diff --git a/2005/0xxx/CVE-2005-0193.json b/2005/0xxx/CVE-2005-0193.json index cec110b1923..2652e545381 100644 --- a/2005/0xxx/CVE-2005-0193.json +++ b/2005/0xxx/CVE-2005-0193.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0193", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0193", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050122 Mac OS X 10.3 iSync Privilege Escalation", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110642400018425&w=2" - }, - { - "name" : "APPLE-SA-2005-04-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Apr/msg00001.html" - }, - { - "name" : "12334", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12334" - }, - { - "name" : "1012974", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1012974" - }, - { - "name" : "13965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13965" - }, - { - "name" : "isync-mrouter-bo(19011)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2005-04-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Apr/msg00001.html" + }, + { + "name": "13965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13965" + }, + { + "name": "12334", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12334" + }, + { + "name": "1012974", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1012974" + }, + { + "name": "20050122 Mac OS X 10.3 iSync Privilege Escalation", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110642400018425&w=2" + }, + { + "name": "isync-mrouter-bo(19011)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19011" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0459.json b/2005/0xxx/CVE-2005-0459.json index 0d1cb5a287c..fe04d06c84a 100644 --- a/2005/0xxx/CVE-2005-0459.json +++ b/2005/0xxx/CVE-2005-0459.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0459", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1013210", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1013210" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1013210", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1013210" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0953.json b/2005/0xxx/CVE-2005-0953.json index 17451f70009..11123b7e28a 100644 --- a/2005/0xxx/CVE-2005-0953.json +++ b/2005/0xxx/CVE-2005-0953.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0953", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0953", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050330 bzip2 TOCTOU file-permissions vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111229375217633&w=2" - }, - { - "name" : "20070109 rPSA-2007-0004-1 bzip2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456430/30/8730/threaded" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "DSA-730", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-730" - }, - { - "name" : "FLSA:158801", - "refsource" : "FEDORA", - "url" : "http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html" - }, - { - "name" : "MDKSA-2006:026", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:026" - }, - { - "name" : "NetBSD-SA2008-004", - "refsource" : "NETBSD", - "url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-004.txt.asc" - }, - { - "name" : "OpenPKG-SA-2007.002", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.002.html" - }, - { - "name" : "RHSA-2005:474", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-474.html" - }, - { - "name" : "20060301-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc" - }, - { - "name" : "103118", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103118-1" - }, - { - "name" : "200191", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200191-1" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "12954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12954" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "oval:org.mitre.oval:def:10902", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10902" - }, - { - "name" : "ADV-2007-3525", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3525" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "oval:org.mitre.oval:def:1154", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1154" - }, - { - "name" : "19183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19183" - }, - { - "name" : "27274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27274" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "29940", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29940" - }, - { - "name" : "bzip2-toctou-symlink(19926)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:1154", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1154" + }, + { + "name": "FLSA:158801", + "refsource": "FEDORA", + "url": "http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html" + }, + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "NetBSD-SA2008-004", + "refsource": "NETBSD", + "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-004.txt.asc" + }, + { + "name": "bzip2-toctou-symlink(19926)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19926" + }, + { + "name": "DSA-730", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-730" + }, + { + "name": "OpenPKG-SA-2007.002", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.002.html" + }, + { + "name": "oval:org.mitre.oval:def:10902", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10902" + }, + { + "name": "27274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27274" + }, + { + "name": "20070109 rPSA-2007-0004-1 bzip2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456430/30/8730/threaded" + }, + { + "name": "200191", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200191-1" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "ADV-2007-3525", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3525" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "29940", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29940" + }, + { + "name": "20060301-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "12954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12954" + }, + { + "name": "19183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19183" + }, + { + "name": "MDKSA-2006:026", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:026" + }, + { + "name": "RHSA-2005:474", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-474.html" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + }, + { + "name": "20050330 bzip2 TOCTOU file-permissions vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111229375217633&w=2" + }, + { + "name": "103118", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103118-1" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0981.json b/2005/0xxx/CVE-2005-0981.json index b36b686a314..360cb24813b 100644 --- a/2005/0xxx/CVE-2005-0981.json +++ b/2005/0xxx/CVE-2005-0981.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0981", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0981", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050402 AlstraSoft EPay Pro v2.0 has file include and multiple xss", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111247198021626&w=2" - }, - { - "name" : "12974", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12974" - }, - { - "name" : "14802", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/14802" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14802", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/14802" + }, + { + "name": "20050402 AlstraSoft EPay Pro v2.0 has file include and multiple xss", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111247198021626&w=2" + }, + { + "name": "12974", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12974" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1256.json b/2005/1xxx/CVE-2005-1256.json index 5ed13bc0a11..b675a3aaf5a 100644 --- a/2005/1xxx/CVE-2005-1256.json +++ b/2005/1xxx/CVE-2005-1256.