admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:34:14 +00:00
parent fb081b527f
commit b9afb41c85
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3511 additions and 3511 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2002/0xxx/CVE-2002-0155.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0155", "ID": "CVE-2002-0155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020508 ADVISORY: MSN Messenger OCX Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=102089960531919&w=2" "lang": "eng",
}, "value": "Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX."
{ }
"name" : "MS02-022", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CA-2002-13", "description": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-2002-13.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "msn-chatcontrol-resdll-bo(9041)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/9041.php" ]
}, },
{ "references": {
"name" : "4707", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4707" "name": "4707",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/4707"
} },
} {
"name": "CA-2002-13",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-13.html"
},
{
"name": "MS02-022",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-022"
},
{
"name": "msn-chatcontrol-resdll-bo(9041)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9041.php"
},
{
"name": "20020508 ADVISORY: MSN Messenger OCX Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=102089960531919&w=2"
}
]
}
}

140
2002/0xxx/CVE-2002-0537.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0537", "ID": "CVE-2002-0537",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020411 SWS Vuln (small but important to those using it.)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html" "lang": "eng",
}, "value": "The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS."
{ }
"name" : "sws-insecure-admin-page(8849)", ]
"refsource" : "XF", },
"url" : "http://www.iss.net/security_center/static/8849.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4503", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4503" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "sws-insecure-admin-page(8849)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8849.php"
},
{
"name": "4503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4503"
},
{
"name": "20020411 SWS Vuln (small but important to those using it.)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html"
}
]
}
}

130
2002/0xxx/CVE-2002-0957.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0957", "ID": "CVE-2002-0957",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020619 [VulnWatch] KPMG-2002023: BlackICE Agent Temporary Memory Buildup", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0114.html" "lang": "eng",
}, "value": "The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user."
{ }
"name" : "blackice-excessive-memory-consumption(9405)", ]
"refsource" : "XF", },
"url" : "http://www.iss.net/security_center/static/9405.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "blackice-excessive-memory-consumption(9405)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9405.php"
},
{
"name": "20020619 [VulnWatch] KPMG-2002023: BlackICE Agent Temporary Memory Buildup",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0114.html"
}
]
}
}

150
2002/2xxx/CVE-2002-2019.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2019", "ID": "CVE-2002-2019",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020616 PHP source injection in osCommerce", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-06/0188.html" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter."
{ }
"name" : "http://www.oscommerce.com/about.php/news,72", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oscommerce.com/about.php/news,72" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "5037", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/5037" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oscommerce-include-remote-files(9369)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/9369.php" ]
} },
] "references": {
} "reference_data": [
} {
"name": "5037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5037"
},
{
"name": "20020616 PHP source injection in osCommerce",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0188.html"
},
{
"name": "http://www.oscommerce.com/about.php/news,72",
"refsource": "CONFIRM",
"url": "http://www.oscommerce.com/about.php/news,72"
},
{
"name": "oscommerce-include-remote-files(9369)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9369.php"
}
]
}
}

150
2002/2xxx/CVE-2002-2316.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2316", "ID": "CVE-2002-2316",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020520 Catalyst 4000", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-05/0190.html" "lang": "eng",
}, "value": "Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing."
{ }
"name" : "20020618 Re: Catalyst 4000 - Cisco's Response", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-06/0209.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4790", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4790" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cisco-catalyst-unicast-traffic(9148)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/9148.php" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20020618 Re: Catalyst 4000 - Cisco's Response",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0209.html"
},
{
"name": "4790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4790"
},
{
"name": "cisco-catalyst-unicast-traffic(9148)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9148.php"
},
{
"name": "20020520 Catalyst 4000",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0190.html"
}
]
}
}

140
2002/2xxx/CVE-2002-2387.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2387", "ID": "CVE-2002-2387",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20021112 [SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0069.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command."
{ }
"name" : "http://www.mollensoft.com/news.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mollensoft.com/news.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "hyperion-dotdot-directory-traversal(10599)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/10599.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20021112 [SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0069.html"
},
{
"name": "hyperion-dotdot-directory-traversal(10599)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10599.php"
},
{
"name": "http://www.mollensoft.com/news.htm",
"refsource": "CONFIRM",
"url": "http://www.mollensoft.com/news.htm"
}
]
}
}

