admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:16:07 +00:00
parent 5b5083b087
commit b5f18b3221
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 4382 additions and 4338 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2002/0xxx/CVE-2002-0318.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0318",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0318",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets."
"lang": "eng",
"value": "FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020221 DoS Attack against many RADIUS servers",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101440113410083&w=2"
"name": "20020221 DoS Attack against many RADIUS servers",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=101440113410083&w=2"
},
{
"name" : "freeradius-access-request-dos(9968)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9968.php"
"name": "freeradius-access-request-dos(9968)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9968.php"
}
]
}

86
2002/0xxx/CVE-2002-0630.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0630",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0630",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets."
"lang": "eng",
"value": "The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020904 Multiple Remote Vulnerabilities in Polycom Videoconferencing Products",
"refsource" : "ISS",
"url" : "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089"
"name": "20020904 Multiple Remote Vulnerabilities in Polycom Videoconferencing Products",
"refsource": "ISS",
"url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089"
},
{
"name" : "http://www.polycom.com/common/pw_item_show_doc/0,,1444,00.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.polycom.com/common/pw_item_show_doc/0,,1444,00.pdf"
"name": "http://www.polycom.com/common/pw_item_show_doc/0,,1444,00.pdf",
"refsource": "CONFIRM",
"url": "http://www.polycom.com/common/pw_item_show_doc/0,,1444,00.pdf"
},
{
"name" : "M-123",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/m-123.shtml"
"name": "M-123",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/m-123.shtml"
},
{
"name" : "viewstation-icmp-dos(9350)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9350.php"
"name": "viewstation-icmp-dos(9350)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9350.php"
},
{
"name" : "5637",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5637"
"name": "5637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5637"
}
]
}

74
2002/2xxx/CVE-2002-2102.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-2102",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2102",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data."
"lang": "eng",
"value": "InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.jcraft.com/jzlib/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://www.jcraft.com/jzlib/ChangeLog"
"name": "jzlib-infblocks-dos(8627)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8627.php"
},
{
"name" : "4359",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4359"
"name": "4359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4359"
},
{
"name" : "jzlib-infblocks-dos(8627)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8627.php"
"name": "http://www.jcraft.com/jzlib/ChangeLog",
"refsource": "CONFIRM",
"url": "http://www.jcraft.com/jzlib/ChangeLog"
}
]
}

98
2005/0xxx/CVE-2005-0048.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0048",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0048",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the \"IP Validation Vulnerability.\""
"lang": "eng",
"value": "Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the \"IP Validation Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050412 Windows IP Options Remote Compromise",
"refsource" : "ISS",
"url" : "http://xforce.iss.net/xforce/alerts/id/192"
"name": "oval:org.mitre.oval:def:3824",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3824"
},
{
"name" : "MS05-019",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
"name": "oval:org.mitre.oval:def:1744",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1744"
},
{
"name" : "TA05-102A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-102A.html"
"name": "VU#233754",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/233754"
},
{
"name" : "VU#233754",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/233754"
"name": "MS05-019",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"name" : "oval:org.mitre.oval:def:3824",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3824"
"name": "oval:org.mitre.oval:def:4549",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4549"
},
{
"name" : "oval:org.mitre.oval:def:1744",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1744"
"name": "20050412 Windows IP Options Remote Compromise",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/192"
},
{
"name" : "oval:org.mitre.oval:def:4549",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4549"
"name": "TA05-102A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-102A.html"
}
]
}

86
2005/0xxx/CVE-2005-0565.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0565",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0565",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension."
"lang": "eng",
"value": "The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050224 phpWebSite-0.10.0_exploit",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110928565530828&w=2"
"name": "20050224 phpWebSite-0.10.0_exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110928565530828&w=2"
},
{
"name" : "GLSA-200503-04",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-04.xml"
"name": "GLSA-200503-04",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-04.xml"
},
{
"name" : "1013298",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013298"
"name": "1013298",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013298"
},
{
"name" : "14399",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14399"
"name": "phpwebsite-announce-execute-code(19482)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19482"
},
{
"name" : "phpwebsite-announce-execute-code(19482)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19482"
"name": "14399",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14399"
}
]
}

74
2005/0xxx/CVE-2005-0652.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0652",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0652",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files."
"lang": "eng",
"value": "Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "SSRT4866",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=110980700101451&w=2"
"name": "openvms-gain-access(19566)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19566"
},
{
"name" : "14444",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14444"
"name": "SSRT4866",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=110980700101451&w=2"
},
{
"name" : "openvms-gain-access(19566)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19566"
"name": "14444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14444"
}
]
}

80
2005/0xxx/CVE-2005-0790.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0790",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0790",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to (1) lib-xmlrpcs.inc.php, (2) maintenance-activation.php, (3) maintenance-cleantables.php, (4) maintenance-autotargeting.php, (5) maintenance-reports.php, (6) phpads.php, (7) remotehtmlview.php, (8) click.php, (9) adcontent.php, which reveal the path in a PHP error message."
"lang": "eng",
"value": "phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to (1) lib-xmlrpcs.inc.php, (2) maintenance-activation.php, (3) maintenance-cleantables.php, (4) maintenance-autotargeting.php, (5) maintenance-reports.php, (6) phpads.php, (7) remotehtmlview.php, (8) click.php, (9) adcontent.php, which reveal the path in a PHP error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050314 [SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111083286926490&w=2"
"name": "20050314 [SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111083286926490&w=2"
},
{
"name" : "http://securityreason.com/adv/%5BphpAdsNew%202.0.4-pr1%20Multiple%20vulnerabilities%20cXIb8O3.9%5D.asc",
"refsource" : "MISC",
"url" : "http://securityreason.com/adv/%5BphpAdsNew%202.0.4-pr1%20Multiple%20vulnerabilities%20cXIb8O3.9%5D.asc"
"name": "phpadsnews-path-disclosure(19689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19689"
},
{
"name" : "1013429",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013429"
"name": "http://securityreason.com/adv/%5BphpAdsNew%202.0.4-pr1%20Multiple%20vulnerabilities%20cXIb8O3.9%5D.asc",
"refsource": "MISC",
"url": "http://securityreason.com/adv/%5BphpAdsNew%202.0.4-pr1%20Multiple%20vulnerabilities%20cXIb8O3.9%5D.asc"
},
{
"name" : "phpadsnews-path-disclosure(19689)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19689"
"name": "1013429",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013429"
}
]
}