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1256", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1256", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities" - }, - { - "name" : "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html", - "refsource" : "CONFIRM", - "url" : "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html" - }, - { - "name" : "13727", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13727" - }, - { - "name" : "1014047", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014047" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html", + "refsource": "CONFIRM", + "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html" + }, + { + "name": "13727", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13727" + }, + { + "name": "1014047", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014047" + }, + { + "name": "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1719.json b/2005/1xxx/CVE-2005-1719.json index d005fb84a68..1c0206a45fd 100644 --- a/2005/1xxx/CVE-2005-1719.json +++ b/2005/1xxx/CVE-2005-1719.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1719", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain viruses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1719", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.avast.com/eng/av4_revision_history.html", - "refsource" : "MISC", - "url" : "http://www.avast.com/eng/av4_revision_history.html" - }, - { - "name" : "1013991", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1013991" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain viruses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1013991", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1013991" + }, + { + "name": "http://www.avast.com/eng/av4_revision_history.html", + "refsource": "MISC", + "url": "http://www.avast.com/eng/av4_revision_history.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3273.json b/2005/3xxx/CVE-2005-3273.json index 2400a5270e2..78e1c5a1fc5 100644 --- a/2005/3xxx/CVE-2005-3273.json +++ b/2005/3xxx/CVE-2005-3273.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3273", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3273", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://linux.bkbits.net:8080/linux-2.4/cset@41e2cf515TpixcVQ8q8HvQvCv9E6zA", - "refsource" : "CONFIRM", - "url" : "http://linux.bkbits.net:8080/linux-2.4/cset@41e2cf515TpixcVQ8q8HvQvCv9E6zA" - }, - { - "name" : "http://linux.bkbits.net:8080/linux-2.6/cset@423114bcdthRtmtdS6MsZiBVvteGCg", - "refsource" : "CONFIRM", - "url" : "http://linux.bkbits.net:8080/linux-2.6/cset@423114bcdthRtmtdS6MsZiBVvteGCg" - }, - { - "name" : "http://lkml.org/lkml/2005/5/23/169", - "refsource" : "CONFIRM", - "url" : "http://lkml.org/lkml/2005/5/23/169" - }, - { - "name" : "DSA-922", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-922" - }, - { - "name" : "FLSA:157459-1", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/428028/100/0/threaded" - }, - { - "name" : "MDKSA-2005:218", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" - }, - { - "name" : "MDKSA-2005:219", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" - }, - { - "name" : "MDKSA-2005:220", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220" - }, - { - "name" : "RHSA-2005:663", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-663.html" - }, - { - "name" : "RHSA-2006:0579", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0579.html" - }, - { - "name" : "RHSA-2006:0580", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0580.html" - }, - { - "name" : "USN-219-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/219-1/" - }, - { - "name" : "13886", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13886" - }, - { - "name" : "oval:org.mitre.oval:def:9552", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9552" - }, - { - "name" : "1014115", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014115" - }, - { - "name" : "18056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18056" - }, - { - "name" : "17826", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17826" - }, - { - "name" : "21035", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18056" + }, + { + "name": "http://linux.bkbits.net:8080/linux-2.6/cset@423114bcdthRtmtdS6MsZiBVvteGCg", + "refsource": "CONFIRM", + "url": "http://linux.bkbits.net:8080/linux-2.6/cset@423114bcdthRtmtdS6MsZiBVvteGCg" + }, + { + "name": "1014115", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014115" + }, + { + "name": "MDKSA-2005:220", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220" + }, + { + "name": "RHSA-2006:0579", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html" + }, + { + "name": "http://lkml.org/lkml/2005/5/23/169", + "refsource": "CONFIRM", + "url": "http://lkml.org/lkml/2005/5/23/169" + }, + { + "name": "21035", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21035" + }, + { + "name": "DSA-922", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-922" + }, + { + "name": "USN-219-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/219-1/" + }, + { + "name": "http://linux.bkbits.net:8080/linux-2.4/cset@41e2cf515TpixcVQ8q8HvQvCv9E6zA", + "refsource": "CONFIRM", + "url": "http://linux.bkbits.net:8080/linux-2.4/cset@41e2cf515TpixcVQ8q8HvQvCv9E6zA" + }, + { + "name": "RHSA-2006:0580", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html" + }, + { + "name": "MDKSA-2005:218", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" + }, + { + "name": "FLSA:157459-1", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" + }, + { + "name": "17826", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17826" + }, + { + "name": "oval:org.mitre.oval:def:9552", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9552" + }, + { + "name": "RHSA-2005:663", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-663.html" + }, + { + "name": "MDKSA-2005:219", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" + }, + { + "name": "13886", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13886" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3277.json b/2005/3xxx/CVE-2005-3277.json index e04e0c8d56a..e291752bb53 100644 --- a/2005/3xxx/CVE-2005-3277.json +++ b/2005/3xxx/CVE-2005-3277.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters (\"`\" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.frsirt.com/exploits/20051019.hpux_lpd_exec.pm.php", - "refsource" : "MISC", - "url" : "http://www.frsirt.com/exploits/20051019.hpux_lpd_exec.pm.php" - }, - { - "name" : "http://archives.neohapsis.com/archives/hp/2002-q3/0064.html", - "refsource" : "MISC", - "url" : "http://archives.neohapsis.com/archives/hp/2002-q3/0064.html" - }, - { - "name" : "15136", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters (\"`\" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.frsirt.com/exploits/20051019.hpux_lpd_exec.pm.php", + "refsource": "MISC", + "url": "http://www.frsirt.com/exploits/20051019.hpux_lpd_exec.pm.php" + }, + { + "name": "http://archives.neohapsis.com/archives/hp/2002-q3/0064.html", + "refsource": "MISC", + "url": "http://archives.neohapsis.com/archives/hp/2002-q3/0064.html" + }, + { + "name": "15136", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15136" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3556.json b/2005/3xxx/CVE-2005-3556.json index a35a6c6a120..eafb0b670a8 100644 --- a/2005/3xxx/CVE-2005-3556.json +++ b/2005/3xxx/CVE-2005-3556.