diff --git a/2006/0xxx/CVE-2006-0518.json b/2006/0xxx/CVE-2006-0518.json index 679ad79cc7c..d290383efd3 100644 --- a/2006/0xxx/CVE-2006-0518.json +++ b/2006/0xxx/CVE-2006-0518.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zone-h.org/en/advisories/read/id=8650/", - "refsource" : "MISC", - "url" : "http://www.zone-h.org/en/advisories/read/id=8650/" - }, - { - "name" : "16461", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16461" - }, - { - "name" : "ADV-2006-0398", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0398" - }, - { - "name" : "22849", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22849" - }, - { - "name" : "18676", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18676" - }, - { - "name" : "spip-index-xss(24401)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24401" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "spip-index-xss(24401)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24401" + }, + { + "name": "22849", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22849" + }, + { + "name": "http://www.zone-h.org/en/advisories/read/id=8650/", + "refsource": "MISC", + "url": "http://www.zone-h.org/en/advisories/read/id=8650/" + }, + { + "name": "18676", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18676" + }, + { + "name": "ADV-2006-0398", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0398" + }, + { + "name": "16461", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16461" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0608.json b/2006/0xxx/CVE-2006-0608.json index 8b17209d100..1fc0f136d13 100644 --- a/2006/0xxx/CVE-2006-0608.json +++ b/2006/0xxx/CVE-2006-0608.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to check.php or (2) unknown attack vectors to scripts that display information from the database." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060212 [eVuln] phphd Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/424827/100/0/threaded" - }, - { - "name" : "http://www.evuln.com/vulns/60/summary.html", - "refsource" : "MISC", - "url" : "http://www.evuln.com/vulns/60/summary.html" - }, - { - "name" : "16586", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16586" - }, - { - "name" : "23025", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23025" - }, - { - "name" : "23028", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23028" - }, - { - "name" : "18793", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18793" - }, - { - "name" : "phphd-check-sql-injection(24508)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24508" - }, - { - "name" : "phphd-multiple-sql-injection(24515)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24515" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to check.php or (2) unknown attack vectors to scripts that display information from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18793", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18793" + }, + { + "name": "phphd-multiple-sql-injection(24515)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24515" + }, + { + "name": "16586", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16586" + }, + { + "name": "20060212 [eVuln] phphd Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/424827/100/0/threaded" + }, + { + "name": "23025", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23025" + }, + { + "name": "23028", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23028" + }, + { + "name": "http://www.evuln.com/vulns/60/summary.html", + "refsource": "MISC", + "url": "http://www.evuln.com/vulns/60/summary.html" + }, + { + "name": "phphd-check-sql-injection(24508)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24508" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0881.json b/2006/0xxx/CVE-2006-0881.json index 1859832aa6a..5541416f9bd 100644 --- a/2006/0xxx/CVE-2006-0881.json +++ b/2006/0xxx/CVE-2006-0881.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0881", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0881", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060222 [KAPDA::#29]Noah's classifieds multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/425783/100/0/threaded" - }, - { - "name" : "http://www.kapda.ir/advisory-268.html", - "refsource" : "MISC", - "url" : "http://www.kapda.ir/advisory-268.html" - }, - { - "name" : "16780", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16780" - }, - { - "name" : "ADV-2006-0703", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0703" - }, - { - "name" : "1015667", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015667" - }, - { - "name" : "noahs-gorumlib-file-include(24899)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16780", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16780" + }, + { + "name": "20060222 [KAPDA::#29]Noah's classifieds multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/425783/100/0/threaded" + }, + { + "name": "1015667", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015667" + }, + { + "name": "http://www.kapda.ir/advisory-268.html", + "refsource": "MISC", + "url": "http://www.kapda.ir/advisory-268.html" + }, + { + "name": "ADV-2006-0703", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0703" + }, + { + "name": "noahs-gorumlib-file-include(24899)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24899" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1097.json b/2006/1xxx/CVE-2006-1097.json index 6e1edb50aa0..0e481edcd42 100644 --- a/2006/1xxx/CVE-2006-1097.json +++ b/2006/1xxx/CVE-2006-1097.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1097", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to (1) info_db.php or (2) database.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1097", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060301 Woltlab Burning Board 2.x (Datenbank MOD fileid) MultipleVulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/426583" - }, - { - "name" : "20060301 Woltlab Burning Board 2.x (Datenbank MOD fileid) MultipleVulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0033.html" - }, - { - "name" : "http://www.nukedx.com/?viewdoc=17", - "refsource" : "MISC", - "url" : "http://www.nukedx.com/?viewdoc=17" - }, - { - "name" : "23809", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23809" - }, - { - "name" : "23811", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23811" - }, - { - "name" : "wbb-multiple-xss(25004)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25004" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to (1) info_db.php or (2) database.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060301 Woltlab Burning Board 2.x (Datenbank MOD fileid) MultipleVulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/426583" + }, + { + "name": "23811", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23811" + }, + { + "name": "20060301 Woltlab Burning Board 2.x (Datenbank MOD fileid) MultipleVulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0033.html" + }, + { + "name": "wbb-multiple-xss(25004)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25004" + }, + { + "name": "23809", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23809" + }, + { + "name": "http://www.nukedx.com/?viewdoc=17", + "refsource": "MISC", + "url": "http://www.nukedx.com/?viewdoc=17" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1208.json b/2006/1xxx/CVE-2006-1208.json index 59284af1c6c..9c25dc2b08a 100644 --- a/2006/1xxx/CVE-2006-1208.json +++ b/2006/1xxx/CVE-2006-1208.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060309 PHP Upload Center Download users password hashes And phpshell Upload", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/427215/100/0/threaded" - }, - { - "name" : "http://biyosecurity.be/bugs/phpuploadcenter2.txt", - "refsource" : "MISC", - "url" : "http://biyosecurity.be/bugs/phpuploadcenter2.txt" - }, - { - "name" : "http://www.blogcu.com/Liz0ziM/317250/", - "refsource" : "MISC", - "url" : "http://www.blogcu.com/Liz0ziM/317250/" - }, - { - "name" : "http://www.scripts-by.net/PHP/File-Manipulation/php-upload-center.html", - "refsource" : "MISC", - "url" : "http://www.scripts-by.net/PHP/File-Manipulation/php-upload-center.html" - }, - { - "name" : "ADV-2006-0817", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0817" - }, - { - "name" : "23626", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23626" - }, - { - "name" : "19107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19107" - }, - { - "name" : "564", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/564" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-0817", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0817" + }, + { + "name": "564", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/564" + }, + { + "name": "http://www.blogcu.com/Liz0ziM/317250/", + "refsource": "MISC", + "url": "http://www.blogcu.com/Liz0ziM/317250/" + }, + { + "name": "19107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19107" + }, + { + "name": "20060309 PHP Upload Center Download users password hashes And phpshell Upload", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/427215/100/0/threaded" + }, + { + "name": "http://biyosecurity.be/bugs/phpuploadcenter2.txt", + "refsource": "MISC", + "url": "http://biyosecurity.be/bugs/phpuploadcenter2.txt" + }, + { + "name": "http://www.scripts-by.net/PHP/File-Manipulation/php-upload-center.html", + "refsource": "MISC", + "url": "http://www.scripts-by.net/PHP/File-Manipulation/php-upload-center.html" + }, + { + "name": "23626", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23626" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5120.json b/2006/5xxx/CVE-2006-5120.json index 2245b4987f2..675b5b7a351 100644 --- a/2006/5xxx/CVE-2006-5120.json +++ b/2006/5xxx/CVE-2006-5120.