admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:45:10 +00:00
parent 0c41c59a89
commit b985814b22
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 4021 additions and 4021 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
2005/0xxx/CVE-2005-0056.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0056",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the \"Channel Definition Format (CDF) Cross Domain Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS05-014",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014"
},
{
"name" : "TA05-039A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
},
{
"name" : "VU#823971",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/823971"
},
{
"name" : "oval:org.mitre.oval:def:2385",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2385"
},
{
"name" : "oval:org.mitre.oval:def:2817",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2817"
},
{
"name" : "oval:org.mitre.oval:def:3318",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3318"
},
{
"name" : "oval:org.mitre.oval:def:4085",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4085"
},
{
"name" : "oval:org.mitre.oval:def:4947",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4947"
},
{
"name" : "1013126",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013126"
},
{
"name" : "ie-cdf-execute-code(19137)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19137"
},
{
"name" : "12427",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12427"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the \"Channel Definition Format (CDF) Cross Domain Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:2817",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2817"
},
{
"name": "oval:org.mitre.oval:def:2385",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2385"
},
{
"name": "MS05-014",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014"
},
{
"name": "TA05-039A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
},
{
"name": "12427",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12427"
},
{
"name": "ie-cdf-execute-code(19137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19137"
},
{
"name": "1013126",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013126"
},
{
"name": "oval:org.mitre.oval:def:4085",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4085"
},
{
"name": "oval:org.mitre.oval:def:4947",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4947"
},
{
"name": "VU#823971",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/823971"
},
{
"name": "oval:org.mitre.oval:def:3318",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3318"
}
]
}
}

160
2005/0xxx/CVE-2005-0127.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0127",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "APPLE-SA-2005-01-25",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"name" : "VU#464662",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/464662"
},
{
"name" : "1013001",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013001"
},
{
"name" : "14005",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14005"
},
{
"name" : "macos-ethernet-address-disclosure(19085)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19085"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#464662",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/464662"
},
{
"name": "APPLE-SA-2005-01-25",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"name": "14005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14005"
},
{
"name": "macos-ethernet-address-disclosure(19085)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19085"
},
{
"name": "1013001",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013001"
}
]
}
}

160
2005/0xxx/CVE-2005-0309.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0309",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050125 Vulnerabilities in eXponent 0.95",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110666998407073&w=2"
},
{
"name" : "12358",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12358"
},
{
"name" : "13188",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/13188"
},
{
"name" : "13190",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/13190"
},
{
"name" : "exponent-module-xss(19061)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19061"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13190",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13190"
},
{
"name": "12358",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12358"
},
{
"name": "20050125 Vulnerabilities in eXponent 0.95",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110666998407073&w=2"
},
{
"name": "exponent-module-xss(19061)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19061"
},
{
"name": "13188",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13188"
}
]
}
}

170
2005/0xxx/CVE-2005-0311.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0311",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050127 Ingate Firewall: Removed PPTP tunnels not deactivated",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110684375429946&w=2"
},
{
"name" : "http://www.ingate.com/relnote-422.php",
"refsource" : "CONFIRM",
"url" : "http://www.ingate.com/relnote-422.php"
},
{
"name" : "12383",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12383"
},
{
"name" : "1013022",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013022"
},
{
"name" : "14060",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14060"
},
{
"name" : "ingate-firewall-unath-access(19123)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ingate-firewall-unath-access(19123)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
},
{
"name": "12383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12383"
},
{
"name": "20050127 Ingate Firewall: Removed PPTP tunnels not deactivated",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110684375429946&w=2"
},
{
"name": "1013022",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013022"
},
{
"name": "http://www.ingate.com/relnote-422.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-422.php"
},
{
"name": "14060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14060"
}
]
}
}

120
2005/0xxx/CVE-2005-0910.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0910",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "1013566",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013566"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1013566",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013566"
}
]
}
}

170
2005/0xxx/CVE-2005-0928.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0928",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050328 Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software.",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111205342909640&w=2"
},
{
"name" : "15096",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15096"
},
{
"name" : "15097",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15097"
},
{
"name" : "15098",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15098"
},
{
"name" : "1013581",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013581"
},
{
"name" : "14742",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14742"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15098"
},
{
"name": "14742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14742"
},
{
"name": "20050328 Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111205342909640&w=2"
},
{
"name": "15097",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15097"
},
{
"name": "15096",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15096"
},
{
"name": "1013581",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013581"
}
]
}
}

150
2005/1xxx/CVE-2005-1288.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1288",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the \"in\" value in a cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050423 ACSblog bug",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111428190921388&w=2"
},
{
"name" : "15787",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15787"
},
{
"name" : "1013795",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013795"
},
{
"name" : "15105",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15105"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the \"in\" value in a cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15787",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15787"
},
{
"name": "1013795",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013795"
},
{
"name": "15105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15105"
},
{
"name": "20050423 ACSblog bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111428190921388&w=2"
}
]
}
}

130
2005/1xxx/CVE-2005-1923.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1923",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050629 Clam AntiVirus ClamAV Cabinet File Handling DoS Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities"
},
{
"name" : "DSA-737",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-737"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050629 Clam AntiVirus ClamAV Cabinet File Handling DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities"
},
{
"name": "DSA-737",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-737"
}
]
}
}

160
2005/3xxx/CVE-2005-3447.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3447",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html"
},
{
"name" : "TA05-292A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-292A.html"
},
{
"name" : "VU#210524",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/210524"
},
{
"name" : "15134",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15134"
},
{
"name" : "17250",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17250"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html"
},
{
"name": "TA05-292A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-292A.html"
},
{
"name": "15134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15134"
},
{
"name": "VU#210524",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/210524"
},
{
"name": "17250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17250"
}
]
}
}