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, and (10) action parameter in (h) admin/fckphplist.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051107 [TKADV2005-11-001] Multiple vulnerabilities in PHPlist", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/416005/30/0/threaded" - }, - { - "name" : "http://www.trapkit.de/advisories/TKADV2005-11-001.txt", - "refsource" : "MISC", - "url" : "http://www.trapkit.de/advisories/TKADV2005-11-001.txt" - }, - { - "name" : "15350", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15350" - }, - { - "name" : "ADV-2005-2345", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2345" - }, - { - "name" : "20570", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20570" - }, - { - "name" : "20571", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20571" - }, - { - "name" : "20572", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20572" - }, - { - "name" : "20573", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20573" - }, - { - "name" : "20574", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20574" - }, - { - "name" : "20575", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20575" - }, - { - "name" : "20576", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/20576" - }, - { - "name" : "17476", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17476" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, and (10) action parameter in (h) admin/fckphplist.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.trapkit.de/advisories/TKADV2005-11-001.txt", + "refsource": "MISC", + "url": "http://www.trapkit.de/advisories/TKADV2005-11-001.txt" + }, + { + "name": "20574", + "refsource": "OSVDB", + "url": "http://osvdb.org/20574" + }, + { + "name": "20051107 [TKADV2005-11-001] Multiple vulnerabilities in PHPlist", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/416005/30/0/threaded" + }, + { + "name": "20573", + "refsource": "OSVDB", + "url": "http://osvdb.org/20573" + }, + { + "name": "ADV-2005-2345", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2345" + }, + { + "name": "17476", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17476" + }, + { + "name": "15350", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15350" + }, + { + "name": "20572", + "refsource": "OSVDB", + "url": "http://osvdb.org/20572" + }, + { + "name": "20570", + "refsource": "OSVDB", + "url": "http://osvdb.org/20570" + }, + { + "name": "20571", + "refsource": "OSVDB", + "url": "http://osvdb.org/20571" + }, + { + "name": "20576", + "refsource": "OSVDB", + "url": "http://osvdb.org/20576" + }, + { + "name": "20575", + "refsource": "OSVDB", + "url": "http://osvdb.org/20575" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3904.json b/2005/3xxx/CVE-2005-3904.json index 820685ea53d..3af4ae90086 100644 --- a/2005/3xxx/CVE-2005-3904.json +++ b/2005/3xxx/CVE-2005-3904.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-11-30", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html" - }, - { - "name" : "102017", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102017-1" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21225628", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21225628" - }, - { - "name" : "VU#931684", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/931684" - }, - { - "name" : "15615", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15615" - }, - { - "name" : "ADV-2005-2636", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2636" - }, - { - "name" : "ADV-2005-2946", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2946" - }, - { - "name" : "ADV-2005-2675", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2675" - }, - { - "name" : "1015281", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015281" - }, - { - "name" : "17748", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17748" - }, - { - "name" : "17847", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17847" - }, - { - "name" : "18092", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18092" - }, - { - "name" : "18503", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18503" - }, - { - "name" : "sun-jmx-elevate-privileges(23252)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23252" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17847", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17847" + }, + { + "name": "18503", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18503" + }, + { + "name": "15615", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15615" + }, + { + "name": "ADV-2005-2946", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2946" + }, + { + "name": "ADV-2005-2675", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2675" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21225628", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21225628" + }, + { + "name": "ADV-2005-2636", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2636" + }, + { + "name": "102017", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102017-1" + }, + { + "name": "VU#931684", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/931684" + }, + { + "name": "APPLE-SA-2005-11-30", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html" + }, + { + "name": "1015281", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015281" + }, + { + "name": "sun-jmx-elevate-privileges(23252)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23252" + }, + { + "name": "17748", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17748" + }, + { + "name": "18092", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18092" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4123.json b/2005/4xxx/CVE-2005-4123.json index 2b2fd111508..fa6ce8f99e7 100644 --- a/2005/4xxx/CVE-2005-4123.json +++ b/2005/4xxx/CVE-2005-4123.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4123", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2005-4123", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4397.json b/2005/4xxx/CVE-2005-4397.json index 66142ea7843..251b28eac78 100644 --- a/2005/4xxx/CVE-2005-4397.json +++ b/2005/4xxx/CVE-2005-4397.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "21810", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21810" - }, - { - "name" : "18085", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18085" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18085", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18085" + }, + { + "name": "21810", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21810" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4518.json b/2005/4xxx/CVE-2005-4518.json index 3c55ea49384..c8023cc9ee1 100644 --- a/2005/4xxx/CVE-2005-4518.json +++ b/2005/4xxx/CVE-2005-4518.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_page.php, and (4) proj_doc_add_page.