74
2005/0xxx/CVE-2005-0878.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0878",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0878",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title field of a PM (private message)."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title field of a PM (private message)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "12872",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12872"
"name": "mercuryboard-title-pm-xss(19797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19797"
},
{
"name" : "14679",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14679"
"name": "12872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12872"
},
{
"name" : "mercuryboard-title-pm-xss(19797)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19797"
"name": "14679",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14679"
}
]
}

98
2005/1xxx/CVE-2005-1377.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1377",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1377",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050427 ZRCSA-200501 - Multiple vulnerabilities in Claroline",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111464607103407&w=2"
"name": "13407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13407"
},
{
"name" : "http://www.claroline.net/news.php#85",
"refsource" : "CONFIRM",
"url" : "http://www.claroline.net/news.php#85"
"name": "15161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15161"
},
{
"name" : "13407",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13407"
"name": "20050427 ZRCSA-200501 - Multiple vulnerabilities in Claroline",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111464607103407&w=2"
},
{
"name" : "1013822",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013822"
"name": "claroline-file-include(20300)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20300"
},
{
"name" : "15161",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15161"
"name": "http://www.claroline.net/news.php#85",
"refsource": "CONFIRM",
"url": "http://www.claroline.net/news.php#85"
},
{
"name" : "15725",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15725"
"name": "1013822",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013822"
},
{
"name" : "claroline-file-include(20300)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20300"
"name": "15725",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15725"
}
]
}

98
2005/1xxx/CVE-2005-1456.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1456",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-1456",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort)."
"lang": "eng",
"value": "Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00019.html",
"refsource" : "CONFIRM",
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00019.html"
"name": "oval:org.mitre.oval:def:9700",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9700"
},
{
"name" : "http://www.ethereal.com/news/item_20050504_01.html",
"refsource" : "CONFIRM",
"url" : "http://www.ethereal.com/news/item_20050504_01.html"
"name": "13504",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13504"
},
{
"name" : "CLSA-2005:963",
"refsource" : "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963"
"name": "RHSA-2005:427",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-427.html"
},
{
"name" : "FLSA-2006:152922",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
"name": "http://www.ethereal.com/appnotes/enpa-sa-00019.html",
"refsource": "CONFIRM",
"url": "http://www.ethereal.com/appnotes/enpa-sa-00019.html"
},
{
"name" : "RHSA-2005:427",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-427.html"
"name": "FLSA-2006:152922",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name" : "13504",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13504"
"name": "CLSA-2005:963",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963"
},
{
"name" : "oval:org.mitre.oval:def:9700",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9700"
"name": "http://www.ethereal.com/news/item_20050504_01.html",
"refsource": "CONFIRM",
"url": "http://www.ethereal.com/news/item_20050504_01.html"
}
]
}

62
2005/1xxx/CVE-2005-1581.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1581",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1581",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1013957",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013957"
"name": "1013957",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013957"
}
]
}

68
2005/1xxx/CVE-2005-1959.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1959",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1959",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter."
"lang": "eng",
"value": "jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "13937",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13937"
"name": "1014175",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014175"
},
{
"name" : "1014175",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014175"
"name": "13937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13937"
}
]
}

110
2009/0xxx/CVE-2009-0246.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0246",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0246",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file."
"lang": "eng",
"value": "Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090120 Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/500192/100/0/threaded"
"name": "4941",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4941"
},
{
"name" : "http://secunia.com/secunia_research/2008-61/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2008-61/"
"name": "http://secunia.com/secunia_research/2008-61/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2008-61/"
},
{
"name" : "http://easyhdr.com/version.php",
"refsource" : "CONFIRM",
"url" : "http://easyhdr.com/version.php"
"name": "ADV-2009-0190",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0190"
},
{
"name" : "33363",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33363"
"name": "33363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33363"
},
{
"name" : "ADV-2009-0190",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0190"
"name": "http://easyhdr.com/version.php",
"refsource": "CONFIRM",
"url": "http://easyhdr.com/version.php"
},
{
"name" : "51609",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/51609"
"name": "20090120 Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500192/100/0/threaded"
},
{
"name" : "33468",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33468"
"name": "33468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33468"
},
{
"name" : "4941",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/4941"
"name": "easyhdrpro-hdr-bo(48119)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48119"
},
{
"name" : "easyhdrpro-hdr-bo(48119)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48119"
"name": "51609",
"refsource": "OSVDB",
"url": "http://osvdb.org/51609"
}
]
}

86
2009/0xxx/CVE-2009-0254.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0254",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0254",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System (FITS) file. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System (FITS) file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://easyhdr.com/version.php",
"refsource" : "CONFIRM",
"url" : "http://easyhdr.com/version.php"
"name": "ADV-2009-0190",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0190"
},
{
"name" : "33363",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33363"
"name": "33363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33363"
},
{
"name" : "ADV-2009-0190",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0190"
"name": "http://easyhdr.com/version.php",
"refsource": "CONFIRM",
"url": "http://easyhdr.com/version.php"
},
{
"name" : "51608",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/51608"
"name": "33468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33468"
},
{
"name" : "33468",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33468"
"name": "51608",
"refsource": "OSVDB",
"url": "http://osvdb.org/51608"
}
]
}

68
2009/0xxx/CVE-2009-0621.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0621",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-0621",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access."
"lang": "eng",
"value": "Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"
"name": "20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"
},
{
"name" : "33900",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33900"
"name": "33900",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33900"
}
]
}