380
2005/0xxx/CVE-2005-0605.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0605", "ID": "CVE-2005-0605",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.freedesktop.org/attachment.cgi?id=1909", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.freedesktop.org/attachment.cgi?id=1909" "lang": "eng",
}, "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
{ }
"name" : "APPLE-SA-2005-08-15", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2005-08-17", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-723", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2005/dsa-723" ]
}, },
{ "references": {
"name" : "FLSA-2006:152803", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html" "name": "RHSA-2005:331",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
"name" : "GLSA-200503-08", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200503-08.xml" "name": "RHSA-2005:412",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
"name" : "GLSA-200503-15", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml" "name": "1013339",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1013339"
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=83655", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=83655" "name": "18049",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18049"
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=83598", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=83598" "name": "20060403-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
"name" : "RHSA-2005:412", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-412.html" "name": "SCOSA-2006.5",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
"name" : "RHSA-2005:331", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-331.html" "name": "http://bugs.gentoo.org/show_bug.cgi?id=83598",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
"name" : "RHSA-2005:044", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-044.html" "name": "GLSA-200503-15",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
"name" : "RHSA-2005:198", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-198.html" "name": "DSA-723",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-723"
"name" : "RHSA-2005:473", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-473.html" "name": "19624",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19624"
"name" : "RHSA-2008:0261", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0261.html" "name": "https://bugs.freedesktop.org/attachment.cgi?id=1909",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
"name" : "20060403-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" "name": "APPLE-SA-2005-08-15",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
"name" : "USN-92-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/92-1/" "name": "18316",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18316"
"name" : "USN-97-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/97-1/" "name": "14460",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/14460"
"name" : "SCOSA-2005.57", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt" "name": "RHSA-2005:198",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
"name" : "SCOSA-2006.5", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt" "name": "FLSA-2006:152803",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
"name" : "12714", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12714" "name": "RHSA-2005:044",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
"name" : "oval:org.mitre.oval:def:10411", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411" "name": "GLSA-200503-08",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
"name" : "1013339", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013339" "name": "12714",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/12714"
"name" : "14460", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14460" "name": "RHSA-2008:0261",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
"name" : "18049", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18049" "name": "http://bugs.gentoo.org/show_bug.cgi?id=83655",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
"name" : "18316", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18316" "name": "RHSA-2005:473",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
"name" : "19624", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19624" "name": "APPLE-SA-2005-08-17",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
} },
} {
"name": "SCOSA-2005.57",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
},
{
"name": "USN-97-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/97-1/"
},
{
"name": "oval:org.mitre.oval:def:10411",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
},
{
"name": "USN-92-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/92-1/"
}
]
}
}

150
2005/0xxx/CVE-2005-0789.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0789", "ID": "CVE-2005-0789",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a magnet request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050314 LimeWire Gnutella client two vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111082448213238&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a magnet request."
{ }
"name" : "GLSA-200503-37", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-37.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14555", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14555/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "limewire-magnet-directory-traversal(19695)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19695" ]
} },
] "references": {
} "reference_data": [
} {
"name": "GLSA-200503-37",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-37.xml"
},
{
"name": "limewire-magnet-directory-traversal(19695)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19695"
},
{
"name": "14555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14555/"
},
{
"name": "20050314 LimeWire Gnutella client two vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111082448213238&w=2"
}
]
}
}

34
2005/1xxx/CVE-2005-1539.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1539", "ID": "CVE-2005-1539",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2005/1xxx/CVE-2005-1585.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1585", "ID": "CVE-2005-1585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) iCategory or (2) page parameter to index.php, or (3) iCategory parameter in the query string to the forum directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) iCategory or (2) page parameter to index.php, or (3) iCategory parameter in the query string to the forum directory."
{ }
"name" : "16326", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/16326" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15200", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15200" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html"
},
{
"name": "15200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15200"
},
{
"name": "16326",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16326"
}
]
}
}

150
2009/0xxx/CVE-2009-0061.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2009-0061", "ID": "CVE-2009-0061",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml" "lang": "eng",
}, "value": "Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets."
{ }
"name" : "33608", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/33608" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1021679", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021679" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33749", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/33749" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
},
{
"name": "33608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33608"
},
{
"name": "33749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33749"
},
{
"name": "1021679",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021679"
}
]
}
}