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5120", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer Red Mombin 0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) index.php and (2) process_login.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5120", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060928 Multitple XSS Vulnerabilities in Red Mombin 0.7", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447255/100/0/threaded" - }, - { - "name" : "http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0002", - "refsource" : "MISC", - "url" : "http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0002" - }, - { - "name" : "20243", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20243" - }, - { - "name" : "1668", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1668" - }, - { - "name" : "redmombin-multiple-xss(29241)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer Red Mombin 0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) index.php and (2) process_login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060928 Multitple XSS Vulnerabilities in Red Mombin 0.7", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447255/100/0/threaded" + }, + { + "name": "http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0002", + "refsource": "MISC", + "url": "http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0002" + }, + { + "name": "20243", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20243" + }, + { + "name": "1668", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1668" + }, + { + "name": "redmombin-multiple-xss(29241)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29241" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5281.json b/2006/5xxx/CVE-2006-5281.json index cd789e443fb..93698d82b61 100644 --- a/2006/5xxx/CVE-2006-5281.json +++ b/2006/5xxx/CVE-2006-5281.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5281", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5281", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://securitydot.net/txt/id/1645/type/xpl/", - "refsource" : "MISC", - "url" : "http://securitydot.net/txt/id/1645/type/xpl/" - }, - { - "name" : "2514", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2514" - }, - { - "name" : "20462", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20462" - }, - { - "name" : "ADV-2006-4013", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4013" - }, - { - "name" : "29692", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/29692" - }, - { - "name" : "22250", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22250" - }, - { - "name" : "n@board-naboard-file-include(29431)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29431" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29692", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/29692" + }, + { + "name": "2514", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2514" + }, + { + "name": "ADV-2006-4013", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4013" + }, + { + "name": "22250", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22250" + }, + { + "name": "20462", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20462" + }, + { + "name": "n@board-naboard-file-include(29431)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29431" + }, + { + "name": "http://securitydot.net/txt/id/1645/type/xpl/", + "refsource": "MISC", + "url": "http://securitydot.net/txt/id/1645/type/xpl/" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5342.json b/2006/5xxx/CVE-2006-5342.json index 3bcc48013f8..bd03f243db8 100644 --- a/2006/5xxx/CVE-2006-5342.json +++ b/2006/5xxx/CVE-2006-5342.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_tune, aka Vuln# DB18. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB18 might be related to SQL injection in the EXTENT_OF function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061018 Analysis of the Oracle October 2006 Critical Patch Update", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/449110/100/0/threaded" - }, - { - "name" : "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf", - "refsource" : "MISC", - "url" : "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" - }, - { - "name" : "TA06-291A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-291A.html" - }, - { - "name" : "20588", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20588" - }, - { - "name" : "ADV-2006-4065", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4065" - }, - { - "name" : "1017077", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017077" - }, - { - "name" : "22396", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_tune, aka Vuln# DB18. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB18 might be related to SQL injection in the EXTENT_OF function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html" + }, + { + "name": "20588", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20588" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html" + }, + { + "name": "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf", + "refsource": "MISC", + "url": "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf" + }, + { + "name": "20061018 Analysis of the Oracle October 2006 Critical Patch Update", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/449110/100/0/threaded" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded" + }, + { + "name": "ADV-2006-4065", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4065" + }, + { + "name": "22396", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22396" + }, + { + "name": "1017077", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017077" + }, + { + "name": "TA06-291A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-291A.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5543.json b/2006/5xxx/CVE-2006-5543.json index e9807030482..be1e4f1efff 100644 --- a/2006/5xxx/CVE-2006-5543.json +++ b/2006/5xxx/CVE-2006-5543.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in misc/function.php3 in PHP Generator of Object SQL Database (PGOSD), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061022 PHP Generator of Object SQL Database (path) Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/449475/100/0/threaded" - }, - { - "name" : "2612", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2612" - }, - { - "name" : "20061026 Source VERIFY: PHP Generator of Object SQL Database RFI", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2006-October/001097.html" - }, - { - "name" : "20668", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20668" - }, - { - "name" : "20677", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20677" - }, - { - "name" : "1783", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1783" - }, - { - "name" : "pgosd-function-file-include(29696)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29696" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in misc/function.php3 in PHP Generator of Object SQL Database (PGOSD), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20668", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20668" + }, + { + "name": "2612", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2612" + }, + { + "name": "20677", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20677" + }, + { + "name": "pgosd-function-file-include(29696)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29696" + }, + { + "name": "20061026 Source VERIFY: PHP Generator of Object SQL Database RFI", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2006-October/001097.html" + }, + { + "name": "1783", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1783" + }, + { + "name": "20061022 PHP Generator of Object SQL Database (path) Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/449475/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5721.json b/2006/5xxx/CVE-2006-5721.json index fb072087118..0cbcf3f2f48 100644 --- a/2006/5xxx/CVE-2006-5721.json +++ b/2006/5xxx/CVE-2006-5721.