80
2009/0xxx/CVE-2009-0760.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0760",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0760",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for data/team.mdb."
"lang": "eng",
"value": "Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for data/team.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "7982",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/7982"
"name": "51752",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/51752"
},
{
"name" : "http://packetstorm.linuxsecurity.com/0902-exploits/teamboard-ddxss.txt",
"refsource" : "MISC",
"url" : "http://packetstorm.linuxsecurity.com/0902-exploits/teamboard-ddxss.txt"
"name": "http://packetstorm.linuxsecurity.com/0902-exploits/teamboard-ddxss.txt",
"refsource": "MISC",
"url": "http://packetstorm.linuxsecurity.com/0902-exploits/teamboard-ddxss.txt"
},
{
"name" : "51752",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/51752"
"name": "7982",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7982"
},
{
"name" : "33839",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33839"
"name": "33839",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33839"
}
]
}

92
2009/1xxx/CVE-2009-1039.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1039",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1039",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file."
"lang": "eng",
"value": "Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090317 CDex v1.70b2 (.ogg) local buffer overflow exploit poc",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/501928/100/0/threaded"
"name": "34164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34164"
},
{
"name" : "8231",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8231"
"name": "8231",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8231"
},
{
"name" : "http://retrogod.altervista.org/9sg_cdex_ogg.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/9sg_cdex_ogg.html"
"name": "http://retrogod.altervista.org/9sg_cdex_ogg.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/9sg_cdex_ogg.html"
},
{
"name" : "34164",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34164"
"name": "20090317 CDex v1.70b2 (.ogg) local buffer overflow exploit poc",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501928/100/0/threaded"
},
{
"name" : "52812",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/52812"
"name": "cdex-ogg-bo(49304)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49304"
},
{
"name" : "cdex-ogg-bo(49304)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49304"
"name": "52812",
"refsource": "OSVDB",
"url": "http://osvdb.org/52812"
}
]
}

92
2009/1xxx/CVE-2009-1162.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-1162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18365",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18365"
"name": "34895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34895"
},
{
"name" : "35203",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35203"
"name": "35203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35203"
},
{
"name" : "54884",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/54884"
"name": "ironport-asyncos-referrer-xss(50948)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50948"
},
{
"name" : "1022335",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022335"
"name": "54884",
"refsource": "OSVDB",
"url": "http://osvdb.org/54884"
},
{
"name" : "34895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34895"
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18365",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18365"
},
{
"name" : "ironport-asyncos-referrer-xss(50948)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50948"
"name": "1022335",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022335"
}
]
}

92
2009/1xxx/CVE-2009-1209.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1209",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1209",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute."
"lang": "eng",
"value": "Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "8314",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8314"
"name": "ADV-2009-0889",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0889"
},
{
"name" : "8321",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8321"
"name": "8314",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8314"
},
{
"name" : "34295",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34295"
"name": "8321",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8321"
},
{
"name" : "34531",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34531"
"name": "34531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34531"
},
{
"name" : "ADV-2009-0889",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0889"
"name": "amaya-htmltag-bo(47399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47399"
},
{
"name" : "amaya-htmltag-bo(47399)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47399"
"name": "34295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34295"
}
]
}

116
2009/1xxx/CVE-2009-1382.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1382",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-1382",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090713 [oCERT-2009-010] mimeTeX and mathTeX buffer overflows and commandinjection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/504919/100/0/threaded"
"name": "ADV-2009-1875",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1875"
},
{
"name" : "http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578",
"refsource" : "MISC",
"url" : "http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578"
"name": "35752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35752"
},
{
"name" : "http://scary.beasts.org/security/CESA-2009-009.html",
"refsource" : "MISC",
"url" : "http://scary.beasts.org/security/CESA-2009-009.html"
"name": "ADV-2010-0877",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0877"
},
{
"name" : "http://www.ocert.org/advisories/ocert-2009-010.html",
"refsource" : "MISC",
"url" : "http://www.ocert.org/advisories/ocert-2009-010.html"
"name": "20090713 [oCERT-2009-010] mimeTeX and mathTeX buffer overflows and commandinjection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504919/100/0/threaded"
},
{
"name" : "FEDORA-2010-6546",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html"
"name": "mimetex-mimetex-bo(51794)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51794"
},
{
"name" : "35752",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35752"
"name": "35816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35816"
},
{
"name" : "35816",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35816"
"name": "http://scary.beasts.org/security/CESA-2009-009.html",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2009-009.html"
},
{
"name" : "ADV-2009-1875",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1875"
"name": "http://www.ocert.org/advisories/ocert-2009-010.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2009-010.html"
},
{
"name" : "ADV-2010-0877",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0877"
"name": "http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578",
"refsource": "MISC",
"url": "http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578"
},
{
"name" : "mimetex-mimetex-bo(51794)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51794"
"name": "FEDORA-2010-6546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html"
}
]
}

116
2009/1xxx/CVE-2009-1914.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1914",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1914",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function."
"lang": "eng",
"value": "The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090603 CVE request: kernel: sparc64: Fix crash with /proc/iomem",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/06/03/3"
"name": "kernel-pciregister-dos(51196)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51196"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043c",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043c"
"name": "35656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35656"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29"
"name": "DSA-1844",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1844"
},
{
"name" : "DSA-1844",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1844"
"name": "54908",
"refsource": "OSVDB",
"url": "http://osvdb.org/54908"
},
{
"name" : "USN-793-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-793-1"
"name": "35415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35415"
},
{
"name" : "35415",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35415"
"name": "36051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36051"
},
{
"name" : "54908",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/54908"
"name": "USN-793-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-793-1"
},
{
"name" : "36051",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36051"
"name": "[oss-security] 20090603 CVE request: kernel: sparc64: Fix crash with /proc/iomem",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/06/03/3"
},
{
"name" : "35656",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35656"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29"
},
{
"name" : "kernel-pciregister-dos(51196)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51196"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043c",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043c"
}
]
}