380
2009/0xxx/CVE-2009-0269.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0269", "ID": "CVE-2009-0269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded" "lang": "eng",
}, "value": "fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index."
{ }
"name" : "[ecryptfs-devel] 20081222 Re: [PATCH, v5] eCryptfs: check readlink result was not an error before using it", ]
"refsource" : "MLIST", },
"url" : "https://lists.launchpad.net/ecryptfs-devel/msg00010.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[ecryptfs-devel] 20081222 Re: [PATCH, v5] eCryptfs: check readlink result was not an error before using it", "description": [
"refsource" : "MLIST", {
"url" : "https://lists.launchpad.net/ecryptfs-devel/msg00011.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=a17d5232de7b53d34229de79ec22f4bb04adb7e4", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=a17d5232de7b53d34229de79ec22f4bb04adb7e4" ]
}, },
{ "references": {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1" "name": "35390",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35390"
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" "name": "34502",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34502"
"name" : "DSA-1749", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1749" "name": "RHSA-2009:0326",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0326.html"
"name" : "DSA-1787", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1787" "name": "MDVSA-2009:118",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118"
"name" : "MDVSA-2009:118", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118" "name": "SUSE-SA:2009:010",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html"
"name" : "RHSA-2009:0360", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0360.html" "name": "37471",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37471"
"name" : "RHSA-2009:0326", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0326.html" "name": "RHSA-2009:0360",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0360.html"
"name" : "SUSE-SA:2009:010", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html" "name": "[ecryptfs-devel] 20081222 Re: [PATCH, v5] eCryptfs: check readlink result was not an error before using it",
}, "refsource": "MLIST",
{ "url": "https://lists.launchpad.net/ecryptfs-devel/msg00010.html"
"name" : "SUSE-SA:2009:030", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html" "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
"name" : "SUSE-SA:2009:031", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html" "name": "DSA-1749",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1749"
"name" : "USN-751-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-751-1" "name": "33758",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33758"
"name" : "33412", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33412" "name": "SUSE-SA:2009:030",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
"name" : "oval:org.mitre.oval:def:8169", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169" "name": "USN-751-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-751-1"
"name" : "oval:org.mitre.oval:def:8944", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944" "name": "[ecryptfs-devel] 20081222 Re: [PATCH, v5] eCryptfs: check readlink result was not an error before using it",
}, "refsource": "MLIST",
{ "url": "https://lists.launchpad.net/ecryptfs-devel/msg00011.html"
"name" : "34394", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34394" "name": "oval:org.mitre.oval:def:8169",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169"
"name" : "33758", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33758" "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
"name" : "34502", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34502" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1"
"name" : "34981", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34981" "name": "SUSE-SA:2009:031",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
"name" : "35390", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35390" "name": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=a17d5232de7b53d34229de79ec22f4bb04adb7e4",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=a17d5232de7b53d34229de79ec22f4bb04adb7e4"
"name" : "35394", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35394" "name": "34981",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34981"
"name" : "37471", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37471" "name": "34394",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34394"
"name" : "ADV-2009-3316", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3316" "name": "DSA-1787",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1787"
"name" : "linux-kernel-readlink-bo(48188)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48188" "name": "linux-kernel-readlink-bo(48188)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48188"
} },
} {
"name": "oval:org.mitre.oval:def:8944",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944"
},
{
"name": "33412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33412"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "35394",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35394"
}
]
}
}

170
2009/0xxx/CVE-2009-0410.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0410", "ID": "CVE-2009-0410",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090202 ZDI-09-010: Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/500609/100/0/threaded" "lang": "eng",
}, "value": "Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-09-010/", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-09-010/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://download.novell.com/Download?buildid=GjZRRdqCFW0", "description": [
"refsource" : "CONFIRM", {
"url" : "http://download.novell.com/Download?buildid=GjZRRdqCFW0" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.novell.com/support/viewContent.do?externalId=7002502", ]
"refsource" : "CONFIRM", }
"url" : "http://www.novell.com/support/viewContent.do?externalId=7002502" ]
}, },
{ "references": {
"name" : "33560", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33560" "name": "33744",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33744"
"name" : "33744", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33744" "name": "http://download.novell.com/Download?buildid=GjZRRdqCFW0",
} "refsource": "CONFIRM",
] "url": "http://download.novell.com/Download?buildid=GjZRRdqCFW0"
} },
} {
"name": "http://www.novell.com/support/viewContent.do?externalId=7002502",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7002502"
},
{
"name": "33560",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33560"
},
{
"name": "20090202 ZDI-09-010: Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500609/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-010/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-010/"
}
]
}
}

140
2009/0xxx/CVE-2009-0570.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0570", "ID": "CVE-2009-0570",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8001", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8001" "lang": "eng",
}, "value": "Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "33648", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/33648" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33682", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33682" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "33682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33682"
},
{
"name": "8001",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8001"
},
{
"name": "33648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33648"
}
]
}
}

160
2009/0xxx/CVE-2009-0641.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0641", "ID": "CVE-2009-0641",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090214 FreeBSD zeroday", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2009-February/067954.html" "lang": "eng",
}, "value": "sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library."
{ }
"name" : "8055", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/8055" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FreeBSD-SA-09:05", "description": [
"refsource" : "FREEBSD", {
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33777", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/33777" ]
}, },
{ "references": {
"name" : "freebsd-telnet-ldpreload-code-execution(48780)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48780" "name": "FreeBSD-SA-09:05",
} "refsource": "FREEBSD",
] "url": "http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
} },
} {
"name": "freebsd-telnet-ldpreload-code-execution(48780)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48780"
},
{
"name": "33777",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33777"
},
{
"name": "20090214 FreeBSD zeroday",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2009-February/067954.html"
},
{
"name": "8055",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8055"
}
]
}
}