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061101 Outpost Insufficient validation of 'SandBox' driver input buffer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/450293/100/0/threaded" - }, - { - "name" : "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php" - }, - { - "name" : "20860", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20860" - }, - { - "name" : "ADV-2006-4309", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4309" - }, - { - "name" : "1017150", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017150" - }, - { - "name" : "22673", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22673" - }, - { - "name" : "1821", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1821" - }, - { - "name" : "outpostfirewall-sandbox-dos(29969)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "outpostfirewall-sandbox-dos(29969)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969" + }, + { + "name": "ADV-2006-4309", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4309" + }, + { + "name": "20860", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20860" + }, + { + "name": "22673", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22673" + }, + { + "name": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php", + "refsource": "MISC", + "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php" + }, + { + "name": "1821", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1821" + }, + { + "name": "1017150", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017150" + }, + { + "name": "20061101 Outpost Insufficient validation of 'SandBox' driver input buffer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5969.json b/2006/5xxx/CVE-2006-5969.json index f7d7824b0fa..3935d968ca4 100644 --- a/2006/5xxx/CVE-2006-5969.json +++ b/2006/5xxx/CVE-2006-5969.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.gentoo-portage.com/x11-wm/fvwm/ChangeLog", - "refsource" : "MISC", - "url" : "http://www.gentoo-portage.com/x11-wm/fvwm/ChangeLog" - }, - { - "name" : "http://thread.gmane.org/gmane.comp.window-managers.fvwm.devel/2419/focus=2419", - "refsource" : "CONFIRM", - "url" : "http://thread.gmane.org/gmane.comp.window-managers.fvwm.devel/2419/focus=2419" - }, - { - "name" : "GLSA-200611-17", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200611-17.xml" - }, - { - "name" : "22961", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22961" - }, - { - "name" : "23089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23089" - }, - { - "name" : "fvwm-evalfolderline-command-execution(30452)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30452" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "fvwm-evalfolderline-command-execution(30452)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30452" + }, + { + "name": "http://www.gentoo-portage.com/x11-wm/fvwm/ChangeLog", + "refsource": "MISC", + "url": "http://www.gentoo-portage.com/x11-wm/fvwm/ChangeLog" + }, + { + "name": "http://thread.gmane.org/gmane.comp.window-managers.fvwm.devel/2419/focus=2419", + "refsource": "CONFIRM", + "url": "http://thread.gmane.org/gmane.comp.window-managers.fvwm.devel/2419/focus=2419" + }, + { + "name": "22961", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22961" + }, + { + "name": "GLSA-200611-17", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-17.xml" + }, + { + "name": "23089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23089" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2126.json b/2007/2xxx/CVE-2007-2126.json index f6b7e5ab7ee..0a5a1db522c 100644 --- a/2007/2xxx/CVE-2007-2126.json +++ b/2007/2xxx/CVE-2007-2126.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf", - "refsource" : "MISC", - "url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded" - }, - { - "name" : "TA07-108A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-108A.html" - }, - { - "name" : "23532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23532" - }, - { - "name" : "ADV-2007-1426", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1426" - }, - { - "name" : "1017927", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-108A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-108A.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html" + }, + { + "name": "23532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23532" + }, + { + "name": "1017927", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017927" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded" + }, + { + "name": "ADV-2007-1426", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1426" + }, + { + "name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf", + "refsource": "MISC", + "url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2445.json b/2007/2xxx/CVE-2007-2445.json index 1b1cf1d0216..f93c17ff2a1 100644 --- a/2007/2xxx/CVE-2007-2445.json +++ b/2007/2xxx/CVE-2007-2445.json @@ -1,312 +1,312 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-2445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070517 FLEA-2007-0018-1: libpng", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468910/100/0/threaded" - }, - { - "name" : "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/489135/100/0/threaded" - }, - { - "name" : "http://www.coresecurity.com/?action=item&id=2148", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/?action=item&id=2148" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624" - }, - { - "name" : "http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt", - "refsource" : "CONFIRM", - "url" : "http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1381", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1381" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm" - }, - { - "name" : "http://irrlicht.sourceforge.net/changes.txt", - "refsource" : "CONFIRM", - "url" : "http://irrlicht.sourceforge.net/changes.txt" - }, - { - "name" : "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", - "refsource" : "CONFIRM", - "url" : "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "DSA-1613", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1613" - }, - { - "name" : "DSA-1750", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1750" - }, - { - "name" : "GLSA-200705-24", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml" - }, - { - "name" : "GLSA-200805-07", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" - }, - { - "name" : "MDKSA-2007:116", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:116" - }, - { - "name" : "OpenPKG-SA-2007.013", - "refsource" : "OPENPKG", - "url" : "http://openpkg.com/go/OpenPKG-SA-2007.013" - }, - { - "name" : "RHSA-2007:0356", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0356.html" - }, - { - "name" : "SSA:2007-136-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.492650" - }, - { - "name" : "102987", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1" - }, - { - "name" : "200871", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200871-1" - }, - { - "name" : "SUSE-SR:2007:013", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_13_sr.html" - }, - { - "name" : "2007-0019", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0019/" - }, - { - "name" : "USN-472-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-472-1" - }, - { - "name" : "VU#684664", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/684664" - }, - { - "name" : "24000", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24000" - }, - { - "name" : "24023", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24023" - }, - { - "name" : "36196", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36196" - }, - { - "name" : "oval:org.mitre.oval:def:10094", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10094" - }, - { - "name" : "34388", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34388" - }, - { - "name" : "ADV-2007-1838", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1838" - }, - { - "name" : "ADV-2007-2385", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2385" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "1018078", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018078" - }, - { - "name" : "25292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25292" - }, - { - "name" : "25329", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25329" - }, - { - "name" : "25268", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