admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:31:33 +00:00
parent ec0e7f286f
commit c47b890a80
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 4245 additions and 4246 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

212
2005/0xxx/CVE-2005-0064.json
View File

@ -1,186 +1,186 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0064",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0064",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value."
"lang": "eng",
"value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow",
"refsource" : "IDEFENSE",
"url" : "http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities"
"name": "17277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17277"
},
{
"name" : "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
"name": "oval:org.mitre.oval:def:11781",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
},
{
"name" : "CLA-2005:921",
"refsource" : "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921"
"name": "RHSA-2005:066",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name" : "DSA-645",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-645"
"name": "RHSA-2005:034",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name" : "DSA-648",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-648"
"name": "MDKSA-2005:018",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
},
{
"name" : "FLSA:2352",
"refsource" : "FEDORA",
"url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
"name": "MDKSA-2005:017",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
},
{
"name" : "FLSA:2353",
"refsource" : "FEDORA",
"url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
"name": "MDKSA-2005:016",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
},
{
"name" : "GLSA-200502-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/200502-10"
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name" : "GLSA-200501-28",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/200501-28"
"name": "FLSA:2352",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
},
{
"name" : "MDKSA-2005:016",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
"name": "FLSA:2353",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name" : "MDKSA-2005:017",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
"name": "DSA-645",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-645"
},
{
"name" : "MDKSA-2005:018",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
"name": "GLSA-200502-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/200502-10"
},
{
"name" : "MDKSA-2005:019",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
"name": "RHSA-2005:026",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
},
{
"name" : "MDKSA-2005:020",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name" : "MDKSA-2005:021",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
"name": "MDKSA-2005:020",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
},
{
"name" : "RHSA-2005:034",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-034.html"
"name": "GLSA-200501-28",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/200501-28"
},
{
"name" : "RHSA-2005:053",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-053.html"
"name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities"
},
{
"name" : "RHSA-2005:057",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-057.html"
"name": "RHSA-2005:059",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-059.html"
},
{
"name" : "RHSA-2005:059",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-059.html"
"name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110625368019554&w=2"
},
{
"name" : "RHSA-2005:066",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-066.html"
"name": "SCOSA-2005.42",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
},
{
"name" : "RHSA-2005:026",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-026.html"
"name": "DSA-648",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-648"
},
{
"name" : "SCOSA-2005.42",
"refsource" : "SCO",
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
"name": "MDKSA-2005:021",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
},
{
"name" : "2005-0003",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2005/0003/"
"name": "CLA-2005:921",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921"
},
{
"name" : "20050119 [USN-64-1] xpdf, CUPS vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110625368019554&w=2"
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch",
"refsource": "CONFIRM",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
},
{
"name" : "oval:org.mitre.oval:def:11781",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
"name": "MDKSA-2005:019",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
},
{
"name" : "17277",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17277"
"name": "RHSA-2005:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
]
}

128
2005/0xxx/CVE-2005-0237.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0237",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-0237",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."
"lang": "eng",
"value": "The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050206 state of homograph attacks",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
"name": "http://www.shmoo.com/idn/homograph.txt",
"refsource": "MISC",
"url": "http://www.shmoo.com/idn/homograph.txt"
},
{
"name" : "20050206 Re: state of homograph attacks",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html"
"name": "multiple-browsers-idn-spoof(19236)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
},
{
"name" : "http://www.shmoo.com/idn",
"refsource" : "MISC",
"url" : "http://www.shmoo.com/idn"
"name": "20050206 state of homograph attacks",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html"
},
{
"name" : "http://www.shmoo.com/idn/homograph.txt",
"refsource" : "MISC",
"url" : "http://www.shmoo.com/idn/homograph.txt"
"name": "http://www.kde.org/info/security/advisory-20050316-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050316-2.txt"
},
{
"name" : "http://www.kde.org/info/security/advisory-20050316-2.txt",
"refsource" : "CONFIRM",
"url" : "http://www.kde.org/info/security/advisory-20050316-2.txt"
"name": "http://www.shmoo.com/idn",
"refsource": "MISC",
"url": "http://www.shmoo.com/idn"
},
{
"name" : "FLSA:178606",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
"name": "20050206 Re: state of homograph attacks",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031460.html"
},
{
"name" : "MDKSA-2005:058",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
"name": "FLSA:178606",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/427976/100/0/threaded"
},
{
"name" : "RHSA-2005:325",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-325.html"
"name": "MDKSA-2005:058",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:058"
},
{
"name" : "12461",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12461"
"name": "14162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14162"
},
{
"name" : "oval:org.mitre.oval:def:10671",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671"
"name": "RHSA-2005:325",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-325.html"
},
{
"name" : "14162",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14162"
"name": "oval:org.mitre.oval:def:10671",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10671"
},
{
"name" : "multiple-browsers-idn-spoof(19236)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236"
"name": "12461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12461"
}
]
}