104
2009/4xxx/CVE-2009-4250.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4250",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4250",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to register.php; (2) the user parameter to search.php; the (3) cat_msg, (4) source_msg, (5) postponed_selected, (6) unapproved_selected, and (7) news_per_page parameters in a list action to the editnews module of index.php; and (8) the link tag in news comments. NOTE: some of the vulnerabilities require register_globals to be enabled and/or magic_quotes_gpc to be disabled."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to register.php; (2) the user parameter to search.php; the (3) cat_msg, (4) source_msg, (5) postponed_selected, (6) unapproved_selected, and (7) news_per_page parameters in a list action to the editnews module of index.php; and (8) the link tag in news comments. NOTE: some of the vulnerabilities require register_globals to be enabled and/or magic_quotes_gpc to be disabled."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20091110 [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/507782/100/0/threaded"
"name": "cutenews-title-xss(54237)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54237"
},
{
"name" : "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt",
"refsource" : "MISC",
"url" : "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt"
"name": "cutenews-newscomments-xss(54224)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54224"
},
{
"name" : "36971",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36971"
"name": "cutenews-search-xss(54222)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54222"
},
{
"name" : "cutenews-editnews-xss(54223)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54223"
"name": "cutenews-register-xss(54221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54221"
},
{
"name" : "cutenews-newscomments-xss(54224)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54224"
"name": "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt",
"refsource": "MISC",
"url": "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt"
},
{
"name" : "cutenews-register-xss(54221)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54221"
"name": "20091110 [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507782/100/0/threaded"
},
{
"name" : "cutenews-search-xss(54222)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54222"
"name": "cutenews-editnews-xss(54223)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54223"
},
{
"name" : "cutenews-title-xss(54237)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54237"
"name": "36971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36971"
}
]
}

80
2009/4xxx/CVE-2009-4836.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4836",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4836",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote attackers to execute arbitrary PHP code via the anticode parameter."
"lang": "eng",
"value": "Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote attackers to execute arbitrary PHP code via the anticode parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "8871",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/8871"
"name": "54883",
"refsource": "OSVDB",
"url": "http://osvdb.org/54883"
},
{
"name" : "54883",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/54883"
"name": "ADV-2009-1495",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1495"
},
{
"name" : "35283",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35283"
"name": "35283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35283"
},
{
"name" : "ADV-2009-1495",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1495"
"name": "8871",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8871"
}
]
}

104
2009/5xxx/CVE-2009-5006.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-5006",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-5006",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange."
"lang": "eng",
"value": "The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://svn.apache.org/viewvc?revision=811188&view=revision",
"refsource" : "CONFIRM",
"url" : "http://svn.apache.org/viewvc?revision=811188&view=revision"
"name": "RHSA-2010:0774",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0774.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=642377",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=642377"
"name": "http://svn.apache.org/viewvc?revision=811188&view=revision",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?revision=811188&view=revision"
},
{
"name" : "https://issues.apache.org/jira/browse/QPID-2080",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/QPID-2080"
"name": "ADV-2010-2684",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2684"
},
{
"name" : "RHSA-2010:0773",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2010-0773.html"
"name": "https://issues.apache.org/jira/browse/QPID-2080",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/QPID-2080"
},
{
"name" : "RHSA-2010:0774",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2010-0774.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=642377",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642377"
},
{
"name" : "41710",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41710"
"name": "41812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41812"
},
{
"name" : "41812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41812"
"name": "41710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41710"
},
{
"name" : "ADV-2010-2684",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2684"
"name": "RHSA-2010:0773",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0773.html"
}
]
}

134
2009/5xxx/CVE-2009-5064.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-5064",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5064",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states \"This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.\""
"lang": "eng",
"value": "** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states \"This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/07/7"
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/7"
},
{
"name" : "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/07/10"
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/10"
},
{
"name" : "[oss-security] 20110307 Re: ldd can execute an app unexpectedly",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/08/2"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=682998",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
},
{
"name" : "[oss-security] 20110307 ldd can execute an app unexpectedly",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/07/13"
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/7"
},
{
"name" : "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/08/1"
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/3"
},
{
"name" : "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/08/3"
"name": "http://reverse.lostrealm.com/protect/ldd.html",
"refsource": "MISC",
"url": "http://reverse.lostrealm.com/protect/ldd.html"
},
{
"name" : "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/08/7"
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/10"
},
{
"name" : "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/08/10"
"name": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/",
"refsource": "MISC",
"url": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
},
{
"name" : "http://reverse.lostrealm.com/protect/ldd.html",
"refsource" : "MISC",
"url" : "http://reverse.lostrealm.com/protect/ldd.html"
"name": "[oss-security] 20110307 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/2"
},
{
"name" : "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/",
"refsource" : "MISC",
"url" : "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
"name": "[oss-security] 20110307 ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/13"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=531160",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/1"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=682998",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
"name": "RHSA-2011:1526",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"name" : "RHSA-2011:1526",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=531160",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
}
]
}

98
2012/2xxx/CVE-2012-2276.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2276",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-2276",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number."
"lang": "eng",
"value": "The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20120510 ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/522682"
"name": "20120510 ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522682"
},
{
"name" : "18734",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18734"
"name": "emc-documentum-irm-dos(75553)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75553"
},
{
"name" : "http://aluigi.org/adv/irm_1-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/irm_1-adv.txt"
"name": "48690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48690"
},
{
"name" : "53475",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53475"
"name": "18734",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18734"
},
{
"name" : "1027058",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027058"
"name": "53475",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53475"
},
{
"name" : "48690",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48690"
"name": "http://aluigi.org/adv/irm_1-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/irm_1-adv.txt"
},
{
"name" : "emc-documentum-irm-dos(75553)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75553"
"name": "1027058",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027058"
}
]
}

80
2012/2xxx/CVE-2012-2369.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2369",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2369",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message."
"lang": "eng",
"value": "Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120516 Format string security flaw in pidgin-otr",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2012/05/16/2"
"name": "GLSA-201207-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-05.xml"
},
{
"name" : "DSA-2476",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2012/dsa-2476"
"name": "SUSE-SU-2012:0703",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00003.html"
},
{
"name" : "GLSA-201207-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201207-05.xml"
"name": "DSA-2476",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2476"
},
{
"name" : "SUSE-SU-2012:0703",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00003.html"
"name": "[oss-security] 20120516 Format string security flaw in pidgin-otr",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/05/16/2"
}
]
}