25268" - }, - { - "name" : "25273", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25273" - }, - { - "name" : "25353", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25353" - }, - { - "name" : "25461", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25461" - }, - { - "name" : "25554", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25554" - }, - { - "name" : "25571", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25571" - }, - { - "name" : "25742", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25742" - }, - { - "name" : "25867", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25867" - }, - { - "name" : "27056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27056" - }, - { - "name" : "25787", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25787" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "30161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30161" - }, - { - "name" : "31168", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31168" - }, - { - "name" : "libpng-trns-chunk-dos(34340)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34340" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "OpenPKG-SA-2007.013", + "refsource": "OPENPKG", + "url": "http://openpkg.com/go/OpenPKG-SA-2007.013" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm" + }, + { + "name": "SSA:2007-136-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.492650" + }, + { + "name": "25571", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25571" + }, + { + "name": "oval:org.mitre.oval:def:10094", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10094" + }, + { + "name": "VU#684664", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/684664" + }, + { + "name": "DSA-1613", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1613" + }, + { + "name": "102987", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1" + }, + { + "name": "200871", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200871-1" + }, + { + "name": "34388", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34388" + }, + { + "name": "36196", + "refsource": "OSVDB", + "url": "http://osvdb.org/36196" + }, + { + "name": "GLSA-200705-24", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml" + }, + { + "name": "25273", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25273" + }, + { + "name": "http://www.coresecurity.com/?action=item&id=2148", + "refsource": "MISC", + "url": "http://www.coresecurity.com/?action=item&id=2148" + }, + { + "name": "http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt", + "refsource": "CONFIRM", + "url": "http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt" + }, + { + "name": "24023", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24023" + }, + { + "name": "libpng-trns-chunk-dos(34340)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34340" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "http://irrlicht.sourceforge.net/changes.txt", + "refsource": "CONFIRM", + "url": "http://irrlicht.sourceforge.net/changes.txt" + }, + { + "name": "25867", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25867" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624" + }, + { + "name": "31168", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31168" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1381", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1381" + }, + { + "name": "25329", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25329" + }, + { + "name": "25461", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25461" + }, + { + "name": "ADV-2007-1838", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1838" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "ADV-2007-2385", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2385" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "25353", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25353" + }, + { + "name": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", + "refsource": "CONFIRM", + "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html" + }, + { + "name": "20070517 FLEA-2007-0018-1: libpng", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468910/100/0/threaded" + }, + { + "name": "30161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30161" + }, + { + "name": "GLSA-200805-07", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" + }, + { + "name": "25554", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25554" + }, + { + "name": "25268", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25268" + }, + { + "name": "DSA-1750", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1750" + }, + { + "name": "1018078", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018078" + }, + { + "name": "2007-0019", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0019/" + }, + { + "name": "SUSE-SR:2007:013", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html" + }, + { + "name": "USN-472-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-472-1" + }, + { + "name": "27056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27056" + }, + { + "name": "RHSA-2007:0356", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0356.html" + }, + { + "name": "25292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25292" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "25787", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25787" + }, + { + "name": "25742", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25742" + }, + { + "name": "MDKSA-2007:116", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:116" + }, + { + "name": "24000", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24000" + }, + { + "name": "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0155.json b/2010/0xxx/CVE-2010-0155.json index fe8bca6c919..404f9d3ec52 100644 --- a/2010/0xxx/CVE-2010-0155.json +++ b/2010/0xxx/CVE-2010-0155.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100912 MVSA-10-009 / CVE-2010-0155 - IBM Proventia Network Mail Security System - CRLF Injection vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/513636/100/0/threaded" - }, - { - "name" : "http://www.ventuneac.net/security-advisories/MVSA-10-009", - "refsource" : "MISC", - "url" : "http://www.ventuneac.net/security-advisories/MVSA-10-009" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100912 MVSA-10-009 / CVE-2010-0155 - IBM Proventia Network Mail Security System - CRLF Injection vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/513636/100/0/threaded" + }, + { + "name": "http://www.ventuneac.net/security-advisories/MVSA-10-009", + "refsource": "MISC", + "url": "http://www.ventuneac.net/security-advisories/MVSA-10-009" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0235.json b/2010/0xxx/CVE-2010-0235.json index c82d0df3644..75e4ad2c99a 100644 --- a/2010/0xxx/CVE-2010-0235.json +++ b/2010/0xxx/CVE-2010-0235.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka \"Windows Kernel Symbolic Link Value Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-0235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS10-021", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021" - }, - { - "name" : "TA10-103A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" - }, - { - "name" : "oval:org.mitre.oval:def:7509", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7509" - }, - { - "name" : "1023850", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023850" - }, - { - "name" : "39373", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39373" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka \"Windows Kernel Symbolic Link Value Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS10-021", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021" + }, + { + "name": "oval:org.mitre.oval:def:7509", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7509" + }, + { + "name": "TA10-103A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" + }, + { + "name": "39373", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39373" + }, + { + "name": "1023850", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023850" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0348.json b/2010/0xxx/CVE-2010-0348.json index d228d4f0770..7eca4eadcc0 100644 --- a/2010/0xxx/CVE-2010-0348.json +++ b/2010/0xxx/CVE-2010-0348.