92
2005/0xxx/CVE-2005-0442.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0442",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0442",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050214 [NOBYTES.COM: #2] CubeCart 2.0.4 - Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110842125901191&w=2"
"name": "http://www.cubecart.com/site/forums/index.php?showtopic=5741",
"refsource": "CONFIRM",
"url": "http://www.cubecart.com/site/forums/index.php?showtopic=5741"
},
{
"name" : "20050406 RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111281888605580&w=2"
"name": "20050406 RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111281888605580&w=2"
},
{
"name" : "http://www.cubecart.com/site/forums/index.php?showtopic=5741",
"refsource" : "CONFIRM",
"url" : "http://www.cubecart.com/site/forums/index.php?showtopic=5741"
"name": "12549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12549"
},
{
"name" : "12549",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12549"
"name": "14272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14272"
},
{
"name" : "14272",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14272"
"name": "20050214 [NOBYTES.COM: #2] CubeCart 2.0.4 - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110842125901191&w=2"
},
{
"name" : "cubecart-dotdot-directory-traversal(19322)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19322"
"name": "cubecart-dotdot-directory-traversal(19322)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19322"
}
]
}

128
2005/0xxx/CVE-2005-0524.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0524",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0524",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value."
"lang": "eng",
"value": "The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050331 PHP getimagesize() Multiple Denial of Service Vulnerabilities",
"refsource" : "IDEFENSE",
"url" : "http://www.securityfocus.com/archive/1/394797"
"name": "15183",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15183"
},
{
"name" : "APPLE-SA-2005-06-08",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html"
"name": "1013619",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013619"
},
{
"name" : "GLSA-200504-15",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml"
"name": "RHSA-2005:406",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-406.html"
},
{
"name" : "MDKSA-2005:072",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072"
"name": "php-phphandleiff-dos(19920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19920"
},
{
"name" : "RHSA-2005:405",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-405.html"
"name": "MDKSA-2005:072",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072"
},
{
"name" : "RHSA-2005:406",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-406.html"
"name": "GLSA-200504-15",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml"
},
{
"name" : "oval:org.mitre.oval:def:9310",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9310"
"name": "APPLE-SA-2005-06-08",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html"
},
{
"name" : "ADV-2005-0305",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/0305"
"name": "oval:org.mitre.oval:def:9310",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9310"
},
{
"name" : "15183",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15183"
"name": "14792",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14792"
},
{
"name" : "1013619",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013619"
"name": "ADV-2005-0305",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0305"
},
{
"name" : "14792",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14792"
"name": "20050331 PHP getimagesize() Multiple Denial of Service Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://www.securityfocus.com/archive/1/394797"
},
{
"name" : "php-phphandleiff-dos(19920)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19920"
"name": "RHSA-2005:405",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-405.html"
}
]
}

140
2005/0xxx/CVE-2005-0756.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0756",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-0756",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash)."
"lang": "eng",
"value": "ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "DSA-922",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-922"
"name": "18056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18056"
},
{
"name" : "DSA-921",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-921"
"name": "17073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17073"
},
{
"name" : "FLSA:157459-2",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/428058/100/0/threaded"
"name": "USN-137-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/137-1/"
},
{
"name" : "FLSA:157459-3",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/427980/100/0/threaded"
"name": "13891",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13891"
},
{
"name" : "RHSA-2005:514",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-514.html"
"name": "18059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18059"
},
{
"name" : "RHSA-2005:663",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-663.html"
"name": "FLSA:157459-2",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded"
},
{
"name" : "USN-137-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/137-1/"
"name": "DSA-922",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-922"
},
{
"name" : "13891",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13891"
"name": "oval:org.mitre.oval:def:11119",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11119"
},
{
"name" : "oval:org.mitre.oval:def:11119",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11119"
"name": "DSA-921",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-921"
},
{
"name" : "ADV-2005-1878",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/1878"
"name": "RHSA-2005:514",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-514.html"
},
{
"name" : "18056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18056"
"name": "17002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17002"
},
{
"name" : "18059",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18059"
"name": "FLSA:157459-3",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded"
},
{
"name" : "17073",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17073"
"name": "RHSA-2005:663",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-663.html"
},
{
"name" : "17002",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17002"
"name": "ADV-2005-1878",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1878"
}
]
}