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.trapkit.de/advisories/TKADV2005-11-002.txt", - "refsource" : "MISC", - "url" : "http://www.trapkit.de/advisories/TKADV2005-11-002.txt" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=377932&group_id=14963", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=377932&group_id=14963" - }, - { - "name" : "DSA-944", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-944" - }, - { - "name" : "GLSA-200512-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200512-12.xml" - }, - { - "name" : "16046", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16046/" - }, - { - "name" : "ADV-2005-3064", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/3064" - }, - { - "name" : "22056", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22056" - }, - { - "name" : "18181", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18181/" - }, - { - "name" : "18221", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18221" - }, - { - "name" : "18481", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18481" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_page.php, and (4) proj_doc_add_page.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18481", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18481" + }, + { + "name": "22056", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22056" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=377932&group_id=14963", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=377932&group_id=14963" + }, + { + "name": "16046", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16046/" + }, + { + "name": "18181", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18181/" + }, + { + "name": "ADV-2005-3064", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/3064" + }, + { + "name": "18221", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18221" + }, + { + "name": "GLSA-200512-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-12.xml" + }, + { + "name": "http://www.trapkit.de/advisories/TKADV2005-11-002.txt", + "refsource": "MISC", + "url": "http://www.trapkit.de/advisories/TKADV2005-11-002.txt" + }, + { + "name": "DSA-944", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-944" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0080.json b/2009/0xxx/CVE-2009-0080.json index 33060639fd2..aa5a46ffdea 100644 --- a/2009/0xxx/CVE-2009-0080.json +++ b/2009/0xxx/CVE-2009-0080.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0080", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2009-0080", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS09-012", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012" - }, - { - "name" : "TA09-104A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" - }, - { - "name" : "53668", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/53668" - }, - { - "name" : "oval:org.mitre.oval:def:6177", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177" - }, - { - "name" : "1022044", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022044" - }, - { - "name" : "ADV-2009-1026", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1026" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1022044", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022044" + }, + { + "name": "TA09-104A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" + }, + { + "name": "MS09-012", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012" + }, + { + "name": "ADV-2009-1026", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1026" + }, + { + "name": "53668", + "refsource": "OSVDB", + "url": "http://osvdb.org/53668" + }, + { + "name": "oval:org.mitre.oval:def:6177", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0173.json b/2009/0xxx/CVE-2009-0173.json index 3a99602e569..39f1a938d27 100644 --- a/2009/0xxx/CVE-2009-0173.json +++ b/2009/0xxx/CVE-2009-0173.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21363936", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21363936" - }, - { - "name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT" - }, - { - "name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT" - }, - { - "name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT" - }, - { - "name" : "IZ39373", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373" - }, - { - "name" : "IZ39653", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653" - }, - { - "name" : "IZ39652", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652" - }, - { - "name" : "33258", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33258" - }, - { - "name" : "ADV-2009-0137", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0137" - }, - { - "name" : "1021591", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1021591" - }, - { - "name" : "33529", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33529" - }, - { - "name" : "ibm-db2-datastream-dos(47934)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT", + "refsource": "CONFIRM", + "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT" + }, + { + "name": "1021591", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1021591" + }, + { + "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT", + "refsource": "CONFIRM", + "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT" + }, + { + "name": "IZ39652", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652" + }, + { + "name": "IZ39373", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373" + }, + { + "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT", + "refsource": "CONFIRM", + "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT" + }, + { + "name": "ibm-db2-datastream-dos(47934)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934" + }, + { + "name": "IZ39653", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653" + }, + { + "name": "33529", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33529" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936" + }, + { + "name": "ADV-2009-0137", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0137" + }, + { + "name": "33258", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33258" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0390.json b/2009/0xxx/CVE-2009-0390.json index 8c9757caa31..c9a6e1155a1 100644 --- a/2009/0xxx/CVE-2009-0390.json +++ b/2009/0xxx/CVE-2009-0390.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0390", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0390", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090130 CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/500573/100/0/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20090130 CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/500573/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0905.json b/2009/0xxx/CVE-2009-0905.json index c4f0212db86..0d5f06ffc74 100644 --- a/2009/0xxx/CVE-2009-0905.json +++ b/2009/0xxx/CVE-2009-0905.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0905", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "IZ37102", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg1IZ37102" - }, - { - "name" : "websphere-mq-group-weak-security(51042)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51042" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "websphere-mq-group-weak-security(51042)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51042" + }, + { + "name": "IZ37102", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ37102" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1817.json b/2009/1xxx/CVE-2009-1817.json index 98af478d6aa..a877ef2c351 100644 --- a/2009/1xxx/CVE-2009-1817.json +++ b/2009/1xxx/CVE-2009-1817.