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://webcal.c-3.jp/zeijakusei.html", - "refsource" : "CONFIRM", - "url" : "http://webcal.c-3.jp/zeijakusei.html" - }, - { - "name" : "JVN#22247093", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN22247093/index.html" - }, - { - "name" : "JVNDB-2010-000003", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000003.html" - }, - { - "name" : "61630", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/61630" - }, - { - "name" : "38135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38135" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://webcal.c-3.jp/zeijakusei.html", + "refsource": "CONFIRM", + "url": "http://webcal.c-3.jp/zeijakusei.html" + }, + { + "name": "JVN#22247093", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN22247093/index.html" + }, + { + "name": "38135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38135" + }, + { + "name": "JVNDB-2010-000003", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000003.html" + }, + { + "name": "61630", + "refsource": "OSVDB", + "url": "http://osvdb.org/61630" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0524.json b/2010/0xxx/CVE-2010-0524.json index cc8aad02d67..8385ab6ff00 100644 --- a/2010/0xxx/CVE-2010-0524.json +++ b/2010/0xxx/CVE-2010-0524.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0524", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EAP-TLS authenticated connections on the basis of an arbitrary client certificate, which allows remote attackers to obtain network connectivity via a crafted RADIUS Access Request message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-0524", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4077", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4077" - }, - { - "name" : "APPLE-SA-2010-03-29-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" - }, - { - "name" : "39234", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39234" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EAP-TLS authenticated connections on the basis of an arbitrary client certificate, which allows remote attackers to obtain network connectivity via a crafted RADIUS Access Request message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39234", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39234" + }, + { + "name": "APPLE-SA-2010-03-29-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT4077", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4077" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1027.json b/2010/1xxx/CVE-2010-1027.json index e6de416c6c6..3c9dcabc925 100644 --- a/2010/1xxx/CVE-2010-1027.json +++ b/2010/1xxx/CVE-2010-1027.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" - }, - { - "name" : "38802", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38802" - }, - { - "name" : "travelmates-unspecified-sql-injection(56980)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "travelmates-unspecified-sql-injection(56980)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56980" + }, + { + "name": "38802", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38802" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3087.json b/2010/3xxx/CVE-2010-3087.json index aa4adef1eea..d89d3c545a0 100644 --- a/2010/3xxx/CVE-2010-3087.json +++ b/2010/3xxx/CVE-2010-3087.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-3087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.novell.com/security/cve/CVE-2010-3087.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/security/cve/CVE-2010-3087.html" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=624215", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=624215" - }, - { - "name" : "http://blackberry.com/btsc/KB27244", - "refsource" : "CONFIRM", - "url" : "http://blackberry.com/btsc/KB27244" - }, - { - "name" : "GLSA-201209-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201209-02.xml" - }, - { - "name" : "SUSE-SR:2010:017", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" - }, - { - "name" : "50726", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=624215", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=624215" + }, + { + "name": "http://blackberry.com/btsc/KB27244", + "refsource": "CONFIRM", + "url": "http://blackberry.com/btsc/KB27244" + }, + { + "name": "GLSA-201209-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml" + }, + { + "name": "SUSE-SR:2010:017", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" + }, + { + "name": "http://support.novell.com/security/cve/CVE-2010-3087.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/security/cve/CVE-2010-3087.html" + }, + { + "name": "50726", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50726" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3411.json b/2010/3xxx/CVE-2010-3411.json index 59fe110b30b..dc71c48baf5 100644 --- a/2010/3xxx/CVE-2010-3411.json +++ b/2010/3xxx/CVE-2010-3411.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=51709", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=51709" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html" - }, - { - "name" : "oval:org.mitre.oval:def:14156", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14156" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:14156", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14156" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=51709", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=51709" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3683.json b/2010/3xxx/CVE-2010-3683.json index 2de4681e607..df9d20f4ed3 100644 --- a/2010/3xxx/CVE-2010-3683.json +++ b/2010/3xxx/CVE-2010-3683.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/09/28/10" - }, - { - "name" : "http://bugs.mysql.com/bug.php?id=52512", - "refsource" : "CONFIRM", - "url" : "http://bugs.mysql.com/bug.php?id=52512" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=628698", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=628698" - }, - { - "name" : "MDVSA-2010:155", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155" - }, - { - "name" : "MDVSA-2011:012", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012" - }, - { - "name" : "RHSA-2011:0164", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0164.html" - }, - { - "name" : "SUSE-SR:2010:019", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" - }, - { - "name" : "SUSE-SR:2010:021", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html" - }, - { - "name" : "USN-1017-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1017-1" - }, - { - "name" : "USN-1397-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1397-1" - }, - { - "name" : "42625", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/42625" - }, - { - "name" : "42936", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42936" - }, - { - "name" : "ADV-2011-0133", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0133" - }, - { - "name" : "ADV-2011-0170", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0170" - }, - { - "name" : "mysql-ok-packet-dos(64683)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64683" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-1397-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1397-1" + }, + { + "name": "USN-1017-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1017-1" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html" + }, + { + "name": "MDVSA-2011:012", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012" + }, + { + "name": "http://bugs.mysql.com/bug.php?id=52512", + "refsource": "CONFIRM", + "url": "http://bugs.mysql.com/bug.php?id=52512" + }, + { + "name": "RHSA-2011:0164", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html" + }, + { + "name": "ADV-2011-0170", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0170" + }, + { + "name": "ADV-2011-0133", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0133" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html" + }, + { + "name": "MDVSA-2010:155", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155" + }, + { + "name": "42936", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42936" + }, + { + "name": "SUSE-SR:2010:021", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=628698", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628698" + }, + { + "name": "42625", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/42625" + }, + { + "name": "SUSE-SR:2010:019", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" + }, + { + "name": "mysql-ok-packet-dos(64683)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64683" + }, + { + "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4212.json b/2010/4xxx/CVE-2010-4212.json index ecd0acc2cfe..b913041e7c9 100644 --- a/2010/4xxx/CVE-2010-4212.json +++ b/2010/4xxx/CVE-2010-4212.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4212", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4212", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://news.cnet.com/8301-27080_3-20021874-245.html", - "refsource" : "MISC", - "url" : "http://news.cnet.com/8301-27080_3-20021874-245.html" - }, - { - "name" : "http://online.wsj.com/article/SB10001424052748703805704575594581203248658.html", - "refsource" : "MISC", - "url" : "http://online.wsj.com/article/SB10001424052748703805704575594581203248658.html" - }, - { - "name" : "http://viaforensics.com/appwatchdog/usaa-android.html", - "refsource" : "MISC", - "url" : "http://viaforensics.com/appwatchdog/usaa-android.