74
2012/2xxx/CVE-2012-2438.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2438",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2438",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php."
"lang": "eng",
"value": "ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20121108 Vulnerability Report on AWCM 2.2",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-11/0039.html"
"name": "http://packetstormsecurity.org/files/117975/AWCM-2.2-Access-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/117975/AWCM-2.2-Access-Bypass.html"
},
{
"name" : "http://packetstormsecurity.org/files/117975/AWCM-2.2-Access-Bypass.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/117975/AWCM-2.2-Access-Bypass.html"
"name": "awcm-database-sec-bypass(79927)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79927"
},
{
"name" : "awcm-database-sec-bypass(79927)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79927"
"name": "20121108 Vulnerability Report on AWCM 2.2",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0039.html"
}
]
}

22
2012/2xxx/CVE-2012-2477.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2477",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2477",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2012/2xxx/CVE-2012-2989.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2989",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2989",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2012/3xxx/CVE-2012-3178.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3178",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3178",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}

296
2012/3xxx/CVE-2012-3216.json
View File

@ -1,256 +1,256 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3216",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3216",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries."
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
"name": "51313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51313"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
"name": "SUSE-SU-2012:1398",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620037",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
"name": "RHSA-2012:1466",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
"name": "RHSA-2012:1386",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
},
{
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html",
"refsource" : "CONFIRM",
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
"name": "51315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51315"
},
{
"name" : "GLSA-201406-32",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name": "51438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51438"
},
{
"name" : "HPSBUX02832",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
"name": "51141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51141"
},
{
"name" : "SSRT101042",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
"name": "SSRT101043",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
},
{
"name" : "HPSBOV02833",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
"name": "SUSE-SU-2012:1490",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html"
},
{
"name" : "SSRT101043",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name" : "RHSA-2012:1385",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
"name": "openSUSE-SU-2012:1423",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"name" : "RHSA-2012:1386",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name" : "RHSA-2012:1391",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
"name": "RHSA-2012:1391",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"name" : "RHSA-2012:1392",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
"name": "oval:org.mitre.oval:def:16538",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16538"
},
{
"name" : "RHSA-2012:1465",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"name" : "RHSA-2012:1466",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
"name": "51029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51029"
},
{
"name" : "RHSA-2012:1467",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
"name": "HPSBOV02833",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
},
{
"name" : "RHSA-2013:1455",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name": "51166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51166"
},
{
"name" : "RHSA-2013:1456",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
"name": "51390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51390"
},
{
"name" : "SUSE-SU-2012:1490",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html"
"name": "56075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56075"
},
{
"name" : "openSUSE-SU-2012:1423",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
"name": "RHSA-2012:1392",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"name" : "SUSE-SU-2012:1398",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"name" : "SUSE-SU-2012:1595",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
"name": "SUSE-SU-2012:1489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"name" : "SUSE-SU-2012:1489",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
"name": "SUSE-SU-2012:1595",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"name" : "56075",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/56075"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name" : "oval:org.mitre.oval:def:16538",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16538"
"name": "51327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51327"
},
{
"name" : "51028",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51028"
"name": "RHSA-2012:1467",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name" : "51029",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51029"
"name": "RHSA-2012:1465",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name" : "51141",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51141"
"name": "51328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51328"
},
{
"name" : "51313",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51313"
"name": "SSRT101042",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
},
{
"name" : "51315",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51315"
"name": "51028",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51028"
},
{
"name" : "51326",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51326"
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name" : "51327",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51327"
"name": "51393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51393"
},
{
"name" : "51328",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51328"
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"name" : "51390",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51390"
"name": "51326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51326"
},
{
"name" : "51393",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51393"
"name": "RHSA-2012:1385",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
},
{
"name" : "51438",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51438"
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name" : "51166",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51166"
"name": "HPSBUX02832",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
}
]
}

164
2012/3xxx/CVE-2012-3423.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3423",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3423",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet."
"lang": "eng",
"value": "The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=841345",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=841345"
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name" : "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=518",
"refsource" : "CONFIRM",
"url" : "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=518"
"name": "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.1/NEWS",
"refsource": "CONFIRM",
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.1/NEWS"
},
{
"name" : "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=863",
"refsource" : "CONFIRM",
"url" : "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=863"
"name": "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=863",
"refsource": "CONFIRM",
"url": "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=863"
},
{
"name" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.1/NEWS",
"refsource" : "CONFIRM",
"url" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.1/NEWS"
"name": "SUSE-SU-2013:0851",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00020.html"
},
{
"name" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d65bd94e0ba9",
"refsource" : "CONFIRM",
"url" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d65bd94e0ba9"
"name": "USN-1521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1521-1"
},
{
"name" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d7375e2a9076",
"refsource" : "CONFIRM",
"url" : "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d7375e2a9076"
"name": "openSUSE-SU-2012:0982",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00005.html"
},
{
"name" : "GLSA-201406-32",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=841345",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841345"
},
{
"name" : "RHSA-2012:1132",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1132.html"
"name": "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d65bd94e0ba9",
"refsource": "CONFIRM",
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d65bd94e0ba9"
},
{
"name" : "SUSE-SU-2012:0979",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00003.html"
"name": "SUSE-SU-2013:1174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00013.html"
},
{
"name" : "openSUSE-SU-2012:0981",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00004.html"
"name": "openSUSE-SU-2013:0826",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00032.html"
},
{
"name" : "openSUSE-SU-2012:0982",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00005.html"
"name": "openSUSE-SU-2012:0981",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00004.html"
},
{
"name" : "openSUSE-SU-2013:0826",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-05/msg00032.html"
"name": "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d7375e2a9076",
"refsource": "CONFIRM",
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/d7375e2a9076"
},
{
"name" : "SUSE-SU-2013:0851",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00020.html"
"name": "SUSE-SU-2012:0979",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00003.html"
},
{
"name" : "openSUSE-SU-2013:0893",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00030.html"
"name": "openSUSE-SU-2013:0966",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00101.html"
},
{
"name" : "openSUSE-SU-2013:0966",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00101.html"
"name": "openSUSE-SU-2013:0893",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00030.html"
},
{
"name" : "SUSE-SU-2013:1174",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00013.html"
"name": "RHSA-2012:1132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1132.html"
},
{
"name" : "USN-1521-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1521-1"
"name": "50089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50089"
},
{
"name" : "50089",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50089"
"name": "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=518",
"refsource": "CONFIRM",
"url": "http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=518"
}
]
}