130
2009/0xxx/CVE-2009-0653.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0653", "ID": "CVE-2009-0653",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike" "lang": "eng",
}, "value": "OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970."
{ }
"name" : "https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf", ]
"refsource" : "MISC", },
"url" : "https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf",
"refsource": "MISC",
"url": "https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf"
},
{
"name": "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike"
}
]
}
}

190
2009/1xxx/CVE-2009-1176.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1176", "ID": "CVE-2009-1176",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090330 Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/502271/100/0/threaded" "lang": "eng",
}, "value": "mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action."
{ }
"name" : "[mapserver-users] 20090326 MapServer 5.2.2 and 4.10.4 released with security fixes", ]
"refsource" : "MLIST", },
"url" : "http://lists.osgeo.org/pipermail/mapserver-users/2009-March/060600.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.positronsecurity.com/advisories/2009-000.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.positronsecurity.com/advisories/2009-000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2009-3357", ]
"refsource" : "FEDORA", }
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00147.html" ]
}, },
{ "references": {
"name" : "FEDORA-2009-3383", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00170.html" "name": "http://www.positronsecurity.com/advisories/2009-000.html",
}, "refsource": "MISC",
{ "url": "http://www.positronsecurity.com/advisories/2009-000.html"
"name" : "34306", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34306" "name": "1021952",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1021952"
"name" : "1021952", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021952" "name": "20090330 Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/502271/100/0/threaded"
"name" : "34603", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34603" "name": "34603",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/34603"
} },
} {
"name": "FEDORA-2009-3383",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00170.html"
},
{
"name": "34306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34306"
},
{
"name": "FEDORA-2009-3357",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00147.html"
},
{
"name": "[mapserver-users] 20090326 MapServer 5.2.2 and 4.10.4 released with security fixes",
"refsource": "MLIST",
"url": "http://lists.osgeo.org/pipermail/mapserver-users/2009-March/060600.html"
}
]
}
}

190
2009/1xxx/CVE-2009-1427.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1427", "ID": "CVE-2009-1427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP-UX B.11.31 allows local users to cause a denial of service (system crash) via unknown vectors related to the ttrace system call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBUX02450", "description_data": [
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01832652" "lang": "eng",
}, "value": "Unspecified vulnerability in HP-UX B.11.31 allows local users to cause a denial of service (system crash) via unknown vectors related to the ttrace system call."
{ }
"name" : "SSRT090141", ]
"refsource" : "HP", },
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01832652" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36017", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36017" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:6215", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6215" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:19004", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19004" "name": "HPSBUX02450",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01832652"
"name" : "1022706", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022706" "name": "oval:org.mitre.oval:def:6215",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6215"
"name" : "36261", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36261" "name": "36261",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36261"
"name" : "ADV-2009-2230", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2230" "name": "SSRT090141",
} "refsource": "HP",
] "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01832652"
} },
} {
"name": "36017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36017"
},
{
"name": "1022706",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022706"
},
{
"name": "ADV-2009-2230",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2230"
},
{
"name": "oval:org.mitre.oval:def:19004",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19004"
}
]
}
}

160
2009/1xxx/CVE-2009-1616.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1616", "ID": "CVE-2009-1616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forum.coppermine-gallery.net/index.php/topic,59237.0.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://forum.coppermine-gallery.net/index.php/topic,59237.0.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505."
{ }
"name" : "http://forum.coppermine-gallery.net/index.php/topic,59247.0.html", ]
"refsource" : "CONFIRM", },
"url" : "http://forum.coppermine-gallery.net/index.php/topic,59247.0.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34782", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34782" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "54145", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/54145" ]
}, },
{ "references": {
"name" : "34961", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34961" "name": "34961",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/34961"
} },
} {
"name": "http://forum.coppermine-gallery.net/index.php/topic,59247.0.html",
"refsource": "CONFIRM",
"url": "http://forum.coppermine-gallery.net/index.php/topic,59247.0.html"
},
{
"name": "http://forum.coppermine-gallery.net/index.php/topic,59237.0.html",
"refsource": "CONFIRM",
"url": "http://forum.coppermine-gallery.net/index.php/topic,59237.0.html"
},
{
"name": "34782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34782"
},
{
"name": "54145",
"refsource": "OSVDB",
"url": "http://osvdb.org/54145"
}
]
}
}