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://viaforensics.com/appwatchdog/usaa-android.html", + "refsource": "MISC", + "url": "http://viaforensics.com/appwatchdog/usaa-android.html" + }, + { + "name": "http://news.cnet.com/8301-27080_3-20021874-245.html", + "refsource": "MISC", + "url": "http://news.cnet.com/8301-27080_3-20021874-245.html" + }, + { + "name": "http://online.wsj.com/article/SB10001424052748703805704575594581203248658.html", + "refsource": "MISC", + "url": "http://online.wsj.com/article/SB10001424052748703805704575594581203248658.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4342.json b/2010/4xxx/CVE-2010-4342.json index 2d65267e5f4..fb4472f9d30 100644 --- a/2010/4xxx/CVE-2010-4342.json +++ b/2010/4xxx/CVE-2010-4342.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[netdev] 20101209 NULL dereference in econet AUN-over-UDP receive", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-netdev&m=129185496013580&w=2" - }, - { - "name" : "[netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-netdev&m=129186011218615&w=2" - }, - { - "name" : "[oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/12/09/1" - }, - { - "name" : "[oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/12/09/2" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6" - }, - { - "name" : "SUSE-SA:2011:008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" - }, - { - "name" : "45321", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45321" - }, - { - "name" : "43291", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43291" - }, - { - "name" : "ADV-2011-0375", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0375" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/12/09/2" + }, + { + "name": "45321", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45321" + }, + { + "name": "[netdev] 20101209 NULL dereference in econet AUN-over-UDP receive", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-netdev&m=129185496013580&w=2" + }, + { + "name": "[oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/12/09/1" + }, + { + "name": "ADV-2011-0375", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0375" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6" + }, + { + "name": "SUSE-SA:2011:008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64" + }, + { + "name": "43291", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43291" + }, + { + "name": "[netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-netdev&m=129186011218615&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4369.json b/2010/4xxx/CVE-2010-4369.json index 75b4f46de18..668a57b894e 100644 --- a/2010/4xxx/CVE-2010-4369.json +++ b/2010/4xxx/CVE-2010-4369.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://awstats.sourceforge.net/docs/awstats_changelog.txt", - "refsource" : "CONFIRM", - "url" : "http://awstats.sourceforge.net/docs/awstats_changelog.txt" - }, - { - "name" : "MDVSA-2011:033", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033" - }, - { - "name" : "USN-1047-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1047-1" - }, - { - "name" : "45210", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45210" - }, - { - "name" : "43004", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43004" - }, - { - "name" : "ADV-2011-0202", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0202" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0202", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0202" + }, + { + "name": "45210", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45210" + }, + { + "name": "MDVSA-2011:033", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:033" + }, + { + "name": "USN-1047-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1047-1" + }, + { + "name": "43004", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43004" + }, + { + "name": "http://awstats.sourceforge.net/docs/awstats_changelog.txt", + "refsource": "CONFIRM", + "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4458.json b/2010/4xxx/CVE-2010-4458.json index 6cef17889b5..2c4e245e3fe 100644 --- a/2010/4xxx/CVE-2010-4458.json +++ b/2010/4xxx/CVE-2010-4458.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4458", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-4458", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" - }, - { - "name" : "45889", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45889" - }, - { - "name" : "70588", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70588" - }, - { - "name" : "1024975", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024975" - }, - { - "name" : "ADV-2011-0151", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0151" - }, - { - "name" : "solaris-zfs-dos(64809)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64809" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "solaris-zfs-dos(64809)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64809" + }, + { + "name": "1024975", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024975" + }, + { + "name": "ADV-2011-0151", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0151" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" + }, + { + "name": "45889", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45889" + }, + { + "name": "70588", + "refsource": "OSVDB", + "url": "http://osvdb.org/70588" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0015.json b/2014/0xxx/CVE-2014-0015.json index d5e6848a7ce..f93afa541b0 100644 --- a/2014/0xxx/CVE-2014-0015.json +++ b/2014/0xxx/CVE-2014-0015.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://curl.haxx.se/docs/adv_20140129.html", - "refsource" : "CONFIRM", - "url" : "http://curl.haxx.se/docs/adv_20140129.html" - }, - { - "name" : "http://support.apple.com/kb/HT6296", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6296" - }, - { - "name" : "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862", - "refsource" : "CONFIRM", - "url" : "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743" - }, - { - "name" : "APPLE-SA-2014-06-30-2", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html" - }, - { - "name" : "DSA-2849", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2849" - }, - { - "name" : "FEDORA-2014-1864", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html" - }, - { - "name" : "FEDORA-2014-1876", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html" - }, - { - "name" : "SSA:2014-044-01", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652" - }, - { - "name" : "openSUSE-SU-2014:0274", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html" - }, - { - "name" : "USN-2097-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2097-1" - }, - { - "name" : "65270", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65270" - }, - { - "name" : "1029710", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029710" - }, - { - "name" : "56728", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56728" - }, - { - "name" : "56734", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56734" - }, - { - "name" : "56731", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56731" - }, - { - "name" : "59458", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59458" - }, - { - "name" : "59475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59475" - }, - { - "name" : "56912", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56912" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56912", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56912" + }, + { + "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862", + "refsource": "CONFIRM", + "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862" + }, + { + "name": "SSA:2014-044-01", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "http://support.apple.com/kb/HT6296", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6296" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "1029710", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029710" + }, + { + "name": "FEDORA-2014-1876", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html" + }, + { + "name": "openSUSE-SU-2014:0274", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html" + }, + { + "name": "APPLE-SA-2014-06-30-2", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "65270", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65270" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "DSA-2849", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2849" + }, + { + "name": "59458", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59458" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + }, + { + "name": "56728", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56728" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "FEDORA-2014-1864", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html" + }, + { + "name": "59475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59475" + }, + { + "name": "http://curl.haxx.se/docs/adv_20140129.html", + "refsource": "CONFIRM", + "url": "http://curl.haxx.se/docs/adv_20140129.html" + }, + { + "name": "USN-2097-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2097-1" + }, + { + "name": "56734", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56734" + }, + { + "name": "56731", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56731" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0199.json b/2014/0xxx/CVE-2014-0199.json index ff186632a68..86af1e4c5a7 100644 --- a/2014/0xxx/CVE-2014-0199.json +++ b/2014/0xxx/CVE-2014-0199.