104
2012/3xxx/CVE-2012-3519.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3519",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3519",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack."
"lang": "eng",
"value": "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2012/08/21/6"
"name": "GLSA-201301-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
},
{
"name" : "[tor-announce] 20120819 Tor 0.2.2.38 is released",
"refsource" : "MLIST",
"url" : "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
"name": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a",
"refsource": "CONFIRM",
"url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
},
{
"name" : "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a",
"refsource" : "CONFIRM",
"url" : "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
"name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
"refsource": "MLIST",
"url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
},
{
"name" : "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b",
"refsource" : "CONFIRM",
"url" : "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
"name": "50583",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50583"
},
{
"name" : "https://trac.torproject.org/projects/tor/ticket/6537",
"refsource" : "CONFIRM",
"url" : "https://trac.torproject.org/projects/tor/ticket/6537"
"name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/08/21/6"
},
{
"name" : "GLSA-201301-03",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201301-03.xml"
"name": "https://trac.torproject.org/projects/tor/ticket/6537",
"refsource": "CONFIRM",
"url": "https://trac.torproject.org/projects/tor/ticket/6537"
},
{
"name" : "openSUSE-SU-2012:1068",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
"name": "openSUSE-SU-2012:1068",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
},
{
"name" : "50583",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50583"
"name": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b",
"refsource": "CONFIRM",
"url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
}
]
}

92
2012/3xxx/CVE-2012-3629.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3629",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2012-3629",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1."
"lang": "eng",
"value": "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT5400",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5400"
"name": "http://support.apple.com/kb/HT5485",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5485"
},
{
"name" : "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5485"
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name" : "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503"
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
},
{
"name" : "APPLE-SA-2012-07-25-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
"name": "APPLE-SA-2012-09-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"name" : "APPLE-SA-2012-09-12-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
"name": "APPLE-SA-2012-07-25-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"name" : "APPLE-SA-2012-09-19-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"name": "http://support.apple.com/kb/HT5400",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5400"
}
]
}

74
2012/6xxx/CVE-2012-6037.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6037",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6037",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with \"unknown fields,\" which are not properly handled in error messages in the (1) bulk user, (2) group, and (3) group member upload capabilities. NOTE: this issue was originally part of CVE-2012-2243, but that ID was SPLIT due to different issues by different researchers."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with \"unknown fields,\" which are not properly handled in error messages in the (1) bulk user, (2) group, and (3) group member upload capabilities. NOTE: this issue was originally part of CVE-2012-2243, but that ID was SPLIT due to different issues by different researchers."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugs.launchpad.net/mahara/+bug/1063480",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/mahara/+bug/1063480"
"name": "https://mahara.org/interaction/forum/topic.php?id=4937",
"refsource": "CONFIRM",
"url": "https://mahara.org/interaction/forum/topic.php?id=4937"
},
{
"name" : "https://mahara.org/interaction/forum/topic.php?id=4937",
"refsource" : "CONFIRM",
"url" : "https://mahara.org/interaction/forum/topic.php?id=4937"
"name": "DSA-2591",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2591"
},
{
"name" : "DSA-2591",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2012/dsa-2591"
"name": "https://bugs.launchpad.net/mahara/+bug/1063480",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/mahara/+bug/1063480"
}
]
}

22
2012/6xxx/CVE-2012-6327.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6327",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-6327",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
}
]
}

74
2012/6xxx/CVE-2012-6355.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6355",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-6355",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to a work order."
"lang": "eng",
"value": "IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to a work order."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21625624",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21625624"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21625624",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21625624"
},
{
"name" : "IV30384",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30384"
"name": "mam-work-order-priv-esc(80747)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80747"
},
{
"name" : "mam-work-order-priv-esc(80747)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80747"
"name": "IV30384",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30384"
}
]
}

80
2012/6xxx/CVE-2012-6638.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6638",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6638",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663."
"lang": "eng",
"value": "The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=826702",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=826702"
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fdf5af0daf8019cec2396cdef8fb042d80fe71fa",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fdf5af0daf8019cec2396cdef8fb042d80fe71fa"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fdf5af0daf8019cec2396cdef8fb042d80fe71fa",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fdf5af0daf8019cec2396cdef8fb042d80fe71fa"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24"
"name": "https://github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fa",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fa"
},
{
"name" : "https://github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fa",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fa"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=826702",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826702"
}
]
}

22
2015/5xxx/CVE-2015-5072.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5072",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5072",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

110
2015/5xxx/CVE-2015-5234.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5234",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5234",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks."
"lang": "eng",
"value": "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released",
"refsource" : "MLIST",
"url" : "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html"
"name": "USN-2817-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2817-1"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1233667",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1233667"
"name": "openSUSE-SU-2015:1595",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name" : "FEDORA-2015-15676",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html"
"name": "FEDORA-2015-15676",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html"
},
{
"name" : "FEDORA-2015-15677",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html"
"name": "1033780",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033780"
},
{
"name" : "RHSA-2016:0778",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0778.html"
"name": "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released",
"refsource": "MLIST",
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html"
},
{
"name" : "openSUSE-SU-2015:1595",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html"
"name": "RHSA-2016:0778",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0778.html"
},
{
"name" : "USN-2817-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2817-1"
"name": "FEDORA-2015-15677",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html"
},
{
"name" : "1033780",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033780"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1233667",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233667"
}
]
}

80
2015/5xxx/CVE-2015-5891.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5891",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-5891",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors."
"lang": "eng",
"value": "The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205267",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205267"
"name": "1033703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name" : "APPLE-SA-2015-09-30-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name" : "76908",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76908"
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
},
{
"name" : "1033703",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033703"
"name": "76908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76908"
}
]
}