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1817", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1817", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8677", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8677" - }, - { - "name" : "34960", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34960" - }, - { - "name" : "digimode-m3u-m3l-bo(50533)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50533" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "8677", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8677" + }, + { + "name": "34960", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34960" + }, + { + "name": "digimode-m3u-m3l-bo(50533)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50533" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3162.json b/2009/3xxx/CVE-2009-3162.json index 44ec8ecd139..1a8330a15df 100644 --- a/2009/3xxx/CVE-2009-3162.json +++ b/2009/3xxx/CVE-2009-3162.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3162", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to the default URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3162", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0908-exploits/multiwebsite-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0908-exploits/multiwebsite-xss.txt" - }, - { - "name" : "36107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36107" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to the default URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/0908-exploits/multiwebsite-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0908-exploits/multiwebsite-xss.txt" + }, + { + "name": "36107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36107" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3761.json b/2009/3xxx/CVE-2009-3761.json index 6d7344ba76e..b2798040410 100644 --- a/2009/3xxx/CVE-2009-3761.json +++ b/2009/3xxx/CVE-2009-3761.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3761", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3761", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3988.json b/2009/3xxx/CVE-2009-3988.json index 535aa2fa1c7..ace925dc926 100644 --- a/2009/3xxx/CVE-2009-3988.json +++ b/2009/3xxx/CVE-2009-3988.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3988", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3988", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=504862", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=504862" - }, - { - "name" : "DSA-1999", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-1999" - }, - { - "name" : "FEDORA-2010-1727", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html" - }, - { - "name" : "FEDORA-2010-1932", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html" - }, - { - "name" : "FEDORA-2010-1936", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html" - }, - { - "name" : "MDVSA-2010:042", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:042" - }, - { - "name" : "RHSA-2010:0112", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0112.html" - }, - { - "name" : "SUSE-SA:2010:015", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html" - }, - { - "name" : "USN-895-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-895-1" - }, - { - "name" : "USN-896-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-896-1" - }, - { - "name" : "oval:org.mitre.oval:def:8355", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8355" - }, - { - "name" : "oval:org.mitre.oval:def:9384", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9384" - }, - { - "name" : "37242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37242" - }, - { - "name" : "38847", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38847" - }, - { - "name" : "ADV-2010-0405", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0405" - }, - { - "name" : "mozilla-showmodaldialog-xss(56362)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-895-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-895-1" + }, + { + "name": "38847", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38847" + }, + { + "name": "SUSE-SA:2010:015", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html" + }, + { + "name": "MDVSA-2010:042", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:042" + }, + { + "name": "FEDORA-2010-1936", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html" + }, + { + "name": "RHSA-2010:0112", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0112.html" + }, + { + "name": "FEDORA-2010-1932", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html" + }, + { + "name": "oval:org.mitre.oval:def:8355", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8355" + }, + { + "name": "DSA-1999", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-1999" + }, + { + "name": "FEDORA-2010-1727", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html" + }, + { + "name": "mozilla-showmodaldialog-xss(56362)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56362" + }, + { + "name": "USN-896-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-896-1" + }, + { + "name": "ADV-2010-0405", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0405" + }, + { + "name": "37242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37242" + }, + { + "name": "oval:org.mitre.oval:def:9384", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9384" + }, + { + "name": "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=504862", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=504862" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4461.json b/2009/4xxx/CVE-2009-4461.json index 21c9ef719c4..b32876a7d44 100644 --- a/2009/4xxx/CVE-2009-4461.json +++ b/2009/4xxx/CVE-2009-4461.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4461", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) search.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4461", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "10688", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/10688" - }, - { - "name" : "37471", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37471" - }, - { - "name" : "37938", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37938" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) search.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37938", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37938" + }, + { + "name": "37471", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37471" + }, + { + "name": "10688", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/10688" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2198.json b/2012/2xxx/CVE-2012-2198.json index e0ce4a71ab2..1886652bcb8 100644 --- a/2012/2xxx/CVE-2012-2198.json +++ b/2012/2xxx/CVE-2012-2198.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2198", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-2198", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2645.json b/2012/2xxx/CVE-2012-2645.json index 3da1952e303..aa2ca249f25 100644 --- a/2012/2xxx/CVE-2012-2645.json +++ b/2012/2xxx/CVE-2012-2645.