID": "CVE-2016-5397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Thrift", + "version": { + "version_data": [ + { + "version_value": "versions prior to 0.10.0" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[user] 20170113 [NOTICE]: Apache Thrift Security Vulnerability CVE-2016-5397", - "refsource" : "MLIST", - "url" : "http://mail-archives.apache.org/mod_mbox/thrift-user/201701.mbox/raw/%3CCANyrgvc3W%3DMJ9S-hMZecPNzxkyfgNmuSgVfW2hdDSz5ke%2BOPhQ%40mail.gmail.com%3E" - }, - { - "name" : "https://issues.apache.org/jira/browse/THRIFT-3893", - "refsource" : "CONFIRM", - "url" : "https://issues.apache.org/jira/browse/THRIFT-3893" - }, - { - "name" : "RHSA-2018:2669", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2669" - }, - { - "name" : "103025", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103025" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Command Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103025", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103025" + }, + { + "name": "RHSA-2018:2669", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2669" + }, + { + "name": "https://issues.apache.org/jira/browse/THRIFT-3893", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/THRIFT-3893" + }, + { + "name": "[user] 20170113 [NOTICE]: Apache Thrift Security Vulnerability CVE-2016-5397", + "refsource": "MLIST", + "url": "http://mail-archives.apache.org/mod_mbox/thrift-user/201701.mbox/raw/%3CCANyrgvc3W%3DMJ9S-hMZecPNzxkyfgNmuSgVfW2hdDSz5ke%2BOPhQ%40mail.gmail.com%3E" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5885.json b/2016/5xxx/CVE-2016-5885.json index 76ac31ff4ff..f79fa85b409 100644 --- a/2016/5xxx/CVE-2016-5885.json +++ b/2016/5xxx/CVE-2016-5885.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5885", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5885", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2126.json b/2018/2xxx/CVE-2018-2126.json index ed1377a0127..6b854cb1fc7 100644 --- a/2018/2xxx/CVE-2018-2126.json +++ b/2018/2xxx/CVE-2018-2126.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2126", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2126", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2267.json b/2018/2xxx/CVE-2018-2267.json index 09983b4c4cc..ce2a39764e3 100644 --- a/2018/2xxx/CVE-2018-2267.json +++ b/2018/2xxx/CVE-2018-2267.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2267", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2267", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2428.json b/2018/2xxx/CVE-2018-2428.json index cf02e297808..687ecc47f84 100644 --- a/2018/2xxx/CVE-2018-2428.json +++ b/2018/2xxx/CVE-2018-2428.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2428", - "STATE" : "PUBLIC", - "vendor_name" : "SAP SE" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Infrastructure", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "1.0" - } - ] - } - }, - { - "product_name" : "SAP UI", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "7.4" - }, - { - "version_affected" : "=", - "version_value" : "7.5" - }, - { - "version_affected" : "=", - "version_value" : "7.51" - }, - { - "version_affected" : "=", - "version_value" : "7.52" - } - ] - } - }, - { - "product_name" : "SAP UI for SAP NetWeaver 7.00", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "2.0" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 5.3, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "NONE", - "privilegesRequired" : "NONE", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2428", + "STATE": "PUBLIC", + "vendor_name": "SAP SE" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Infrastructure", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + }, + { + "product_name": "SAP UI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.4" + }, + { + "version_affected": "=", + "version_value": "7.5" + }, + { + "version_affected": "=", + "version_value": "7.51" + }, + { + "version_affected": "=", + "version_value": "7.52" + } + ] + } + }, + { + "product_name": "SAP UI for SAP NetWeaver 7.00", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.0" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2621121", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2621121" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255", - "refsource" : "CONFIRM", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255" - }, - { - "name" : "104446", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104446" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2621121", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2621121" + }, + { + "name": "104446", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104446" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255", + "refsource": "CONFIRM", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0234.json b/2019/0xxx/CVE-2019-0234.json index ca44b8a6367..b9639358a1f 100644 --- a/2019/0xxx/CVE-2019-0234.json +++ b/2019/0xxx/CVE-2019-0234.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0234", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0234", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0470.json b/2019/0xxx/CVE-2019-0470.json index d1a27308d17..4d0f05f3f03 100644 --- a/2019/0xxx/CVE-2019-0470.json +++ b/2019/0xxx/CVE-2019-0470.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0470", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0470", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0620.json b/2019/0xxx/CVE-2019-0620.json index e5acdfd6dce..c9ce712334a 100644 --- a/2019/0xxx/CVE-2019-0620.json +++ b/2019/0xxx/CVE-2019-0620.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0620", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0620", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0726.json b/2019/0xxx/CVE-2019-0726.json index a240ab0fe69..d84974b8e9a 100644 --- a/2019/0xxx/CVE-2019-0726.json +++ b/2019/0xxx/CVE-2019-0726.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0726", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0726", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1246.json b/2019/1xxx/CVE-2019-1246.json index d34b6d7d511..262073911ea 100644 --- a/2019/1xxx/CVE-2019-1246.json +++ b/2019/1xxx/CVE-2019-1246.