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2014:0558", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0558.html" - }, - { - "name" : "67682", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67682" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "67682", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67682" + }, + { + "name": "RHSA-2014:0558", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0558.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0219.json b/2014/0xxx/CVE-2014-0219.json index 0cf0fec8e96..802651719f7 100644 --- a/2014/0xxx/CVE-2014-0219.json +++ b/2014/0xxx/CVE-2014-0219.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0219", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0219", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1095974", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1095974" - }, - { - "name" : "http://karaf.apache.org/security/cve-2014-0219.txt", - "refsource" : "CONFIRM", - "url" : "http://karaf.apache.org/security/cve-2014-0219.txt" - }, - { - "name" : "101872", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1095974", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1095974" + }, + { + "name": "101872", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101872" + }, + { + "name": "http://karaf.apache.org/security/cve-2014-0219.txt", + "refsource": "CONFIRM", + "url": "http://karaf.apache.org/security/cve-2014-0219.txt" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3677.json b/2014/3xxx/CVE-2014-3677.json index c8cd07ab200..403c0a38145 100644 --- a/2014/3xxx/CVE-2014-3677.json +++ b/2014/3xxx/CVE-2014-3677.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3677", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3677", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20141013 shim RCE", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/10/13/4" - }, - { - "name" : "RHSA-2014:1801", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1801.html" - }, - { - "name" : "70410", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70410" - }, - { - "name" : "shim-cve20143677-code-exec(96989)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96989" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20141013 shim RCE", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/10/13/4" + }, + { + "name": "shim-cve20143677-code-exec(96989)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96989" + }, + { + "name": "RHSA-2014:1801", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1801.html" + }, + { + "name": "70410", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70410" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4149.json b/2014/4xxx/CVE-2014-4149.json index 2de94b83c24..52a017f51d7 100644 --- a/2014/4xxx/CVE-2014-4149.json +++ b/2014/4xxx/CVE-2014-4149.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4149", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka \"TypeFilterLevel Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-4149", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx" - }, - { - "name" : "MS14-072", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-072" - }, - { - "name" : "1031188", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka \"TypeFilterLevel Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031188", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031188" + }, + { + "name": "MS14-072", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-072" + }, + { + "name": "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4275.json b/2014/4xxx/CVE-2014-4275.json index 56a5bc9979c..13469e9aab9 100644 --- a/2014/4xxx/CVE-2014-4275.json +++ b/2014/4xxx/CVE-2014-4275.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4275", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to SMB server kernel module." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4275", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "70559", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70559" - }, - { - "name" : "1031032", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031032" - }, - { - "name" : "61593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to SMB server kernel module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "70559", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70559" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + }, + { + "name": "1031032", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031032" + }, + { + "name": "61593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61593" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4862.json b/2014/4xxx/CVE-2014-4862.json index 30e97f27aa7..931bde63099 100644 --- a/2014/4xxx/CVE-2014-4862.json +++ b/2014/4xxx/CVE-2014-4862.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4862", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-4862", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863" - }, - { - "name" : "VU#259548", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/259548" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863" + }, + { + "name": "VU#259548", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/259548" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8037.json b/2014/8xxx/CVE-2014-8037.json index a85ff390c82..0a819dfc014 100644 --- a/2014/8xxx/CVE-2014-8037.json +++ b/2014/8xxx/CVE-2014-8037.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8037", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8037", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8059.json b/2014/8xxx/CVE-2014-8059.json index fad2048d788..09f85018a57 100644 --- a/2014/8xxx/CVE-2014-8059.json +++ b/2014/8xxx/CVE-2014-8059.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8059", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-8059", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8477.json b/2014/8xxx/CVE-2014-8477.json index cd99722f6ec..2d610f93ebe 100644 --- a/2014/8xxx/CVE-2014-8477.json +++ b/2014/8xxx/CVE-2014-8477.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8477", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8477", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8966.json b/2014/8xxx/CVE-2014-8966.json index 95975ce2ccb..4ad4a67145c 100644 --- a/2014/8xxx/CVE-2014-8966.json +++ b/2014/8xxx/CVE-2014-8966.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-8966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-080", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-080", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9453.json b/2014/9xxx/CVE-2014-9453.json index db45d981672..2ac3c161daa 100644 --- a/2014/9xxx/CVE-2014-9453.json +++ b/2014/9xxx/CVE-2014-9453.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in simple-visitor-stat.php in the Simple visitor stat plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP User-Agent or (2) HTTP Referer header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/129502/WordPress-Simple-Visitor-Stat-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129502/WordPress-Simple-Visitor-Stat-Cross-Site-Scripting.html" - }, - { - "name" : "simplevisitor-wp-simplevisitorstat-xss(99421)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99421" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in simple-visitor-stat.php in the Simple visitor stat plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP User-Agent or (2) HTTP Referer header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/129502/WordPress-Simple-Visitor-Stat-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129502/WordPress-Simple-Visitor-Stat-Cross-Site-Scripting.html" + }, + { + "name": "simplevisitor-wp-simplevisitorstat-xss(99421)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99421" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2577.json b/2016/2xxx/CVE-2016-2577.json index 5a3783894c2..05092f091e7 100644 --- a/2016/2xxx/CVE-2016-2577.json +++ b/2016/2xxx/CVE-2016-2577.