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2645", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2012-2645", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://play.google.com/store/apps/details?id=jp.co.yahoo.android.ybrowser", - "refsource" : "MISC", - "url" : "https://play.google.com/store/apps/details?id=jp.co.yahoo.android.ybrowser" - }, - { - "name" : "JVN#46088915", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN46088915/index.html" - }, - { - "name" : "JVNDB-2012-000070", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000070" - }, - { - "name" : "54488", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54488" - }, - { - "name" : "49905", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49905" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "49905", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49905" + }, + { + "name": "54488", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54488" + }, + { + "name": "JVNDB-2012-000070", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000070" + }, + { + "name": "https://play.google.com/store/apps/details?id=jp.co.yahoo.android.ybrowser", + "refsource": "MISC", + "url": "https://play.google.com/store/apps/details?id=jp.co.yahoo.android.ybrowser" + }, + { + "name": "JVN#46088915", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN46088915/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2880.json b/2012/2xxx/CVE-2012-2880.json index 25359b4c29c..758db205378 100644 --- a/2012/2xxx/CVE-2012-2880.json +++ b/2012/2xxx/CVE-2012-2880.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2880", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2012-2880", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=139462", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=139462" - }, - { - "name" : "openSUSE-SU-2012:1376", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html" - }, - { - "name" : "oval:org.mitre.oval:def:15776", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15776" - }, - { - "name" : "google-chrome-cve20122880(78838)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78838" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:15776", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15776" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=139462", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=139462" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html" + }, + { + "name": "openSUSE-SU-2012:1376", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html" + }, + { + "name": "google-chrome-cve20122880(78838)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78838" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2965.json b/2012/2xxx/CVE-2012-2965.json index 04d29a1cdd3..5a48849bd6d 100644 --- a/2012/2xxx/CVE-2012-2965.json +++ b/2012/2xxx/CVE-2012-2965.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2965", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an \"HTTP Parameter Contamination\" issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2012-2965", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://caucho.com/resin-4.0/changes/changes.xtp", - "refsource" : "MISC", - "url" : "http://caucho.com/resin-4.0/changes/changes.xtp" - }, - { - "name" : "http://en.securitylab.ru/lab/", - "refsource" : "MISC", - "url" : "http://en.securitylab.ru/lab/" - }, - { - "name" : "http://en.securitylab.ru/lab/PT-2012-05", - "refsource" : "MISC", - "url" : "http://en.securitylab.ru/lab/PT-2012-05" - }, - { - "name" : "VU#309979", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/309979" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an \"HTTP Parameter Contamination\" issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#309979", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/309979" + }, + { + "name": "http://en.securitylab.ru/lab/", + "refsource": "MISC", + "url": "http://en.securitylab.ru/lab/" + }, + { + "name": "http://en.securitylab.ru/lab/PT-2012-05", + "refsource": "MISC", + "url": "http://en.securitylab.ru/lab/PT-2012-05" + }, + { + "name": "http://caucho.com/resin-4.0/changes/changes.xtp", + "refsource": "MISC", + "url": "http://caucho.com/resin-4.0/changes/changes.xtp" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6206.json b/2012/6xxx/CVE-2012-6206.json index 6718c2d98da..06e6ca9bb1a 100644 --- a/2012/6xxx/CVE-2012-6206.json +++ b/2012/6xxx/CVE-2012-6206.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6206", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-6206", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0841.json b/2015/0xxx/CVE-2015-0841.json index bf1f7521cba..9977e5d387f 100644 --- a/2015/0xxx/CVE-2015-0841.json +++ b/2015/0xxx/CVE-2015-0841.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0841", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-0841", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5148.json b/2015/5xxx/CVE-2015-5148.json index a1ba7813dfa..58926630d20 100644 --- a/2015/5xxx/CVE-2015-5148.json +++ b/2015/5xxx/CVE-2015-5148.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-5148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37325", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37325/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37325", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37325/" + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5498.json b/2015/5xxx/CVE-2015-5498.json index 2c7d8fa5a72..4509557f9c9 100644 --- a/2015/5xxx/CVE-2015-5498.json +++ b/2015/5xxx/CVE-2015-5498.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for the shipments overview (admin/shipwire/shipments), which allows remote attackers to obtain sensitive information via a request to the page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-5498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/07/04/4" - }, - { - "name" : "https://www.drupal.org/node/2492243", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2492243" - }, - { - "name" : "https://www.drupal.org/node/2487580", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2487580" - }, - { - "name" : "74757", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74757" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for the shipments overview (admin/shipwire/shipments), which allows remote attackers to obtain sensitive information via a request to the page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2492243", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2492243" + }, + { + "name": "https://www.drupal.org/node/2487580", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2487580" + }, + { + "name": "74757", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74757" + }, + { + "name": "[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/07/04/4" + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5628.json b/2015/5xxx/CVE-2015-5628.json index 477f02f9e41..0184fed413a 100644 --- a/2015/5xxx/CVE-2015-5628.json +++ b/2015/5xxx/CVE-2015-5628.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5628", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-5628", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5702.json b/2015/5xxx/CVE-2015-5702.json index 9b11789b06e..1bb2d5d63b9 100644 --- a/2015/5xxx/CVE-2015-5702.json +++ b/2015/5xxx/CVE-2015-5702.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5702", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-5702", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5968.json b/2015/5xxx/CVE-2015-5968.json index e2cadb2cbfe..691a6101040 100644 --- a/2015/5xxx/CVE-2015-5968.json +++ b/2015/5xxx/CVE-2015-5968.