132
2017/2xxx/CVE-2017-2349.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2017-07-12T09:00",
"ID" : "CVE-2017-2349",
"STATE" : "PUBLIC",
"TITLE" : "SRX Series: Command injection vulnerability in SRX IDP feature."
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2349",
"STATE": "PUBLIC",
"TITLE": "SRX Series: Command injection vulnerability in SRX IDP feature."
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Junos OS",
"version" : {
"version_data" : [
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform" : "",
"version_value" : "12.1X44 prior to 12.1X44-D60"
"platform": "",
"version_value": "12.1X44 prior to 12.1X44-D60"
},
{
"platform" : "",
"version_value" : "12.1X46 prior to 12.1X46-D50"
"platform": "",
"version_value": "12.1X46 prior to 12.1X46-D50"
},
{
"platform" : "",
"version_value" : "12.1X47 prior to 12.1X47-D30, 12.1X47-D35"
"platform": "",
"version_value": "12.1X47 prior to 12.1X47-D30, 12.1X47-D35"
},
{
"platform" : "",
"version_value" : "12.3X48 prior to 12.3X48-D20, 12.3X48-D30"
"platform": "",
"version_value": "12.3X48 prior to 12.3X48-D20, 12.3X48-D30"
},
{
"platform" : "",
"version_value" : "15.1X49 prior to 15.1X49-D20, 15.1X49-D30"
"platform": "",
"version_value": "15.1X49 prior to 15.1X49-D20, 15.1X49-D30"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration" : [],
"credit" : [],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"configuration": [],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges. Affected releases are Juniper Networks Junos OS 12.1X44 prior to 12.1X44-D60; 12.1X46 prior to 12.1X46-D50; 12.1X47 prior to 12.1X47-D30, 12.1X47-D35; 12.3X48 prior to 12.3X48-D20, 12.3X48-D30; 15.1X49 prior to 15.1X49-D20, 15.1X49-D30."
"lang": "eng",
"value": "A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges. Affected releases are Juniper Networks Junos OS 12.1X44 prior to 12.1X44-D60; 12.1X46 prior to 12.1X46-D50; 12.1X47 prior to 12.1X47-D30, 12.1X47-D35; 12.3X48 prior to 12.3X48-D20, 12.3X48-D30; 15.1X49 prior to 15.1X49-D20, 15.1X49-D30."
}
]
},
"exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 9.9,
"baseSeverity" : "CRITICAL",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version" : "3.0"
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "command injection"
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.juniper.net/JSA10801",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10801"
"name": "1038898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038898"
},
{
"name" : "1038898",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038898"
"name": "https://kb.juniper.net/JSA10801",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10801"
}
]
},
"solution" : "The following software releases have been updated to resolve this specific issue: 12.1X44-D60, 12.1X47-D30, 12.1X47-D35, 12.3X48-D20, 12.3X48-D30, 15.1X49-D20, 15.1X49-D30, 12.1X46-D50, and all subsequent releases.\n\nThis issue is being tracked as PR 1091623 and is visible on the Customer Support website.",
"work_around" : [
"solution": "The following software releases have been updated to resolve this specific issue: 12.1X44-D60, 12.1X47-D30, 12.1X47-D35, 12.3X48-D20, 12.3X48-D30, 15.1X49-D20, 15.1X49-D30, 12.1X46-D50, and all subsequent releases.\n\nThis issue is being tracked as PR 1091623 and is visible on the Customer Support website.",
"work_around": [
{
"lang" : "eng",
"value" : "Use access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators."
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators."
}
]
}

98
2017/2xxx/CVE-2017-2504.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-2504",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-2504",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with WebKit Editor commands."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with WebKit Editor commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42064",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42064/"
"name": "1038487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038487"
},
{
"name" : "https://support.apple.com/HT207798",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207798"
"name": "https://support.apple.com/HT207804",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207804"
},
{
"name" : "https://support.apple.com/HT207801",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207801"
"name": "GLSA-201706-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-15"
},
{
"name" : "https://support.apple.com/HT207804",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207804"
"name": "42064",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42064/"
},
{
"name" : "GLSA-201706-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-15"
"name": "https://support.apple.com/HT207798",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207798"
},
{
"name" : "98473",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98473"
"name": "https://support.apple.com/HT207801",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207801"
},
{
"name" : "1038487",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038487"
"name": "98473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98473"
}
]
}

110
2018/11xxx/CVE-2018-11058.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@dell.com",
"ID" : "CVE-2018-11058",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2018-11058",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "BSAFE Micro Edition Suite",
"version" : {
"version_data" : [
"product_name": "BSAFE Micro Edition Suite",
"version": {
"version_data": [
{
"affected" : "<",
"version_value" : "4.0.11"
"affected": "<",
"version_value": "4.0.11"
},
{
"affected" : "<",
"version_value" : "4.1.6.1"
"affected": "<",
"version_value": "4.1.6.1"
}
]
}
},
{
"product_name" : "BSAFE Crypto-C Micro Edition",
"version" : {
"version_data" : [
"product_name": "BSAFE Crypto-C Micro Edition",
"version": {
"version_data": [
{
"affected" : "<",
"version_value" : "4.0.5.3"
"affected": "<",
"version_value": "4.0.5.3"
}
]
}
}
]
},
"vendor_name" : "RSA"
"vendor_name": "RSA"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue."
"lang": "eng",
"value": "RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Over-Read vulnerability"
"lang": "eng",
"value": "Buffer Over-Read vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20180828 DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple Security Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/Aug/46"
"name": "20180828 DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple Security Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/Aug/46"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
"source": {
"discovery": "UNKNOWN"
}
}

22
2018/11xxx/CVE-2018-11106.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11106",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11106",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2018/11xxx/CVE-2018-11144.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11144",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11144",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 2 of 46)."
"lang": "eng",
"value": "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 2 of 46)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/May/71"
"name": "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/71"
},
{
"name" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html"
"name": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html"
},
{
"name" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities",
"refsource" : "MISC",
"url" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities"
"name": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities"
}
]
}