250
2009/5xxx/CVE-2009-5138.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-5138", "ID": "CVE-2009-5138",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[gnutls-devel] 20090109 Re: gnutls fails to use Verisign CA cert without a Basic Constraint", "description_data": [
"refsource" : "MLIST", {
"url" : "http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351/focus=3361" "lang": "eng",
}, "value": "GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959."
{ }
"name" : "[oss-security] 20140225 Re: Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)", ]
"refsource" : "MLIST", },
"url" : "http://article.gmane.org/gmane.comp.security.oss.general/12223" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20140227 Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)", "description": [
"refsource" : "MLIST", {
"url" : "http://thread.gmane.org/gmane.comp.security.oss.general/12127" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069301", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069301" ]
}, },
{ "references": {
"name" : "https://gitorious.org/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://gitorious.org/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd" "name": "57321",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/57321"
"name" : "RHSA-2014:0247", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0247.html" "name": "57260",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/57260"
"name" : "SUSE-SU-2014:0319", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html" "name": "SUSE-SU-2014:0445",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00020.html"
"name" : "SUSE-SU-2014:0320", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html" "name": "57274",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/57274"
"name" : "SUSE-SU-2014:0322", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html" "name": "SUSE-SU-2014:0319",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html"
"name" : "SUSE-SU-2014:0445", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00020.html" "name": "[oss-security] 20140225 Re: Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)",
}, "refsource": "MLIST",
{ "url": "http://article.gmane.org/gmane.comp.security.oss.general/12223"
"name" : "57254", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57254" "name": "RHSA-2014:0247",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0247.html"
"name" : "57260", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57260" "name": "SUSE-SU-2014:0320",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html"
"name" : "57274", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57274" "name": "SUSE-SU-2014:0322",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html"
"name" : "57321", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57321" "name": "[gnutls-devel] 20090109 Re: gnutls fails to use Verisign CA cert without a Basic Constraint",
} "refsource": "MLIST",
] "url": "http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351/focus=3361"
} },
} {
"name": "https://gitorious.org/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd",
"refsource": "CONFIRM",
"url": "https://gitorious.org/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd"
},
{
"name": "57254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57254"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1069301",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1069301"
},
{
"name": "[oss-security] 20140227 Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)",
"refsource": "MLIST",
"url": "http://thread.gmane.org/gmane.comp.security.oss.general/12127"
}
]
}
}

140
2012/2xxx/CVE-2012-2177.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-2177", "ID": "CVE-2012-2177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626697", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626697" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24034373", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24034373" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "cognos-search-xss(75400)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75400" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "cognos-search-xss(75400)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75400"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24034373",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034373"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21626697",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21626697"
}
]
}
}

150
2012/2xxx/CVE-2012-2184.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-2184", "ID": "CVE-2012-2184",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21610081", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21610081" "lang": "eng",
}, "value": "Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors."
{ }
"name" : "IV19887", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV19887" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "50551", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50551" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ibm-maximo-session-fixation-iv19887(75780)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75780" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ibm-maximo-session-fixation-iv19887(75780)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75780"
},
{
"name": "IV19887",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV19887"
},
{
"name": "50551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50551"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21610081",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21610081"
}
]
}
}

120
2012/2xxx/CVE-2012-2294.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2012-2294", "ID": "CVE-2012-2294",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130131 ESA-2013-002: RSA Archer GRC Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-02/0001.html" "lang": "eng",
} "value": "EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130131 ESA-2013-002: RSA Archer GRC Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0001.html"
}
]
}
}

180
2012/2xxx/CVE-2012-2707.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2707", "ID": "CVE-2012-2707",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access restrictions and edit unauthorized nodes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3" "lang": "eng",
}, "value": "The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access restrictions and edit unauthorized nodes."
{ }
"name" : "http://drupal.org/node/1585678", ]
"refsource" : "MISC", },
"url" : "http://drupal.org/node/1585678" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://community.aegirproject.org/1.9", "description": [
"refsource" : "CONFIRM", {
"url" : "http://community.aegirproject.org/1.9" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://drupal.org/node/1585658", ]
"refsource" : "CONFIRM", }
"url" : "http://drupal.org/node/1585658" ]
}, },
{ "references": {
"name" : "http://drupalcode.org/project/hostmaster.git/commitdiff/8a61101", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupalcode.org/project/hostmaster.git/commitdiff/8a61101" "name": "hostmaster-node-security-bypass(75715)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75715"
"name" : "53588", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53588" "name": "http://drupal.org/node/1585678",
}, "refsource": "MISC",
{ "url": "http://drupal.org/node/1585678"
"name" : "hostmaster-node-security-bypass(75715)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75715" "name": "http://drupal.org/node/1585658",
} "refsource": "CONFIRM",
] "url": "http://drupal.org/node/1585658"
} },
} {
"name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"name": "http://community.aegirproject.org/1.9",
"refsource": "CONFIRM",
"url": "http://community.aegirproject.org/1.9"
},
{
"name": "http://drupalcode.org/project/hostmaster.git/commitdiff/8a61101",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/hostmaster.git/commitdiff/8a61101"
},
{
"name": "53588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53588"
}
]
}
}