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5968", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2015-5968", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.novell.com/support/kb/doc.php?id=7017078", - "refsource" : "CONFIRM", - "url" : "https://www.novell.com/support/kb/doc.php?id=7017078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.novell.com/support/kb/doc.php?id=7017078", + "refsource": "CONFIRM", + "url": "https://www.novell.com/support/kb/doc.php?id=7017078" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11497.json b/2018/11xxx/CVE-2018-11497.json index 62f040bc016..7c30a2203d3 100644 --- a/2018/11xxx/CVE-2018-11497.json +++ b/2018/11xxx/CVE-2018-11497.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11497", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11497", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11517.json b/2018/11xxx/CVE-2018-11517.json index fb15916c419..f9563afcf2e 100644 --- a/2018/11xxx/CVE-2018-11517.json +++ b/2018/11xxx/CVE-2018-11517.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure", - "refsource" : "MISC", - "url" : "https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure" - }, - { - "name" : "https://www.emreovunc.com/blog/en/mypro_enum_projectid.rb", - "refsource" : "MISC", - "url" : "https://www.emreovunc.com/blog/en/mypro_enum_projectid.rb" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.emreovunc.com/blog/en/mypro_enum_projectid.rb", + "refsource": "MISC", + "url": "https://www.emreovunc.com/blog/en/mypro_enum_projectid.rb" + }, + { + "name": "https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure", + "refsource": "MISC", + "url": "https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11606.json b/2018/11xxx/CVE-2018-11606.json index fa9ff9aa51c..026f14968ec 100644 --- a/2018/11xxx/CVE-2018-11606.json +++ b/2018/11xxx/CVE-2018-11606.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11606", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11606", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11758.json b/2018/11xxx/CVE-2018-11758.json index 46b1e864172..9fa2f09c4a8 100644 --- a/2018/11xxx/CVE-2018-11758.json +++ b/2018/11xxx/CVE-2018-11758.json @@ -1,74 +1,74 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2018-08-22T00:00:00", - "ID" : "CVE-2018-11758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache Cayenne", - "version" : { - "version_data" : [ - { - "version_value" : "4.1.M1" - }, - { - "version_value" : "3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1" - }, - { - "version_value" : "3.1, 3.1.1, 3.1.2" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "DATE_PUBLIC": "2018-08-22T00:00:00", + "ID": "CVE-2018-11758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Cayenne", + "version": { + "version_data": [ + { + "version_value": "4.1.M1" + }, + { + "version_value": "3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1" + }, + { + "version_value": "3.1, 3.1.1, 3.1.2" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool", - "refsource" : "MLIST", - "url" : "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c@%3Cuser.cayenne.apache.org%3E" - }, - { - "name" : "105142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105142" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool", + "refsource": "MLIST", + "url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c@%3Cuser.cayenne.apache.org%3E" + }, + { + "name": "105142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105142" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11764.json b/2018/11xxx/CVE-2018-11764.json index 399f14ae2f4..80768240f35 100644 --- a/2018/11xxx/CVE-2018-11764.json +++ b/2018/11xxx/CVE-2018-11764.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11764", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11764", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3312.json b/2018/3xxx/CVE-2018-3312.json index 0f32de692e7..c8f32d55715 100644 --- a/2018/3xxx/CVE-2018-3312.json +++ b/2018/3xxx/CVE-2018-3312.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3312", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3312", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3489.json b/2018/3xxx/CVE-2018-3489.json index 25d55f51dfd..64bcf4fd612 100644 --- a/2018/3xxx/CVE-2018-3489.json +++ b/2018/3xxx/CVE-2018-3489.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3489", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3489", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3499.json b/2018/3xxx/CVE-2018-3499.json index 7bf13148912..c341a9d781e 100644 --- a/2018/3xxx/CVE-2018-3499.json +++ b/2018/3xxx/CVE-2018-3499.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3499", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3499", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3648.json b/2018/3xxx/CVE-2018-3648.json index 31472334e5f..c07b5059221 100644 --- a/2018/3xxx/CVE-2018-3648.json +++ b/2018/3xxx/CVE-2018-3648.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3648", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3648", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3649.json b/2018/3xxx/CVE-2018-3649.json index c44cfed7949..26b57aca87a 100644 --- a/2018/3xxx/CVE-2018-3649.json +++ b/2018/3xxx/CVE-2018-3649.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2018-05-02T00:00:00", - "ID" : "CVE-2018-3649", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products", - "version" : { - "version_data" : [ - { - "version_value" : "Multiple versions (refer to public security advisory)" - } - ] - } - } - ] - }, - "vendor_name" : "Intel Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of Privilege" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2018-05-02T00:00:00", + "ID": "CVE-2018-3649", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products", + "version": { + "version_data": [ + { + "version_value": "Multiple versions (refer to public security advisory)" + } + ] + } + } + ] + }, + "vendor_name": "Intel Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00126.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00126.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00126.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00126.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7356.json b/2018/7xxx/CVE-2018-7356.json index b37ee75f513..923f855c416 100644 --- a/2018/7xxx/CVE-2018-7356.json +++ b/2018/7xxx/CVE-2018-7356.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@zte.com.cn", - "ID" : "CVE-2018-7356", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ZXR10 8905E", - "version" : { - "version_data" : [ - { - "affected" : "<=", - "version_value" : "V3.03.10.B23P2" - } - ] - } - } - ] - }, - "vendor_name" : "ZTE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "LOW", - "baseScore" : 5.6, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "NONE", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "TCP Initial Sequence Number (ISN) Reuse" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@zte.com.cn", + "ID": "CVE-2018-7356", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ZXR10 8905E", + "version": { + "version_data": [ + { + "affected": "<=", + "version_value": "V3.03.10.B23P2" + } + ] + } + } + ] + }, + "vendor_name": "ZTE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009783", - "refsource" : "CONFIRM", - "url" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009783" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "TCP Initial Sequence Number (ISN) Reuse" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009783", + "refsource": "CONFIRM", + "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009783" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7463.json b/2018/7xxx/CVE-2018-7463.json index 444e9115f61..7766e914fe2 100644 --- a/2018/7xxx/CVE-2018-7463.json +++ b/2018/7xxx/CVE-2018-7463.