80
2018/11xxx/CVE-2018-11529.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions."
"lang": "eng",
"value": "VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "45626",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45626/"
"name": "1041311",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041311"
},
{
"name" : "20180710 VLC media player 2.2.8 Arbitrary Code Execution PoC",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/Jul/28"
"name": "20180710 VLC media player 2.2.8 Arbitrary Code Execution PoC",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/Jul/28"
},
{
"name" : "DSA-4251",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4251"
"name": "45626",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45626/"
},
{
"name" : "1041311",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041311"
"name": "DSA-4251",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4251"
}
]
}

68
2018/11xxx/CVE-2018-11578.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11578",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11578",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault."
"lang": "eng",
"value": "GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib",
"refsource" : "MISC",
"url" : "https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib"
"name": "https://github.com/miniupnp/ngiflib/issues/5",
"refsource": "MISC",
"url": "https://github.com/miniupnp/ngiflib/issues/5"
},
{
"name" : "https://github.com/miniupnp/ngiflib/issues/5",
"refsource" : "MISC",
"url" : "https://github.com/miniupnp/ngiflib/issues/5"
"name": "https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib",
"refsource": "MISC",
"url": "https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib"
}
]
}

22
2018/14xxx/CVE-2018-14119.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14119",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14119",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/14xxx/CVE-2018-14239.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14239",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14239",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/14xxx/CVE-2018-14373.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14373",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-14373",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

64
2018/15xxx/CVE-2018-15310.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-09-12T00:00:00",
"ID" : "CVE-2018-15310",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC": "2018-09-12T00:00:00",
"ID": "CVE-2018-15310",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "BIG-IP APM",
"version" : {
"version_data" : [
"product_name": "BIG-IP APM",
"version": {
"version_data": [
{
"version_value" : "11.5.1-11.5.7, 11.6.0-11.6.3, 12.1.0-12.1.3"
"version_value": "11.5.1-11.5.7, 11.6.0-11.6.3, 12.1.0-12.1.3"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6.3, and 12.1.0-12.1.3 discloses the BIG-IP software version in rewritten pages."
"lang": "eng",
"value": "A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6.3, and 12.1.0-12.1.3 discloses the BIG-IP software version in rewritten pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.f5.com/csp/article/K40625021",
"refsource" : "CONFIRM",
"url" : "https://support.f5.com/csp/article/K40625021"
"name": "https://support.f5.com/csp/article/K40625021",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K40625021"
}
]
}

88
2018/15xxx/CVE-2018-15433.json
View File

@ -1,84 +1,84 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"DATE_PUBLIC" : "2018-10-03T16:00:00-0500",
"ID" : "CVE-2018-15433",
"STATE" : "PUBLIC",
"TITLE" : "Cisco Prime Infrastructure Information Disclosure Vulnerability"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-10-03T16:00:00-0500",
"ID": "CVE-2018-15433",
"STATE": "PUBLIC",
"TITLE": "Cisco Prime Infrastructure Information Disclosure Vulnerability"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cisco Prime Infrastructure ",
"version" : {
"version_data" : [
"product_name": "Cisco Prime Infrastructure ",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Cisco"
"vendor_name": "Cisco"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. A successful exploit could allow the attacker to view sensitive information."
"lang": "eng",
"value": "A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. A successful exploit could allow the attacker to view sensitive information."
}
]
},
"impact" : {
"cvss" : {
"baseScore" : "4.3",
"version" : "3.0"
"impact": {
"cvss": {
"baseScore": "4.3",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-200"
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20181003 Cisco Prime Infrastructure Information Disclosure Vulnerability",
"refsource" : "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-prime-id"
"name": "105562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105562"
},
{
"name" : "105562",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105562"
"name": "20181003 Cisco Prime Infrastructure Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-prime-id"
}
]
},
"source" : {
"advisory" : "cisco-sa-20181003-prime-id",
"defect" : [
"source": {
"advisory": "cisco-sa-20181003-prime-id",
"defect": [
[
"CSCvg93152"
]
],
"discovery" : "UNKNOWN"
"discovery": "UNKNOWN"
}
}

66
2018/15xxx/CVE-2018-15508.json
View File

@ -1,18 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15508",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15508",
"STATE": "PUBLIC"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://0tkombo.wixsite.com/0tkombo/blog/five9-dos-websocket-access",
"url": "https://0tkombo.wixsite.com/0tkombo/blog/five9-dos-websocket-access"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}
}

22
2018/8xxx/CVE-2018-8295.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8295",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8295",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/8xxx/CVE-2018-8644.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8644",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8644",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/8xxx/CVE-2018-8762.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8762",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8762",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

88
2018/8xxx/CVE-2018-8789.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@checkpoint.com",
"DATE_PUBLIC" : "2018-10-22T00:00:00",
"ID" : "CVE-2018-8789",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"DATE_PUBLIC": "2018-10-22T00:00:00",
"ID": "CVE-2018-8789",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "FreeRDP",
"version" : {
"version_data" : [
"product_name": "FreeRDP",
"version": {
"version_data": [
{
"version_value" : "All versions prior to 2.0.0-rc4"
"version_value": "All versions prior to 2.0.0-rc4"
}
]
}
}
]
},
"vendor_name" : "Check Point Software Technologies Ltd."
"vendor_name": "Check Point Software Technologies Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault)."
"lang": "eng",
"value": "FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-126: Buffer Over-read"
"lang": "eng",
"value": "CWE-126: Buffer Over-read"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html"
"name": "106938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106938"
},
{
"name" : "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6",
"refsource" : "CONFIRM",
"url" : "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
"name": "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6",
"refsource": "CONFIRM",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"name" : "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/",
"refsource" : "CONFIRM",
"url" : "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"
"name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html"
},
{
"name" : "USN-3845-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3845-1/"
"name": "USN-3845-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3845-1/"
},
{
"name" : "106938",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106938"
"name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/",
"refsource": "CONFIRM",
"url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"
}
]
}

62
2018/8xxx/CVE-2018-8809.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8809",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8809",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file."
"lang": "eng",
"value": "In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/radare/radare2/issues/9726",
"refsource" : "MISC",
"url" : "https://github.com/radare/radare2/issues/9726"
"name": "https://github.com/radare/radare2/issues/9726",
"refsource": "MISC",
"url": "https://github.com/radare/radare2/issues/9726"
}
]
}