150
2005/4xxx/CVE-2005-4042.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4042",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://pridels0.blogspot.com/2005/12/warm-links-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/warm-links-xss-vuln.html"
},
{
"name" : "ADV-2005-2738",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2738"
},
{
"name" : "21439",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21439"
},
{
"name" : "17864",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17864"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17864",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17864"
},
{
"name": "ADV-2005-2738",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2738"
},
{
"name": "21439",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21439"
},
{
"name": "http://pridels0.blogspot.com/2005/12/warm-links-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/warm-links-xss-vuln.html"
}
]
}
}

180
2005/4xxx/CVE-2005-4173.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4173",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information by accessing phpinfo.php, which executes the PHP phpinfo function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20051125 eFiction <= 2.0 multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html"
},
{
"name" : "http://rgod.altervista.org/efiction2_xpl.html",
"refsource" : "MISC",
"url" : "http://rgod.altervista.org/efiction2_xpl.html"
},
{
"name" : "http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555",
"refsource" : "CONFIRM",
"url" : "http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555"
},
{
"name" : "15568",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15568"
},
{
"name" : "21126",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21126"
},
{
"name" : "1015273",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015273"
},
{
"name" : "17777",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17777"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information by accessing phpinfo.php, which executes the PHP phpinfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555",
"refsource": "CONFIRM",
"url": "http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555"
},
{
"name": "15568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15568"
},
{
"name": "http://rgod.altervista.org/efiction2_xpl.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/efiction2_xpl.html"
},
{
"name": "17777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17777"
},
{
"name": "1015273",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015273"
},
{
"name": "21126",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21126"
},
{
"name": "20051125 eFiction <= 2.0 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html"
}
]
}
}

210
2005/4xxx/CVE-2005-4358.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4358",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20051217 phpBB 2.0.18 XSS and Full Path Disclosure",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=113484567432679&w=2"
},
{
"name" : "20051217 phpBB 2.0.18 XSS and Full Path Disclosure",
"refsource" : "SREASONRES",
"url" : "http://securityreason.com/achievement_securityalert/29"
},
{
"name" : "20051230 phpbb2.0.19 fixes security issues",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/420537/100/0/threaded"
},
{
"name" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=352966",
"refsource" : "CONFIRM",
"url" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=352966"
},
{
"name" : "ADV-2005-2991",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2991"
},
{
"name" : "ADV-2006-0010",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0010"
},
{
"name" : "21804",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21804"
},
{
"name" : "18125",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18125"
},
{
"name" : "18252",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18252"
},
{
"name" : "269",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/269"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051217 phpBB 2.0.18 XSS and Full Path Disclosure",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=113484567432679&w=2"
},
{
"name": "ADV-2005-2991",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2991"
},
{
"name": "18252",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18252"
},
{
"name": "20051230 phpbb2.0.19 fixes security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420537/100/0/threaded"
},
{
"name": "18125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18125"
},
{
"name": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=352966",
"refsource": "CONFIRM",
"url": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=352966"
},
{
"name": "20051217 phpBB 2.0.18 XSS and Full Path Disclosure",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/29"
},
{
"name": "269",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/269"
},
{
"name": "ADV-2006-0010",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0010"
},
{
"name": "21804",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21804"
}
]
}
}

140
2005/4xxx/CVE-2005-4611.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4611",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://pridels0.blogspot.com/2005/12/free-clickbank-search-engine-sql-inj.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/free-clickbank-search-engine-sql-inj.html"
},
{
"name" : "21489",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21489"
},
{
"name" : "freeclickbank-search-sql-injection(24348)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24348"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freeclickbank-search-sql-injection(24348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24348"
},
{
"name": "21489",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21489"
},
{
"name": "http://pridels0.blogspot.com/2005/12/free-clickbank-search-engine-sql-inj.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/free-clickbank-search-engine-sql-inj.html"
}
]
}
}

140
2009/0xxx/CVE-2009-0296.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0296",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "7873",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/7873"
},
{
"name" : "51630",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/51630"
},
{
"name" : "33661",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33661"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7873",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7873"
},
{
"name": "33661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33661"
},
{
"name": "51630",
"refsource": "OSVDB",
"url": "http://osvdb.org/51630"
}
]
}
}

140
2009/0xxx/CVE-2009-0533.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0533",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "33641",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33641"
},
{
"name" : "33989",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33989"
},
{
"name" : "ezreminder-password-xss(48548)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48548"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ezreminder-password-xss(48548)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48548"
},
{
"name": "33641",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33641"
},
{
"name": "33989",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33989"
}
]
}
}

130
2009/0xxx/CVE-2009-0627.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0627",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified \"sequence of TCP packets\" related to \"TCP State manipulation,\" possibly related to separate attacks against CVE-2008-4609."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-0627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
},
{
"name" : "1022847",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022847"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified \"sequence of TCP packets\" related to \"TCP State manipulation,\" possibly related to separate attacks against CVE-2008-4609."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022847",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022847"
},
{
"name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
}
]
}
}