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7463", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in files.php in the \"files\" component in ASANHAMAYESH CMS 3.4.6 allows a remote attacker to execute arbitrary SQL commands via the \"id\" parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7463", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cxsecurity.com/issue/WLB-2018020278", - "refsource" : "MISC", - "url" : "https://cxsecurity.com/issue/WLB-2018020278" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in files.php in the \"files\" component in ASANHAMAYESH CMS 3.4.6 allows a remote attacker to execute arbitrary SQL commands via the \"id\" parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cxsecurity.com/issue/WLB-2018020278", + "refsource": "MISC", + "url": "https://cxsecurity.com/issue/WLB-2018020278" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7509.json b/2018/7xxx/CVE-2018-7509.json index 44990c8391e..ac33ff3efa0 100644 --- a/2018/7xxx/CVE-2018-7509.json +++ b/2018/7xxx/CVE-2018-7509.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2018-02-27T00:00:00", - "ID" : "CVE-2018-7509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Delta Electronics WPLSoft", - "version" : { - "version_data" : [ - { - "version_value" : "WPLSoft, Versions 2.45.0 and prior." - } - ] - } - } - ] - }, - "vendor_name" : "ICS-CERT" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "OUT-OF-BOUNDS WRITE CWE-787" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2018-02-27T00:00:00", + "ID": "CVE-2018-7509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Delta Electronics WPLSoft", + "version": { + "version_data": [ + { + "version_value": "WPLSoft, Versions 2.45.0 and prior." + } + ] + } + } + ] + }, + "vendor_name": "ICS-CERT" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02" - }, - { - "name" : "103179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103179" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "OUT-OF-BOUNDS WRITE CWE-787" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103179" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7912.json b/2018/7xxx/CVE-2018-7912.json index c9cd5efa1fc..aaab27d5bed 100644 --- a/2018/7xxx/CVE-2018-7912.json +++ b/2018/7xxx/CVE-2018-7912.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7912", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-7912", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8193.json b/2018/8xxx/CVE-2018-8193.json index 55e1af8f47c..aef7f2370dd 100644 --- a/2018/8xxx/CVE-2018-8193.json +++ b/2018/8xxx/CVE-2018-8193.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8193", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8193", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8599.json b/2018/8xxx/CVE-2018-8599.json index 551f2705007..deb7efcd0a6 100644 --- a/2018/8xxx/CVE-2018-8599.json +++ b/2018/8xxx/CVE-2018-8599.json @@ -1,158 +1,158 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2018-8599", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Visual Studio", - "version" : { - "version_data" : [ - { - "version_value" : "2015 Update 3" - }, - { - "version_value" : "2017" - }, - { - "version_value" : "2017 version 15.9" - } - ] - } - }, - { - "product_name" : "Windows Server 2019", - "version" : { - "version_data" : [ - { - "version_value" : "(Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows Server 2016", - "version" : { - "version_data" : [ - { - "version_value" : "(Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows 10", - "version" : { - "version_data" : [ - { - "version_value" : "32-bit Systems" - }, - { - "version_value" : "Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Version 1607 for x64-based Systems" - }, - { - "version_value" : "Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Version 1703 for x64-based Systems" - }, - { - "version_value" : "Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Version 1709 for ARM64-based Systems" - }, - { - "version_value" : "Version 1709 for x64-based Systems" - }, - { - "version_value" : "Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Version 1803 for x64-based Systems" - }, - { - "version_value" : "Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "Version 1809 for x64-based Systems" - }, - { - "version_value" : "x64-based Systems" - } - ] - } - }, - { - "product_name" : "Windows 10 Servers", - "version" : { - "version_data" : [ - { - "version_value" : "version 1709 (Server Core Installation)" - }, - { - "version_value" : "version 1803 (Server Core Installation)" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka \"Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability.\" This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of Privilege" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2018-8599", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_value": "2015 Update 3" + }, + { + "version_value": "2017" + }, + { + "version_value": "2017 version 15.9" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_value": "(Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_value": "(Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10", + "version": { + "version_data": [ + { + "version_value": "32-bit Systems" + }, + { + "version_value": "Version 1607 for 32-bit Systems" + }, + { + "version_value": "Version 1607 for x64-based Systems" + }, + { + "version_value": "Version 1703 for 32-bit Systems" + }, + { + "version_value": "Version 1703 for x64-based Systems" + }, + { + "version_value": "Version 1709 for 32-bit Systems" + }, + { + "version_value": "Version 1709 for ARM64-based Systems" + }, + { + "version_value": "Version 1709 for x64-based Systems" + }, + { + "version_value": "Version 1803 for 32-bit Systems" + }, + { + "version_value": "Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Version 1803 for x64-based Systems" + }, + { + "version_value": "Version 1809 for 32-bit Systems" + }, + { + "version_value": "Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Version 1809 for x64-based Systems" + }, + { + "version_value": "x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows 10 Servers", + "version": { + "version_data": [ + { + "version_value": "version 1709 (Server Core Installation)" + }, + { + "version_value": "version 1803 (Server Core Installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8599", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8599" - }, - { - "name" : "106094", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106094" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka \"Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability.\" This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8599", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8599" + }, + { + "name": "106094", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106094" + } + ] + } +} \ No newline at end of file