170
2012/2xxx/CVE-2012-2799.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2799", "ID": "CVE-2012-2799",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the \"put bit buffer when num_saved_bits is reset.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/08/31/3" "lang": "eng",
}, "value": "Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the \"put bit buffer when num_saved_bits is reset.\""
{ }
"name" : "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/09/02/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ffmpeg.org/security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ffmpeg.org/security.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3", ]
"refsource" : "CONFIRM", }
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3" ]
}, },
{ "references": {
"name" : "55355", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55355" "name": "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/09/02/4"
"name" : "50468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50468" "name": "55355",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/55355"
} },
} {
"name": "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/3"
},
{
"name": "http://ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/security.html"
},
{
"name": "50468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50468"
},
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3"
}
]
}
}

34
2012/3xxx/CVE-2012-3059.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3059", "ID": "CVE-2012-3059",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2012/3xxx/CVE-2012-3474.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-3474", "ID": "CVE-2012-3474",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120809 Re: CVE request for Ushahidi", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2012/08/09/5" "lang": "eng",
}, "value": "The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call."
{ }
"name" : "https://github.com/ushahidi/Ushahidi_Web/commit/529f353", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/ushahidi/Ushahidi_Web/commit/529f353" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120809 Re: CVE request for Ushahidi",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/08/09/5"
},
{
"name": "https://github.com/ushahidi/Ushahidi_Web/commit/529f353",
"refsource": "CONFIRM",
"url": "https://github.com/ushahidi/Ushahidi_Web/commit/529f353"
}
]
}
}

160
2012/3xxx/CVE-2012-3538.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-3538", "ID": "CVE-2012-3538",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "RHSA-2012:1543", "description_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1543.html" "lang": "eng",
}, "value": "Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log."
{ }
"name" : "56819", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/56819" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "88139", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/88139" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "51472", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/51472" ]
}, },
{ "references": {
"name" : "cloudforms-pulp-info-disc(80547)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80547" "name": "cloudforms-pulp-info-disc(80547)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80547"
} },
} {
"name": "88139",
"refsource": "OSVDB",
"url": "http://osvdb.org/88139"
},
{
"name": "51472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51472"
},
{
"name": "RHSA-2012:1543",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"name": "56819",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56819"
}
]
}
}

210
2012/3xxx/CVE-2012-3671.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3671", "ID": "CVE-2012-3671",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5485", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5485" "lang": "eng",
}, "value": "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1."
{ }
"name" : "http://support.apple.com/kb/HT5502", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5502" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT5503", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5503" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2012-09-12-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2012-09-19-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "name": "APPLE-SA-2012-09-19-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html"
"name" : "APPLE-SA-2012-09-19-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html" "name": "http://support.apple.com/kb/HT5485",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5485"
"name" : "55534", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55534" "name": "APPLE-SA-2012-09-19-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"name" : "85370", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/85370" "name": "http://support.apple.com/kb/HT5503",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5503"
"name" : "oval:org.mitre.oval:def:16626", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16626" "name": "http://support.apple.com/kb/HT5502",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5502"
"name" : "apple-itunes-webkit-cve20123671(78511)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78511" "name": "55534",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/55534"
} },
} {
"name": "oval:org.mitre.oval:def:16626",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16626"
},
{
"name": "APPLE-SA-2012-09-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"name": "apple-itunes-webkit-cve20123671(78511)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78511"
},
{
"name": "85370",
"refsource": "OSVDB",
"url": "http://osvdb.org/85370"
}
]
}
}

150
2012/4xxx/CVE-2012-4077.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-4077", "ID": "CVE-2012-4077",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20131004 Cisco NX-OS Software Input Validation Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4077" "lang": "eng",
}, "value": "Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651."
{ }
"name" : "62849", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/62849" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98127", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/98127" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "55191", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/55191" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20131004 Cisco NX-OS Software Input Validation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4077"
},
{
"name": "98127",
"refsource": "OSVDB",
"url": "http://osvdb.org/98127"
},
{
"name": "62849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62849"
},
{
"name": "55191",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55191"
}
]
}
}

140
2012/4xxx/CVE-2012-4858.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-4858", "ID": "CVE-2012-4858",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 does not properly validate Java serialized input, which allows remote attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626697", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21626697" "lang": "eng",
}, "value": "IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 does not properly validate Java serialized input, which allows remote attackers to execute arbitrary commands via unspecified vectors."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24034373", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24034373" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "cognost-bi-java-com-execution(79801)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79801" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24034373",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034373"
},
{
"name": "cognost-bi-java-com-execution(79801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79801"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21626697",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21626697"
}
]
}
}

34
2012/6xxx/CVE-2012-6167.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-6167", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-6167",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }
} }

130
2012/6xxx/CVE-2012-6470.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6470", "ID": "CVE-2012-6470",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opera.com/docs/changelogs/unified/1212/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/unified/1212/" "lang": "eng",
}, "value": "Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image."
{ }
"name" : "http://www.opera.com/support/kb/view/1038/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.opera.com/support/kb/view/1038/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.opera.com/support/kb/view/1038/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/1038/"
},
{
"name": "http://www.opera.com/docs/changelogs/unified/1212/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unified/1212/"
}
]
}
}