210
2009/0xxx/CVE-2009-0651.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0651",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to \"initial communications setup.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://seer.entsupport.symantec.com/docs/317828.htm",
"refsource" : "CONFIRM",
"url" : "http://seer.entsupport.symantec.com/docs/317828.htm"
},
{
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html",
"refsource" : "CONFIRM",
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html"
},
{
"name" : "253287",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1"
},
{
"name" : "33772",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33772"
},
{
"name" : "52269",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/52269"
},
{
"name" : "ADV-2009-0461",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0461"
},
{
"name" : "1021734",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1021734"
},
{
"name" : "33953",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33953"
},
{
"name" : "ADV-2009-1097",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1097"
},
{
"name" : "veritas-netbackup-vnetd-privilege-escalation(48795)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48795"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to \"initial communications setup.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "veritas-netbackup-vnetd-privilege-escalation(48795)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48795"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html"
},
{
"name": "ADV-2009-1097",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1097"
},
{
"name": "1021734",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021734"
},
{
"name": "33772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33772"
},
{
"name": "253287",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1"
},
{
"name": "ADV-2009-0461",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0461"
},
{
"name": "http://seer.entsupport.symantec.com/docs/317828.htm",
"refsource": "CONFIRM",
"url": "http://seer.entsupport.symantec.com/docs/317828.htm"
},
{
"name": "52269",
"refsource": "OSVDB",
"url": "http://osvdb.org/52269"
},
{
"name": "33953",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33953"
}
]
}
}

190
2009/0xxx/CVE-2009-0878.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0878",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://launchpad.net/bugs/335089",
"refsource" : "CONFIRM",
"url" : "http://launchpad.net/bugs/335089"
},
{
"name" : "http://launchpad.net/bugs/336396",
"refsource" : "CONFIRM",
"url" : "http://launchpad.net/bugs/336396"
},
{
"name" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource" : "CONFIRM",
"url" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource" : "CONFIRM",
"url" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name" : "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&rev=32987&r1=31859&dir_pagestart=200",
"refsource" : "CONFIRM",
"url" : "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&rev=32987&r1=31859&dir_pagestart=200"
},
{
"name" : "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&dir_pagestart=200&view=log",
"refsource" : "CONFIRM",
"url" : "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&dir_pagestart=200&view=log"
},
{
"name" : "https://gna.org/bugs/index.php?13031",
"refsource" : "CONFIRM",
"url" : "https://gna.org/bugs/index.php?13031"
},
{
"name" : "wesnoth-readgamemap-dos(49294)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://launchpad.net/bugs/336396",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/336396"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
},
{
"name": "wesnoth-readgamemap-dos(49294)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49294"
},
{
"name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
"refsource": "CONFIRM",
"url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&rev=32987&r1=31859&dir_pagestart=200",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&rev=32987&r1=31859&dir_pagestart=200"
},
{
"name": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&dir_pagestart=200&view=log",
"refsource": "CONFIRM",
"url": "http://svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&dir_pagestart=200&view=log"
},
{
"name": "https://gna.org/bugs/index.php?13031",
"refsource": "CONFIRM",
"url": "https://gna.org/bugs/index.php?13031"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}

260
2009/1xxx/CVE-2009-1355.json
View File

@ -1,132 +1,132 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1355",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20090415 IBM AIX muxatmd Buffer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=784"
},
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/muxatmd_advisory.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/muxatmd_advisory.asc"
},
{
"name" : "IZ48495",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48495"
},
{
"name" : "IZ48496",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48496"
},
{
"name" : "IZ48499",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48499"
},
{
"name" : "IZ48500",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48500"
},
{
"name" : "IZ48501",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48501"
},
{
"name" : "IZ48502",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48502"
},
{
"name" : "IZ48561",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48561"
},
{
"name" : "IZ48562",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ48562"
},
{
"name" : "34543",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34543"
},
{
"name" : "oval:org.mitre.oval:def:6402",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6402"
},
{
"name" : "1022065",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022065"
},
{
"name" : "34662",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34662"
},
{
"name" : "ADV-2009-1056",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1056"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1056"
},
{
"name": "IZ48495",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48495"
},
{
"name": "IZ48561",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48561"
},
{
"name": "IZ48501",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48501"
},
{
"name": "1022065",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022065"
},
{
"name": "IZ48502",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48502"
},
{
"name": "34543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34543"
},
{
"name": "34662",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34662"
},
{
"name": "20090415 IBM AIX muxatmd Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=784"
},
{
"name": "http://aix.software.ibm.com/aix/efixes/security/muxatmd_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/muxatmd_advisory.asc"
},
{
"name": "IZ48496",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48496"
},
{
"name": "IZ48500",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48500"
},
{
"name": "IZ48499",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48499"
},
{
"name": "oval:org.mitre.oval:def:6402",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6402"
},
{
"name": "IZ48562",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ48562"
}
]
}
}

