From bde540874643baf4b8cf8bded37b343dc6aac7e0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 19 Apr 2022 19:03:11 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/2xxx/CVE-2017-2775.json | 10 +++++----- 2017/2xxx/CVE-2017-2779.json | 12 ++++++------ 2017/2xxx/CVE-2017-2784.json | 10 +++++----- 2017/2xxx/CVE-2017-2785.json | 10 +++++----- 2018/3xxx/CVE-2018-3926.json | 10 +++++----- 2022/0xxx/CVE-2022-0492.json | 5 +++++ 2022/29xxx/CVE-2022-29072.json | 2 +- 7 files changed, 32 insertions(+), 27 deletions(-) diff --git a/2017/2xxx/CVE-2017-2775.json b/2017/2xxx/CVE-2017-2775.json index 646ada19023..e803510d9bf 100644 --- a/2017/2xxx/CVE-2017-2775.json +++ b/2017/2xxx/CVE-2017-2775.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "name": "97020", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97020" + }, { "name": "http://www.talosintelligence.com/reports/TALOS-2017-0269/", "refsource": "MISC", @@ -61,11 +66,6 @@ "name": "http://www.ni.com/product-documentation/53778/en/", "refsource": "CONFIRM", "url": "http://www.ni.com/product-documentation/53778/en/" - }, - { - "name": "97020", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/97020" } ] }, diff --git a/2017/2xxx/CVE-2017-2779.json b/2017/2xxx/CVE-2017-2779.json index e09fa0dd0e2..826caaceb59 100644 --- a/2017/2xxx/CVE-2017-2779.json +++ b/2017/2xxx/CVE-2017-2779.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument (VI) file can cause an attacker controlled looping condition resulting in an arbitrary null write. An attacker controlled VI file can be used to trigger this vulnerability and can potentially result in code execution." + "value": "An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument (VI) file can cause an attacker controlled looping condition resulting in an arbitrary null write. An attacker controlled VI file can be used to trigger this vulnerability and can potentially result in code execution." } ] }, @@ -53,16 +53,16 @@ }, "references": { "reference_data": [ - { - "name": "https://0patch.blogspot.com/2017/09/0patching-rsrc-arbitrary-null-write.html", - "refsource": "MISC", - "url": "https://0patch.blogspot.com/2017/09/0patching-rsrc-arbitrary-null-write.html" - }, { "name": "100519", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100519" }, + { + "name": "https://0patch.blogspot.com/2017/09/0patching-rsrc-arbitrary-null-write.html", + "refsource": "MISC", + "url": "https://0patch.blogspot.com/2017/09/0patching-rsrc-arbitrary-null-write.html" + }, { "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0273", "refsource": "MISC", diff --git a/2017/2xxx/CVE-2017-2784.json b/2017/2xxx/CVE-2017-2784.json index 21a87012fac..d89524f29b7 100644 --- a/2017/2xxx/CVE-2017-2784.json +++ b/2017/2xxx/CVE-2017-2784.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "name": "GLSA-201706-18", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201706-18" + }, { "name": "http://www.talosintelligence.com/reports/TALOS-2017-0274/", "refsource": "MISC", @@ -61,11 +66,6 @@ "name": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01", "refsource": "CONFIRM", "url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01" - }, - { - "name": "GLSA-201706-18", - "refsource": "GENTOO", - "url": "https://security.gentoo.org/glsa/201706-18" } ] }, diff --git a/2017/2xxx/CVE-2017-2785.json b/2017/2xxx/CVE-2017-2785.json index 74b214f23c1..51ea27ad89a 100644 --- a/2017/2xxx/CVE-2017-2785.json +++ b/2017/2xxx/CVE-2017-2785.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "http://www.talosintelligence.com/reports/TALOS-2017-0280/", - "refsource": "MISC", - "url": "http://www.talosintelligence.com/reports/TALOS-2017-0280/" - }, { "name": "96742", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96742" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2017-0280/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2017-0280/" } ] }, diff --git a/2018/3xxx/CVE-2018-3926.json b/2018/3xxx/CVE-2018-3926.json index d09674d388b..fcca7b36ac7 100644 --- a/2018/3xxx/CVE-2018-3926.json +++ b/2018/3xxx/CVE-2018-3926.json @@ -53,15 +53,15 @@ }, "references": { "reference_data": [ - { - "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0593", - "refsource": "MISC", - "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0593" - }, { "name": "105162", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105162" + }, + { + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0593", + "refsource": "MISC", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0593" } ] }, diff --git a/2022/0xxx/CVE-2022-0492.json b/2022/0xxx/CVE-2022-0492.json index 77bff31d5e2..ebcc44190af 100644 --- a/2022/0xxx/CVE-2022-0492.json +++ b/2022/0xxx/CVE-2022-0492.json @@ -78,6 +78,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html", "url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20220419-0002/", + "url": "https://security.netapp.com/advisory/ntap-20220419-0002/" } ] }, diff --git a/2022/29xxx/CVE-2022-29072.json b/2022/29xxx/CVE-2022-29072.json index 31b5e7a2f97..a3f1c33c44b 100644 --- a/2022/29xxx/CVE-2022-29072.json +++ b/2022/29xxx/CVE-2022-29072.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "** DISPUTED ** 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process, NOTE: multiple third parties have reported that no privilege escalation can occur." + "value": "7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process," } ] },