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2577", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-2577", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3256.json b/2016/3xxx/CVE-2016-3256.json index fa5a80e9765..6ef42bffde9 100644 --- a/2016/3xxx/CVE-2016-3256.json +++ b/2016/3xxx/CVE-2016-3256.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3256", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka \"Windows Secure Kernel Mode Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3256", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-089", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-089" - }, - { - "name" : "91590", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91590" - }, - { - "name" : "1036287", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036287" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka \"Windows Secure Kernel Mode Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-089", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-089" + }, + { + "name": "91590", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91590" + }, + { + "name": "1036287", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036287" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3713.json b/2016/3xxx/CVE-2016-3713.json index 0f1340ca9fb..3be90c29609 100644 --- a/2016/3xxx/CVE-2016-3713.json +++ b/2016/3xxx/CVE-2016-3713.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-3713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160516 CVE-2016-3713 Linux kernel: kvm: OOB r/w access issue with MSR 0x2F8", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/16/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1332139", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1332139" - }, - { - "name" : "https://github.com/torvalds/linux/commit/9842df62004f366b9fed2423e24df10542ee0dc5", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/9842df62004f366b9fed2423e24df10542ee0dc5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1" + }, + { + "name": "https://github.com/torvalds/linux/commit/9842df62004f366b9fed2423e24df10542ee0dc5", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/9842df62004f366b9fed2423e24df10542ee0dc5" + }, + { + "name": "[oss-security] 20160516 CVE-2016-3713 Linux kernel: kvm: OOB r/w access issue with MSR 0x2F8", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/16/2" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1332139", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332139" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3809.json b/2016/3xxx/CVE-2016-3809.json index 3ff11e6df8b..58d0b746067 100644 --- a/2016/3xxx/CVE-2016-3809.json +++ b/2016/3xxx/CVE-2016-3809.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3809", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3809", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-07-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-07-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-07-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-07-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6084.json b/2016/6xxx/CVE-2016-6084.json index 79fb175baa3..3488d8f87a2 100644 --- a/2016/6xxx/CVE-2016-6084.json +++ b/2016/6xxx/CVE-2016-6084.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-6084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BigFix Platform", - "version" : { - "version_data" : [ - { - "version_value" : "9.0" - }, - { - "version_value" : "9.1" - }, - { - "version_value" : "9.2" - }, - { - "version_value" : "9.5" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-6084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BigFix Platform", + "version": { + "version_data": [ + { + "version_value": "9.0" + }, + { + "version_value": "9.1" + }, + { + "version_value": "9.2" + }, + { + "version_value": "9.5" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21996339", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21996339" - }, - { - "name" : "95286", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95286" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21996339", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21996339" + }, + { + "name": "95286", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95286" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6133.json b/2016/6xxx/CVE-2016-6133.json index e0d85f42469..6bd654a651f 100644 --- a/2016/6xxx/CVE-2016-6133.json +++ b/2016/6xxx/CVE-2016-6133.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6133", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Ektron Content Management System before 9.1.0.184SP3(9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6133", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20170619 Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/540742/100/0/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Ektron Content Management System before 9.1.0.184SP3(9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20170619 Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/540742/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7446.json b/2016/7xxx/CVE-2016-7446.json index a19bc997f2f..974ab8345fa 100644 --- a/2016/7xxx/CVE-2016-7446.json +++ b/2016/7xxx/CVE-2016-7446.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/18/8" - }, - { - "name" : "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1374233", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1374233" - }, - { - "name" : "openSUSE-SU-2016:2641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html" - }, - { - "name" : "openSUSE-SU-2016:2644", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00097.html" - }, - { - "name" : "93074", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93074" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1374233", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374233" + }, + { + "name": "openSUSE-SU-2016:2641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00094.html" + }, + { + "name": "93074", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93074" + }, + { + "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html" + }, + { + "name": "openSUSE-SU-2016:2644", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00097.html" + }, + { + "name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/18/8" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7505.json b/2016/7xxx/CVE-2016-7505.json index 2e6c6c5ca0f..59b6967b712 100644 --- a/2016/7xxx/CVE-2016-7505.json +++ b/2016/7xxx/CVE-2016-7505.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7505", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.ghostscript.com/show_bug.cgi?id=697140", - "refsource" : "CONFIRM", - "url" : "http://bugs.ghostscript.com/show_bug.cgi?id=697140" - }, - { - "name" : "94231", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94231", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94231" + }, + { + "name": "http://bugs.ghostscript.com/show_bug.cgi?id=697140", + "refsource": "CONFIRM", + "url": "http://bugs.ghostscript.com/show_bug.cgi?id=697140" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8362.json b/2016/8xxx/CVE-2016-8362.json index 2662eef8743..6a089d28728 100644 --- a/2016/8xxx/CVE-2016-8362.json +++ b/2016/8xxx/CVE-2016-8362.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2016-8362", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Moxa OnCell", - "version" : { - "version_data" : [ - { - "version_value" : "Moxa OnCell" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. Any user is able to download log files by accessing a specific URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Moxa OnCell Security forceful browsing" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-8362", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Moxa OnCell", + "version": { + "version_data": [ + { + "version_value": "Moxa OnCell" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01" - }, - { - "name" : "94092", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. Any user is able to download log files by accessing a specific URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Moxa OnCell Security forceful browsing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01" + }, + { + "name": "94092", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94092" + } + ] + } +} \ No newline at end of file