260
2009/1xxx/CVE-2009-1959.json
View File

@ -1,132 +1,132 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1959",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20090529 CVE Request (irssi)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/05/29/3"
},
{
"name" : "http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/",
"refsource" : "MISC",
"url" : "http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/"
},
{
"name" : "http://bugs.irssi.org/index.php?do=details&task_id=662",
"refsource" : "CONFIRM",
"url" : "http://bugs.irssi.org/index.php?do=details&task_id=662"
},
{
"name" : "http://www.irssi.org/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://www.irssi.org/ChangeLog"
},
{
"name" : "FEDORA-2009-7012",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00146.html"
},
{
"name" : "MDVSA-2009:133",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:133"
},
{
"name" : "SUSE-SR:2009:012",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name" : "USN-800-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-800-1"
},
{
"name" : "35399",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35399"
},
{
"name" : "1022410",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022410"
},
{
"name" : "35685",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35685"
},
{
"name" : "35812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35812"
},
{
"name" : "36152",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36152"
},
{
"name" : "ADV-2009-1596",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1596"
},
{
"name" : "irssi-eventwallops-dos(51184)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51184"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/"
},
{
"name": "1022410",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022410"
},
{
"name": "[oss-security] 20090529 CVE Request (irssi)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/05/29/3"
},
{
"name": "35399",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35399"
},
{
"name": "http://www.irssi.org/ChangeLog",
"refsource": "CONFIRM",
"url": "http://www.irssi.org/ChangeLog"
},
{
"name": "FEDORA-2009-7012",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00146.html"
},
{
"name": "http://bugs.irssi.org/index.php?do=details&task_id=662",
"refsource": "CONFIRM",
"url": "http://bugs.irssi.org/index.php?do=details&task_id=662"
},
{
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1596",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1596"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "USN-800-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-800-1"
},
{
"name": "35812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35812"
},
{
"name": "MDVSA-2009:133",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:133"
},
{
"name": "irssi-eventwallops-dos(51184)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51184"
},
{
"name": "36152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36152"
}
]
}
}

140
2009/3xxx/CVE-2009-3362.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3362",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in printnews.php3 in SZNews 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/0909-exploits/sznews-rfi.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0909-exploits/sznews-rfi.txt"
},
{
"name" : "57986",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/57986"
},
{
"name" : "36699",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36699"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in printnews.php3 in SZNews 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57986",
"refsource": "OSVDB",
"url": "http://osvdb.org/57986"
},
{
"name": "http://packetstormsecurity.org/0909-exploits/sznews-rfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0909-exploits/sznews-rfi.txt"
},
{
"name": "36699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36699"
}
]
}
}

140
2009/3xxx/CVE-2009-3424.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3424",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) is_projectPath parameter to includes/InstantSite/inc.is_root.php; GLOBALS[thCMS_root] parameter to (2) classes/class.Tree.php, (3) includes/inc.thcms_admin_mediamanager.php, and (4) modul/mod.rssreader.php; is_path parameter to (5) class.tasklist.php, (6) class.thcms.php, (7) class.thcms_content.php, (8) class.thcms_modul_parent.php, (9) class.thcms_page.php, and (10) class.thcsm_user.php in classes/; and (11) includes/InstantSite/class.Tree.php; and thCMS_root parameter to (12) classes/class.thcms_modul.php; (13) inc.page_edit_tasklist.php, (14) inc.thcms_admin_overview_backup.php, and (15) inc.thcms_edit_content.php in includes/; and (16) class.thcms_modul_parent_xml.php, (17) mod.cmstranslator.php, (18) mod.download.php, (19) mod.faq.php, (20) mod.guestbook.php, (21) mod.html.php, (22) mod.menu.php, (23) mod.news.php, (24) mod.newsticker.php, (25) mod.rss.php, (26) mod.search.php, (27) mod.sendtofriend.php, (28) mod.sitemap.php, (29) mod.tagdoc.php, (30) mod.template.php, (31) mod.test.php, (32) mod.text.php, (33) mod.upload.php, and (34) mod.users.php in modul/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "9322",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9322"
},
{
"name" : "36105",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36105"
},
{
"name" : "ADV-2009-2136",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2136"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) is_projectPath parameter to includes/InstantSite/inc.is_root.php; GLOBALS[thCMS_root] parameter to (2) classes/class.Tree.php, (3) includes/inc.thcms_admin_mediamanager.php, and (4) modul/mod.rssreader.php; is_path parameter to (5) class.tasklist.php, (6) class.thcms.php, (7) class.thcms_content.php, (8) class.thcms_modul_parent.php, (9) class.thcms_page.php, and (10) class.thcsm_user.php in classes/; and (11) includes/InstantSite/class.Tree.php; and thCMS_root parameter to (12) classes/class.thcms_modul.php; (13) inc.page_edit_tasklist.php, (14) inc.thcms_admin_overview_backup.php, and (15) inc.thcms_edit_content.php in includes/; and (16) class.thcms_modul_parent_xml.php, (17) mod.cmstranslator.php, (18) mod.download.php, (19) mod.faq.php, (20) mod.guestbook.php, (21) mod.html.php, (22) mod.menu.php, (23) mod.news.php, (24) mod.newsticker.php, (25) mod.rss.php, (26) mod.search.php, (27) mod.sendtofriend.php, (28) mod.sitemap.php, (29) mod.tagdoc.php, (30) mod.template.php, (31) mod.test.php, (32) mod.text.php, (33) mod.upload.php, and (34) mod.users.php in modul/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36105"
},
{
"name": "9322",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9322"
},
{
"name": "ADV-2009-2136",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2136"
}
]
}
}

220
2009/3xxx/CVE-2009-3894.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3894",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3894",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=293497",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=293497"
},
{
"name" : "http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=538459",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=538459"
},
{
"name" : "GLSA-200911-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200911-04.xml"
},
{
"name" : "MDVSA-2009:341",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:341"
},
{
"name" : "RHSA-2009:1619",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1619.html"
},
{
"name" : "37131",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37131"
},
{
"name" : "60511",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/60511"
},
{
"name" : "oval:org.mitre.oval:def:8969",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8969"
},
{
"name" : "37445",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37445"
},
{
"name" : "37457",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37457"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200911-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-04.xml"
},
{
"name": "60511",
"refsource": "OSVDB",
"url": "http://osvdb.org/60511"
},
{
"name": "MDVSA-2009:341",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:341"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=293497",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=293497"
},
{
"name": "http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog",
"refsource": "CONFIRM",
"url": "http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog"
},
{
"name": "37445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37445"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=538459",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=538459"
},
{
"name": "RHSA-2009:1619",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1619.html"
},
{
"name": "37131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37131"
},
{
"name": "37457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37457"
},
{
"name": "oval:org.mitre.oval:def:8969",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8969"
}
]
}
}