150
2012/6xxx/CVE-2012-6497.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6497", "ID": "CVE-2012-6497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130103 Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2013/01/03/12" "lang": "eng",
}, "value": "The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product."
{ }
"name" : "http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/", ]
"refsource" : "MISC", },
"url" : "http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html", "description": [
"refsource" : "MISC", {
"url" : "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "57084", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/57084" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/",
"refsource": "MISC",
"url": "http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/"
},
{
"name": "[oss-security] 20130103 Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/01/03/12"
},
{
"name": "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html",
"refsource": "MISC",
"url": "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html"
},
{
"name": "57084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57084"
}
]
}
}

34
2017/2xxx/CVE-2017-2202.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-2202", "ID": "CVE-2017-2202",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2017/2xxx/CVE-2017-2352.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2352", "ID": "CVE-2017-2352",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Unlock with iPhone\" component, which allows attackers to bypass the wrist-presence protection mechanism and unlock a Watch device via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207482", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207482" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Unlock with iPhone\" component, which allows attackers to bypass the wrist-presence protection mechanism and unlock a Watch device via unspecified vectors."
{ }
"name" : "https://support.apple.com/HT207487", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207487" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "95730", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95730" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1037668", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037668" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://support.apple.com/HT207487",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207487"
},
{
"name": "95730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95730"
},
{
"name": "https://support.apple.com/HT207482",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207482"
},
{
"name": "1037668",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037668"
}
]
}
}

122
2017/2xxx/CVE-2017-2863.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC" : "2017-07-11T00:00:00", "DATE_PUBLIC": "2017-07-11T00:00:00",
"ID" : "CVE-2017-2863", "ID": "CVE-2017-2863",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Infix", "product_name": "Infix",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1.5.0" "version_value": "7.1.5.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Iceni" "vendor_name": "Iceni"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An out-of-bounds write vulnerability exists in the PDF parsing functionality of Infix 7.1.5. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote code execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0367", "description_data": [
"refsource" : "MISC", {
"url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0367" "lang": "eng",
} "value": "An out-of-bounds write vulnerability exists in the PDF parsing functionality of Infix 7.1.5. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0367",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0367"
}
]
}
}

160
2017/2xxx/CVE-2017-2995.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-2995", "ID": "CVE-2017-2995",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Flash Player 24.0.0.194 and earlier.", "product_name": "Adobe Flash Player 24.0.0.194 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Flash Player 24.0.0.194 and earlier." "version_value": "Adobe Flash Player 24.0.0.194 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Type Confusion"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" "lang": "eng",
}, "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "GLSA-201702-20", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201702-20" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2017:0275", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0275.html" "lang": "eng",
}, "value": "Type Confusion"
{ }
"name" : "96191", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/96191" ]
}, },
{ "references": {
"name" : "1037815", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037815" "name": "GLSA-201702-20",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201702-20"
} },
} {
"name": "RHSA-2017:0275",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html"
},
{
"name": "96191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96191"
},
{
"name": "1037815",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037815"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html"
}
]
}
}

120
2018/11xxx/CVE-2018-11471.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11471", "ID": "CVE-2018-11471",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cockpit 0.5.5 has XSS via a collection, form, or region."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/nikhil1232/Cockpit-CMS-XSS-POC", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/nikhil1232/Cockpit-CMS-XSS-POC" "lang": "eng",
} "value": "Cockpit 0.5.5 has XSS via a collection, form, or region."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nikhil1232/Cockpit-CMS-XSS-POC",
"refsource": "MISC",
"url": "https://github.com/nikhil1232/Cockpit-CMS-XSS-POC"
}
]
}
}

210
2018/11xxx/CVE-2018-11508.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11508", "ID": "CVE-2018-11508",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "46208", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/46208/" "lang": "eng",
}, "value": "The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d5190e86273372cab95", ]
"refsource" : "MISC", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d5190e86273372cab95" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1574", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1574" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/0a0b98734479aa5b3c671d5190e86273372cab95", ]
"refsource" : "MISC", }
"url" : "https://github.com/torvalds/linux/commit/0a0b98734479aa5b3c671d5190e86273372cab95" ]
}, },
{ "references": {
"name" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9", "reference_data": [
"refsource" : "MISC", {
"url" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9" "name": "USN-3695-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3695-1/"
"name" : "USN-3695-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3695-1/" "name": "USN-3695-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3695-2/"
"name" : "USN-3695-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3695-2/" "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1574",
}, "refsource": "MISC",
{ "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1574"
"name" : "USN-3697-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3697-1/" "name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9",
}, "refsource": "MISC",
{ "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9"
"name" : "USN-3697-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3697-2/" "name": "104292",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/104292"
"name" : "104292", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104292" "name": "USN-3697-1",
} "refsource": "UBUNTU",
] "url": "https://usn.ubuntu.com/3697-1/"
} },
} {
"name": "https://github.com/torvalds/linux/commit/0a0b98734479aa5b3c671d5190e86273372cab95",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/0a0b98734479aa5b3c671d5190e86273372cab95"
},
{
"name": "USN-3697-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3697-2/"
},
{
"name": "46208",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46208/"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d5190e86273372cab95",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d5190e86273372cab95"
}
]
}
}