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1246", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1246", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1625.json b/2019/1xxx/CVE-2019-1625.json index 68aa6b48e18..ec5ad9605b7 100644 --- a/2019/1xxx/CVE-2019-1625.json +++ b/2019/1xxx/CVE-2019-1625.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1625", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1625", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1793.json b/2019/1xxx/CVE-2019-1793.json index 99c6de1b3e6..06b8025330b 100644 --- a/2019/1xxx/CVE-2019-1793.json +++ b/2019/1xxx/CVE-2019-1793.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1793", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1793", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1827.json b/2019/1xxx/CVE-2019-1827.json index 27caa5dc8eb..3bbd8d448e8 100644 --- a/2019/1xxx/CVE-2019-1827.json +++ b/2019/1xxx/CVE-2019-1827.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1827", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1827", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4061.json b/2019/4xxx/CVE-2019-4061.json index 6873f3afb9d..59cc9b4b449 100644 --- a/2019/4xxx/CVE-2019-4061.json +++ b/2019/4xxx/CVE-2019-4061.json @@ -1,96 +1,96 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2019-02-18T00:00:00", - "ID" : "CVE-2019-4061", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BigFix Platform", - "version" : { - "version_data" : [ - { - "version_value" : "9.2" - }, - { - "version_value" : "9.5" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "L", - "I" : "N", - "PR" : "N", - "S" : "U", - "SCORE" : "5.300", - "UI" : "N" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2019-02-18T00:00:00", + "ID": "CVE-2019-4061", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BigFix Platform", + "version": { + "version_data": [ + { + "version_value": "9.2" + }, + { + "version_value": "9.5" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10870242", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10870242" - }, - { - "name" : "107189", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107189" - }, - { - "name" : "ibm-bigfix-cve20194061-info-disc(156869)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/156869" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "L", + "I": "N", + "PR": "N", + "S": "U", + "SCORE": "5.300", + "UI": "N" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-bigfix-cve20194061-info-disc(156869)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/156869" + }, + { + "name": "107189", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107189" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=ibm10870242", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=ibm10870242" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4179.json b/2019/4xxx/CVE-2019-4179.json index 9b7f4517537..df5cb94d636 100644 --- a/2019/4xxx/CVE-2019-4179.json +++ b/2019/4xxx/CVE-2019-4179.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4179", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4179", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4720.json b/2019/4xxx/CVE-2019-4720.json index 25def03eb59..2b90512cdea 100644 --- a/2019/4xxx/CVE-2019-4720.json +++ b/2019/4xxx/CVE-2019-4720.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4720", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4720", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4803.json b/2019/4xxx/CVE-2019-4803.json index 24819925614..9e42603fa6e 100644 --- a/2019/4xxx/CVE-2019-4803.json +++ b/2019/4xxx/CVE-2019-4803.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4803", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4803", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5177.json b/2019/5xxx/CVE-2019-5177.json index 362b1456f82..b51d10205e3 100644 --- a/2019/5xxx/CVE-2019-5177.json +++ b/2019/5xxx/CVE-2019-5177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5179.json b/2019/5xxx/CVE-2019-5179.json index b00450e2344..1b0761fbc8d 100644 --- a/2019/5xxx/CVE-2019-5179.json +++ b/2019/5xxx/CVE-2019-5179.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5179", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5179", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5184.json b/2019/5xxx/CVE-2019-5184.json index 6cc6d74bac4..194486ee462 100644 --- a/2019/5xxx/CVE-2019-5184.json +++ b/2019/5xxx/CVE-2019-5184.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5184", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5184", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5431.json b/2019/5xxx/CVE-2019-5431.json index 0dac9d432d8..519f6a2f75e 100644 --- a/2019/5xxx/CVE-2019-5431.json +++ b/2019/5xxx/CVE-2019-5431.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5431", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5431", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9368.json b/2019/9xxx/CVE-2019-9368.json index 8f31c5e7d72..7864d92cb44 100644 --- a/2019/9xxx/CVE-2019-9368.json +++ b/2019/9xxx/CVE-2019-9368.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9368", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9368", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9773.json b/2019/9xxx/CVE-2019-9773.json index f63d3cfa074..9a641cddefa 100644 --- a/2019/9xxx/CVE-2019-9773.json +++ b/2019/9xxx/CVE-2019-9773.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/LibreDWG/libredwg/issues/99", - "refsource" : "MISC", - "url" : "https://github.com/LibreDWG/libredwg/issues/99" - }, - { - "name" : "https://savannah.gnu.org/bugs/index.php?55893", - "refsource" : "MISC", - "url" : "https://savannah.gnu.org/bugs/index.php?55893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://savannah.gnu.org/bugs/index.php?55893", + "refsource": "MISC", + "url": "https://savannah.gnu.org/bugs/index.php?55893" + }, + { + "name": "https://github.com/LibreDWG/libredwg/issues/99", + "refsource": "MISC", + "url": "https://github.com/LibreDWG/libredwg/issues/99" + } + ] + } +} \ No newline at end of file