380
2009/3xxx/CVE-2009-3984.json
View File

@ -1,192 +1,192 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3984",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-69.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-69.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=521461",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=521461"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=546722",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=546722"
},
{
"name" : "DSA-1956",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1956"
},
{
"name" : "FEDORA-2009-13333",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html"
},
{
"name" : "FEDORA-2009-13362",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html"
},
{
"name" : "FEDORA-2009-13366",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html"
},
{
"name" : "RHSA-2009:1673",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1673.html"
},
{
"name" : "RHSA-2009:1674",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1674.html"
},
{
"name" : "SUSE-SA:2009:063",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2009_63_firefox.html"
},
{
"name" : "USN-873-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-873-1"
},
{
"name" : "USN-874-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-874-1"
},
{
"name" : "37349",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37349"
},
{
"name" : "37367",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37367"
},
{
"name" : "oval:org.mitre.oval:def:8379",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8379"
},
{
"name" : "oval:org.mitre.oval:def:9791",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9791"
},
{
"name" : "1023342",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023342"
},
{
"name" : "1023343",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023343"
},
{
"name" : "37699",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37699"
},
{
"name" : "37703",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37703"
},
{
"name" : "37704",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37704"
},
{
"name" : "37785",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37785"
},
{
"name" : "37813",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37813"
},
{
"name" : "37856",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37856"
},
{
"name" : "37881",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37881"
},
{
"name" : "ADV-2009-3547",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3547"
},
{
"name" : "firefox-documentlocation-ssl-spoofing(54806)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54806"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023343",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023343"
},
{
"name": "37704",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37704"
},
{
"name": "37699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37699"
},
{
"name": "oval:org.mitre.oval:def:8379",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8379"
},
{
"name": "1023342",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023342"
},
{
"name": "ADV-2009-3547",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3547"
},
{
"name": "37703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37703"
},
{
"name": "37881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37881"
},
{
"name": "FEDORA-2009-13362",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html"
},
{
"name": "37785",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37785"
},
{
"name": "USN-874-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-874-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=546722",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546722"
},
{
"name": "37813",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37813"
},
{
"name": "FEDORA-2009-13333",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html"
},
{
"name": "USN-873-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-873-1"
},
{
"name": "37349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37349"
},
{
"name": "RHSA-2009:1674",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1674.html"
},
{
"name": "FEDORA-2009-13366",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html"
},
{
"name": "firefox-documentlocation-ssl-spoofing(54806)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54806"
},
{
"name": "DSA-1956",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1956"
},
{
"name": "http://www.mozilla.org/security/announce/2009/mfsa2009-69.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-69.html"
},
{
"name": "37856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37856"
},
{
"name": "RHSA-2009:1673",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1673.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=521461",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=521461"
},
{
"name": "SUSE-SA:2009:063",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2009_63_firefox.html"
},
{
"name": "oval:org.mitre.oval:def:9791",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9791"
},
{
"name": "37367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37367"
}
]
}
}

160
2009/4xxx/CVE-2009-4090.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4090",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in ajax/addComment.php in telepark.wiki 2.4.23 and earlier script allows remote attackers to execute arbitrary code by uploading a file with a name containing a NULL byte."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/0911-exploits/Telepark-fixes-nov09-2.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0911-exploits/Telepark-fixes-nov09-2.txt"
},
{
"name" : "http://blog.telepark.com/telepark-web-software/2009/11/09/telepark-wiki-security-fixes/",
"refsource" : "CONFIRM",
"url" : "http://blog.telepark.com/telepark-web-software/2009/11/09/telepark-wiki-security-fixes/"
},
{
"name" : "60219",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/60219"
},
{
"name" : "37391",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37391"
},
{
"name" : "teleparkwiki-addcomment-file-upload(54294)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54294"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted file upload vulnerability in ajax/addComment.php in telepark.wiki 2.4.23 and earlier script allows remote attackers to execute arbitrary code by uploading a file with a name containing a NULL byte."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.telepark.com/telepark-web-software/2009/11/09/telepark-wiki-security-fixes/",
"refsource": "CONFIRM",
"url": "http://blog.telepark.com/telepark-web-software/2009/11/09/telepark-wiki-security-fixes/"
},
{
"name": "60219",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/60219"
},
{
"name": "37391",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37391"
},
{
"name": "teleparkwiki-addcomment-file-upload(54294)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54294"
},
{
"name": "http://packetstormsecurity.org/0911-exploits/Telepark-fixes-nov09-2.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0911-exploits/Telepark-fixes-nov09-2.txt"
}
]
}
}

34
2009/4xxx/CVE-2009-4485.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4485",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2009-4485",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none."
}
]
}
}