34
2018/11xxx/CVE-2018-11929.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11929", "ID": "CVE-2018-11929",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/14xxx/CVE-2018-14243.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-14243", "ID": "CVE-2018-14243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.1049" "version_value": "9.0.1.1049"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addPageOpenJSMessage method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. The attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6006."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-703", "description_data": [
"refsource" : "MISC", {
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-703" "lang": "eng",
}, "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addPageOpenJSMessage method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. The attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6006."
{ }
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://zerodayinitiative.com/advisories/ZDI-18-703",
"refsource": "MISC",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-703"
}
]
}
}

170
2018/14xxx/CVE-2018-14341.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14341", "ID": "CVE-2018-14341",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180729 [SECURITY] [DLA 1451-1] wireshark security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00045.html" "lang": "eng",
}, "value": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.wireshark.org/security/wnpa-sec-2018-39.html", ]
"refsource" : "CONFIRM", }
"url" : "https://www.wireshark.org/security/wnpa-sec-2018-39.html" ]
}, },
{ "references": {
"name" : "104847", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104847" "name": "1041608",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1041608"
"name" : "1041608", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041608" "name": "https://www.wireshark.org/security/wnpa-sec-2018-39.html",
} "refsource": "CONFIRM",
] "url": "https://www.wireshark.org/security/wnpa-sec-2018-39.html"
} },
} {
"name": "[debian-lts-announce] 20180729 [SECURITY] [DLA 1451-1] wireshark security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00045.html"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742"
},
{
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
}
]
}
}

34
2018/14xxx/CVE-2018-14591.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14591", "ID": "CVE-2018-14591",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/15xxx/CVE-2018-15106.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15106", "ID": "CVE-2018-15106",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2018/15xxx/CVE-2018-15505.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15505", "ID": "CVE-2018-15505",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted \"Host\" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 address."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/embedthis/appweb/commit/16e6979c82297d5fc4f8661e7ada975f51e4dfa9", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/embedthis/appweb/commit/16e6979c82297d5fc4f8661e7ada975f51e4dfa9" "lang": "eng",
}, "value": "An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted \"Host\" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 address."
{ }
"name" : "https://github.com/embedthis/appweb/issues/605", ]
"refsource" : "MISC", },
"url" : "https://github.com/embedthis/appweb/issues/605" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/embedthis/goahead/issues/264", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/embedthis/goahead/issues/264" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/embedthis/appweb/issues/605",
"refsource": "MISC",
"url": "https://github.com/embedthis/appweb/issues/605"
},
{
"name": "https://github.com/embedthis/goahead/issues/264",
"refsource": "MISC",
"url": "https://github.com/embedthis/goahead/issues/264"
},
{
"name": "https://github.com/embedthis/appweb/commit/16e6979c82297d5fc4f8661e7ada975f51e4dfa9",
"refsource": "MISC",
"url": "https://github.com/embedthis/appweb/commit/16e6979c82297d5fc4f8661e7ada975f51e4dfa9"
}
]
}
}

34
2018/15xxx/CVE-2018-15549.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15549", "ID": "CVE-2018-15549",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/15xxx/CVE-2018-15639.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15639", "ID": "CVE-2018-15639",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/15xxx/CVE-2018-15652.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15652", "ID": "CVE-2018-15652",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/15xxx/CVE-2018-15830.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15830", "ID": "CVE-2018-15830",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2018/20xxx/CVE-2018-20033.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "PSIRT-CNA@flexerasoftware.com", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"DATE_PUBLIC" : "2019-01-28T00:00:00", "DATE_PUBLIC": "2019-01-28T00:00:00",
"ID" : "CVE-2018-20033", "ID": "CVE-2018-20033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FlexNet Publisher", "product_name": "FlexNet Publisher",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "11.16.1.0 and earlier" "version_value": "11.16.1.0 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Flexera Software LLC" "vendor_name": "Flexera Software LLC"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution (RCE)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "85979", "description_data": [
"refsource" : "SECUNIA", {
"url" : "https://secuniaresearch.flexerasoftware.com/advisories/85979/" "lang": "eng",
} "value": "A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution (RCE)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "85979",
"refsource": "SECUNIA",
"url": "https://secuniaresearch.flexerasoftware.com/advisories/85979/"
}
]
}
}

34
2018/8xxx/CVE-2018-8368.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8368", "ID": "CVE-2018-8368",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }