From b5b37b8549ef2f7a48afce6189f46812fda25be3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 21 Mar 2019 18:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/0xxx/CVE-2019-0198.json | 14 ++++---- 2019/6xxx/CVE-2019-6116.json | 5 +++ 2019/8xxx/CVE-2019-8997.json | 58 +++++++++++++++++++++++++++---- 2019/9xxx/CVE-2019-9900.json | 18 ++++++++++ 2019/9xxx/CVE-2019-9901.json | 18 ++++++++++ 2019/9xxx/CVE-2019-9902.json | 18 ++++++++++ 2019/9xxx/CVE-2019-9903.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9904.json | 67 ++++++++++++++++++++++++++++++++++++ 8 files changed, 251 insertions(+), 14 deletions(-) create mode 100644 2019/9xxx/CVE-2019-9900.json create mode 100644 2019/9xxx/CVE-2019-9901.json create mode 100644 2019/9xxx/CVE-2019-9902.json create mode 100644 2019/9xxx/CVE-2019-9903.json create mode 100644 2019/9xxx/CVE-2019-9904.json diff --git a/2019/0xxx/CVE-2019-0198.json b/2019/0xxx/CVE-2019-0198.json index 7603ad9c356..33bb1c44555 100644 --- a/2019/0xxx/CVE-2019-0198.json +++ b/2019/0xxx/CVE-2019-0198.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0198", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0198", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/6xxx/CVE-2019-6116.json b/2019/6xxx/CVE-2019-6116.json index 8a44c004815..986a0c0a87c 100644 --- a/2019/6xxx/CVE-2019-6116.json +++ b/2019/6xxx/CVE-2019-6116.json @@ -121,6 +121,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-15d57af79a", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7N6T5L3SSJX2AVUPHP7GCPATFWUPKZT2/" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20190321 ghostscript: 2 -dSAFER bypass: CVE-2019-3835 & CVE-2019-3838", + "url": "http://www.openwall.com/lists/oss-security/2019/03/21/1" } ] } diff --git a/2019/8xxx/CVE-2019-8997.json b/2019/8xxx/CVE-2019-8997.json index 11a38fbada4..07dbb75f223 100644 --- a/2019/8xxx/CVE-2019-8997.json +++ b/2019/8xxx/CVE-2019-8997.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8997", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8997", + "ASSIGNER": "secure@blackberry.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "BlackBerry AtHoc", + "version": { + "version_data": [ + { + "version_value": "7.6 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XML External Entity Injection (XXE)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000047227", + "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000047227" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field." } ] } diff --git a/2019/9xxx/CVE-2019-9900.json b/2019/9xxx/CVE-2019-9900.json new file mode 100644 index 00000000000..1f57e480ccf --- /dev/null +++ b/2019/9xxx/CVE-2019-9900.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9900", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9901.json b/2019/9xxx/CVE-2019-9901.json new file mode 100644 index 00000000000..275b0d3d662 --- /dev/null +++ b/2019/9xxx/CVE-2019-9901.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9901", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9902.json b/2019/9xxx/CVE-2019-9902.json new file mode 100644 index 00000000000..d7d52e309b5 --- /dev/null +++ b/2019/9xxx/CVE-2019-9902.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9902", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9903.json b/2019/9xxx/CVE-2019-9903.json new file mode 100644 index 00000000000..c12a467ef6c --- /dev/null +++ b/2019/9xxx/CVE-2019-9903.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9903", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/741", + "refsource": "MISC", + "name": "https://gitlab.freedesktop.org/poppler/poppler/issues/741" + }, + { + "url": "https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/", + "refsource": "MISC", + "name": "https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9904.json b/2019/9xxx/CVE-2019-9904.json new file mode 100644 index 00000000000..2d9399de77e --- /dev/null +++ b/2019/9xxx/CVE-2019-9904.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in lib\\cdt\\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\\cgraph\\graph.c in libcgraph.a, related to agfstsubg in lib\\cgraph\\subg.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.com/graphviz/graphviz/issues/1512", + "refsource": "MISC", + "name": "https://gitlab.com/graphviz/graphviz/issues/1512" + }, + { + "url": "https://research.loginsoft.com/bugs/stack-buffer-overflow-in-function-agclose-graphviz/", + "refsource": "MISC", + "name": "https://research.loginsoft.com/bugs/stack-buffer-overflow-in-function-agclose-graphviz/" + } + ] + } +} \ No newline at end of file