490
2009/4xxx/CVE-2009-4536.json
View File

@ -1,247 +1,247 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4536",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4536",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/12/28/1"
},
{
"name" : "[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/12/29/2"
},
{
"name" : "[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/12/31/1"
},
{
"name" : "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/",
"refsource" : "MISC",
"url" : "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/"
},
{
"name" : "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html",
"refsource" : "MISC",
"url" : "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html"
},
{
"name" : "http://marc.info/?t=126203102000001&r=1&w=2",
"refsource" : "CONFIRM",
"url" : "http://marc.info/?t=126203102000001&r=1&w=2"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=552126",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=552126"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name" : "DSA-1996",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-1996"
},
{
"name" : "DSA-2005",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2005"
},
{
"name" : "FEDORA-2010-1787",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name" : "RHSA-2010:0019",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0019.html"
},
{
"name" : "RHSA-2010:0020",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0020.html"
},
{
"name" : "RHSA-2010:0041",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
},
{
"name" : "RHSA-2010:0095",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name" : "RHSA-2010:0111",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0111.html"
},
{
"name" : "RHSA-2010:0053",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0053.html"
},
{
"name" : "RHSA-2010:0882",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
},
{
"name" : "SUSE-SA:2010:012",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
},
{
"name" : "SUSE-SA:2010:013",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
},
{
"name" : "SUSE-SA:2010:010",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html"
},
{
"name" : "SUSE-SA:2010:005",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html"
},
{
"name" : "SUSE-SA:2010:007",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html"
},
{
"name" : "SUSE-SA:2010:014",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html"
},
{
"name" : "37519",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37519"
},
{
"name" : "oval:org.mitre.oval:def:10607",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607"
},
{
"name" : "oval:org.mitre.oval:def:7453",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453"
},
{
"name" : "oval:org.mitre.oval:def:12440",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440"
},
{
"name" : "oval:org.mitre.oval:def:13226",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226"
},
{
"name" : "1023420",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023420"
},
{
"name" : "35265",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35265"
},
{
"name" : "38031",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38031"
},
{
"name" : "38492",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38492"
},
{
"name" : "38276",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38276"
},
{
"name" : "38296",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38296"
},
{
"name" : "38610",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38610"
},
{
"name" : "38779",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38779"
},
{
"name" : "kernel-e1000main-security-bypass(55648)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55648"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35265"
},
{
"name": "38276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38276"
},
{
"name": "http://marc.info/?t=126203102000001&r=1&w=2",
"refsource": "CONFIRM",
"url": "http://marc.info/?t=126203102000001&r=1&w=2"
},
{
"name": "1023420",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023420"
},
{
"name": "oval:org.mitre.oval:def:13226",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226"
},
{
"name": "SUSE-SA:2010:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html"
},
{
"name": "RHSA-2010:0111",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0111.html"
},
{
"name": "38779",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38779"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=552126",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=552126"
},
{
"name": "oval:org.mitre.oval:def:12440",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440"
},
{
"name": "oval:org.mitre.oval:def:10607",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607"
},
{
"name": "38296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38296"
},
{
"name": "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/",
"refsource": "MISC",
"url": "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/"
},
{
"name": "SUSE-SA:2010:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
},
{
"name": "RHSA-2010:0053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0053.html"
},
{
"name": "SUSE-SA:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html"
},
{
"name": "RHSA-2010:0882",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
},
{
"name": "kernel-e1000main-security-bypass(55648)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55648"
},
{
"name": "DSA-1996",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1996"
},
{
"name": "RHSA-2010:0019",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0019.html"
},
{
"name": "[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/28/1"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "FEDORA-2010-1787",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name": "37519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37519"
},
{
"name": "[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/29/2"
},
{
"name": "SUSE-SA:2010:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
},
{
"name": "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "SUSE-SA:2010:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html"
},
{
"name": "[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/31/1"
},
{
"name": "RHSA-2010:0020",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0020.html"
},
{
"name": "38031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38031"
},
{
"name": "38610",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38610"
},
{
"name": "oval:org.mitre.oval:def:7453",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "SUSE-SA:2010:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html"
},
{
"name": "RHSA-2010:0041",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
},
{
"name": "38492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38492"
}
]
}
}

150
2009/4xxx/CVE-2009-4750.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4750",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.packetstormsecurity.org/0907-exploits/toppaidmailer-rfi.txt",
"refsource" : "MISC",
"url" : "http://www.packetstormsecurity.org/0907-exploits/toppaidmailer-rfi.txt"
},
{
"name" : "55797",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/55797"
},
{
"name" : "35723",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35723"
},
{
"name" : "toppaidmailer-home-file-include(51661)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51661"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35723",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35723"
},
{
"name": "toppaidmailer-home-file-include(51661)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51661"
},
{
"name": "http://www.packetstormsecurity.org/0907-exploits/toppaidmailer-rfi.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0907-exploits/toppaidmailer-rfi.txt"
},
{
"name": "55797",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/55797"
}
]
}
}

180
2012/2xxx/CVE-2012-2277.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2277",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \\n (line feed) characters in the Id fields of many \"batch begin untethered\" commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-2277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20120510 ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/522682"
},
{
"name" : "18734",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18734"
},
{
"name" : "http://aluigi.org/adv/irm_1-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/irm_1-adv.txt"
},
{
"name" : "53475",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53475"
},
{
"name" : "1027058",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027058"
},
{
"name" : "48690",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48690"
},
{
"name" : "emc-documentum-dos(75554)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75554"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \\n (line feed) characters in the Id fields of many \"batch begin untethered\" commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120510 ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522682"
},
{
"name": "48690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48690"
},
{
"name": "18734",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18734"
},
{
"name": "53475",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53475"
},
{
"name": "http://aluigi.org/adv/irm_1-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/irm_1-adv.txt"
},
{
"name": "1027058",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027058"
},
{
"name": "emc-documentum-dos(75554)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75554"
}
]
}
}

34
2012/2xxx/CVE-2012-2485.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2485",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2485",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2012/2xxx/CVE-2012-2704.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2704",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access to debug information, which allows remote attackers to obtain sensitive site configuration information that is specified by the $conf variable in settings.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"name" : "http://drupal.org/node/1585544",
"refsource" : "MISC",
"url" : "http://drupal.org/node/1585544"
},
{
"name" : "http://drupalcode.org/project/ad.git/commitdiff/c2ffab2",
"refsource" : "CONFIRM",
"url" : "http://drupalcode.org/project/ad.git/commitdiff/c2ffab2"
},
{
"name" : "https://drupal.org/node/1580376",
"refsource" : "CONFIRM",
"url" : "https://drupal.org/node/1580376"
},
{
"name" : "advertisement-settings-info-disclosure(75719)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75719"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access to debug information, which allows remote attackers to obtain sensitive site configuration information that is specified by the $conf variable in settings.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://drupal.org/node/1585544",
"refsource": "MISC",
"url": "http://drupal.org/node/1585544"
},
{
"name": "http://drupalcode.org/project/ad.git/commitdiff/c2ffab2",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/ad.git/commitdiff/c2ffab2"
},
{
"name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"name": "advertisement-settings-info-disclosure(75719)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75719"
},
{
"name": "https://drupal.org/node/1580376",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/1580376"
}
]
}
}

120
2012/2xxx/CVE-2012-2986.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2986",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "VU#441363",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/441363"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#441363",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/441363"
}
]
}
}

140
2012/6xxx/CVE-2012-6040.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6040",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in users.php in File King Advanced File Management 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/files/view/108466/afm134-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/view/108466/afm134-xss.txt"
},
{
"name" : "51339",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51339"
},
{
"name" : "advancedfilemanagement-users-xss(72275)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72275"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in users.php in File King Advanced File Management 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/view/108466/afm134-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/108466/afm134-xss.txt"
},
{
"name": "advancedfilemanagement-users-xss(72275)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72275"
},
{
"name": "51339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51339"
}
]
}
}

190
2015/0xxx/CVE-2015-0342.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0342",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0341."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-0342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-05.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-05.html"
},
{
"name" : "GLSA-201503-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201503-09"
},
{
"name" : "RHSA-2015:0697",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0697.html"
},
{
"name" : "SUSE-SU-2015:0491",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00015.html"
},
{
"name" : "SUSE-SU-2015:0493",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00016.html"
},
{
"name" : "openSUSE-SU-2015:0490",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00014.html"
},
{
"name" : "openSUSE-SU-2015:0496",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00017.html"
},
{
"name" : "1031922",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031922"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0341."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:0490",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00014.html"
},
{
"name": "GLSA-201503-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-09"
},
{
"name": "1031922",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031922"
},
{
"name": "SUSE-SU-2015:0493",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00016.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-05.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-05.html"
},
{
"name": "openSUSE-SU-2015:0496",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00017.html"
},
{
"name": "RHSA-2015:0697",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0697.html"
},
{
"name": "SUSE-SU-2015:0491",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00015.html"
}
]
}
}

34
2015/1xxx/CVE-2015-1185.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1185",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1185",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2015/1xxx/CVE-2015-1379.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1379",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"name" : "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name" : "http://www.dest-unreach.org/socat/",
"refsource" : "CONFIRM",
"url" : "http://www.dest-unreach.org/socat/"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1185711",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
},
{
"name" : "72321",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72321"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.dest-unreach.org/socat/",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
]
}
}

120
2015/1xxx/CVE-2015-1555.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1555",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows remote attackers to create valid sessions without using session validators."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://framework.zend.com/security/advisory/ZF2015-01",
"refsource" : "CONFIRM",
"url" : "http://framework.zend.com/security/advisory/ZF2015-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows remote attackers to create valid sessions without using session validators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://framework.zend.com/security/advisory/ZF2015-01",
"refsource": "CONFIRM",
"url": "http://framework.zend.com/security/advisory/ZF2015-01"
}
]
}
}

140
2015/1xxx/CVE-2015-1765.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1765",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-1765",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-056",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056"
},
{
"name" : "74994",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74994"
},
{
"name" : "1032521",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032521"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74994"
},
{
"name": "MS15-056",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056"
},
{
"name": "1032521",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032521"
}
]
}
}

150
2015/5xxx/CVE-2015-5018.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5018",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-5018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970510",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"name" : "IV78768",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"name" : "IV78780",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"name" : "1034560",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034560"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV78768",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"name": "IV78780",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"name": "1034560",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034560"
}
]
}
}

140
2015/5xxx/CVE-2015-5640.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5640",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-5640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://basercms.net/security/JVN04855224",
"refsource" : "CONFIRM",
"url" : "http://basercms.net/security/JVN04855224"
},
{
"name" : "JVN#04855224",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN04855224/index.html"
},
{
"name" : "JVNDB-2015-000138",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000138"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN04855224",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN04855224"
},
{
"name": "JVNDB-2015-000138",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000138"
},
{
"name": "JVN#04855224",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN04855224/index.html"
}
]
}
}

120
2018/11xxx/CVE-2018-11624.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11624",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1149",
"refsource" : "MISC",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/1149"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/1149",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1149"
}
]
}
}

34
2018/11xxx/CVE-2018-11668.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11668",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11668",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

142
2018/3xxx/CVE-2018-3089.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-3089",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "VM VirtualBox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "5.2.16"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VM VirtualBox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.2.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name" : "104764",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104764"
},
{
"name" : "1041296",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041296"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "104764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104764"
},
{
"name": "1041296",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041296"
}
]
}
}

142
2018/3xxx/CVE-2018-3295.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-3295",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "VM VirtualBox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "5.2.20"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VM VirtualBox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.2.20"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "105619",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105619"
},
{
"name" : "1041887",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041887"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "1041887",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041887"
},
{
"name": "105619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105619"
}
]
}
}

122
2018/3xxx/CVE-2018-3563.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2018-3563",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : {
"version_data" : [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted Pointer Dereference in Audio"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2018-3563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted Pointer Dereference in Audio"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
}
]
}
}

34
2018/3xxx/CVE-2018-3583.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-3583",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3583",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

122
2018/3xxx/CVE-2018-3751.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-05-24T00:00:00",
"ID" : "CVE-2018-3751",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The utilities function in all versions <= 0.3.0 of the merge-recursive node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-05-24T00:00:00",
"ID": "CVE-2018-3751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://hackerone.com/reports/311337",
"refsource" : "MISC",
"url" : "https://hackerone.com/reports/311337"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The utilities function in all versions <= 0.3.0 of the merge-recursive node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/311337",
"refsource": "MISC",
"url": "https://hackerone.com/reports/311337"
}
]
}
}

34
2018/7xxx/CVE-2018-7861.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7861",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-7861",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}
}

34
2018/8xxx/CVE-2018-8055.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8055",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8055",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

166
2018/8xxx/CVE-2018-8141.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8141",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Windows 10",
"version" : {
"version_data" : [
{
"version_value" : "Version 1709 for 32-bit Systems"
},
{
"version_value" : "Version 1709 for x64-based Systems"
}
]
}
},
{
"product_name" : "Windows 10 Servers",
"version" : {
"version_data" : [
{
"version_value" : "version 1709 (Server Core Installation)"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8127."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows 10",
"version": {
"version_data": [
{
"version_value": "Version 1709 for 32-bit Systems"
},
{
"version_value": "Version 1709 for x64-based Systems"
}
]
}
},
{
"product_name": "Windows 10 Servers",
"version": {
"version_data": [
{
"version_value": "version 1709 (Server Core Installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8141",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8141"
},
{
"name" : "104078",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104078"
},
{
"name" : "1040849",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040849"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8127."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040849"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8141",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8141"
},
{
"name": "104078",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104078"
}
]
}
}

292
2018/8xxx/CVE-2018-8260.json
View File

@ -1,148 +1,148 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8260",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : ".NET Framework",
"version" : {
"version_data" : [
{
"version_value" : "4.7.2 Developer Pack"
}
]
}
},
{
"product_name" : "Microsoft .NET Framework",
"version" : {
"version_data" : [
{
"version_value" : "4.7.2 on Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value" : "4.7.2 on Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value" : "4.7.2 on Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value" : "4.7.2 on Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value" : "4.7.2 on Windows 8.1 for 32-bit systems"
},
{
"version_value" : "4.7.2 on Windows 8.1 for x64-based systems"
},
{
"version_value" : "4.7.2 on Windows RT 8.1"
},
{
"version_value" : "4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value" : "4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
},
{
"version_value" : "4.7.2 on Windows Server 2012"
},
{
"version_value" : "4.7.2 on Windows Server 2012 (Server Core installation)"
},
{
"version_value" : "4.7.2 on Windows Server 2012 R2"
},
{
"version_value" : "4.7.2 on Windows Server 2012 R2 (Server Core installation)"
},
{
"version_value" : "4.7.2 on Windows Server 2016"
},
{
"version_value" : "4.7.2 on Windows Server 2016 (Server Core installation)"
},
{
"version_value" : "4.7.2 on Windows Server, version 1709 (Server Core Installation)"
},
{
"version_value" : "4.7.2 on Windows Server, version 1803 (Server Core Installation)"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka \".NET Framework Remote Code Execution Vulnerability.\" This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": ".NET Framework",
"version": {
"version_data": [
{
"version_value": "4.7.2 Developer Pack"
}
]
}
},
{
"product_name": "Microsoft .NET Framework",
"version": {
"version_data": [
{
"version_value": "4.7.2 on Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "4.7.2 on Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "4.7.2 on Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "4.7.2 on Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "4.7.2 on Windows 8.1 for 32-bit systems"
},
{
"version_value": "4.7.2 on Windows 8.1 for x64-based systems"
},
{
"version_value": "4.7.2 on Windows RT 8.1"
},
{
"version_value": "4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
},
{
"version_value": "4.7.2 on Windows Server 2012"
},
{
"version_value": "4.7.2 on Windows Server 2012 (Server Core installation)"
},
{
"version_value": "4.7.2 on Windows Server 2012 R2"
},
{
"version_value": "4.7.2 on Windows Server 2012 R2 (Server Core installation)"
},
{
"version_value": "4.7.2 on Windows Server 2016"
},
{
"version_value": "4.7.2 on Windows Server 2016 (Server Core installation)"
},
{
"version_value": "4.7.2 on Windows Server, version 1709 (Server Core Installation)"
},
{
"version_value": "4.7.2 on Windows Server, version 1803 (Server Core Installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260"
},
{
"name" : "104666",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104666"
},
{
"name" : "1041257",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041257"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka \".NET Framework Remote Code Execution Vulnerability.\" This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104666"
},
{
"name": "1041257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041257"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260"
}
]
}
}

34
2018/8xxx/CVE-2018-8528.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8528",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8528",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2018/8xxx/CVE-2018-8980.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8980",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8980",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}