92
2005/0xxx/CVE-2005-0798.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0798",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0798",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks."
"lang": "eng",
"value": "Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050315 [ISR] - Novell iChain Mini FTP Server Bruteforce Problem",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111091517007681&w=2"
"name": "14648",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/14648"
},
{
"name" : "http://www.infobyte.com.ar/adv/ISR-05.html",
"refsource" : "MISC",
"url" : "http://www.infobyte.com.ar/adv/ISR-05.html"
"name": "1013408",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013408"
},
{
"name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096887.htm",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096887.htm"
"name": "http://www.infobyte.com.ar/adv/ISR-05.html",
"refsource": "MISC",
"url": "http://www.infobyte.com.ar/adv/ISR-05.html"
},
{
"name" : "14648",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/14648"
"name": "14607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14607"
},
{
"name" : "1013408",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013408"
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096887.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096887.htm"
},
{
"name" : "14607",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14607"
"name": "20050315 [ISR] - Novell iChain Mini FTP Server Bruteforce Problem",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111091517007681&w=2"
}
]
}

74
2005/1xxx/CVE-2005-1325.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1325",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1325",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the mylang parameter."
"lang": "eng",
"value": "set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the mylang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050426 [exploits] phpMyVisites 1.3 local file retrieval",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111454298603060&w=2"
"name": "20050426 [exploits] phpMyVisites 1.3 local file retrieval",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111454298603060&w=2"
},
{
"name" : "http://cvs.sourceforge.net/viewcvs.py/phpmyvisites/phpmyvisites/include/set_lang.php?r1=1.5&r2=1.6",
"refsource" : "CONFIRM",
"url" : "http://cvs.sourceforge.net/viewcvs.py/phpmyvisites/phpmyvisites/include/set_lang.php?r1=1.5&r2=1.6"
"name": "http://cvs.sourceforge.net/viewcvs.py/phpmyvisites/phpmyvisites/include/set_lang.php?r1=1.5&r2=1.6",
"refsource": "CONFIRM",
"url": "http://cvs.sourceforge.net/viewcvs.py/phpmyvisites/phpmyvisites/include/set_lang.php?r1=1.5&r2=1.6"
},
{
"name" : "13370",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13370"
"name": "13370",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13370"
}
]
}

104
2005/1xxx/CVE-2005-1378.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1378",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1378",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors."
"lang": "eng",
"value": "SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050427 phpBB Notes Mod SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111471606518372&w=2"
"name": "20050427 phpBB Notes Mod SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111471606518372&w=2"
},
{
"name" : "http://www.gulftech.org/?node=research&article_id=00070-04272005",
"refsource" : "MISC",
"url" : "http://www.gulftech.org/?node=research&article_id=00070-04272005"
"name": "1013827",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013827"
},
{
"name" : "13417",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13417"
"name": "13417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13417"
},
{
"name" : "ADV-2005-0416",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/0416"
"name": "ADV-2005-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0416"
},
{
"name" : "15899",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15899"
"name": "http://www.gulftech.org/?node=research&article_id=00070-04272005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00070-04272005"
},
{
"name" : "1013827",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013827"
"name": "15899",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15899"
},
{
"name" : "15154",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15154/"
"name": "15154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15154/"
},
{
"name" : "phpbb-notes-module-sql-injection(20303)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20303"
"name": "phpbb-notes-module-sql-injection(20303)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20303"
}
]
}

22
2005/1xxx/CVE-2005-1623.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1623",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1623",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2005/1xxx/CVE-2005-1673.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1673",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1673",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050517 Help Center Live Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/398457/2005-05-15/2005-05-21/0"
"name": "http://www.gulftech.org/?node=research&article_id=00076-05172005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00076-05172005"
},
{
"name" : "http://www.gulftech.org/?node=research&article_id=00076-05172005",
"refsource" : "MISC",
"url" : "http://www.gulftech.org/?node=research&article_id=00076-05172005"
"name": "20050517 Help Center Live Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/398457/2005-05-15/2005-05-21/0"
}
]
}

22
2005/3xxx/CVE-2005-3614.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3614",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3614",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2005/4xxx/CVE-2005-4287.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4287",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4287",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php."
"lang": "eng",
"value": "PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051215 MarmaraWeb E-commerce Remote Command Exucetion",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/419587/100/0/threaded"
"name": "15877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15877"
},
{
"name" : "15877",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15877"
"name": "21903",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21903"
},
{
"name" : "21903",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21903"
"name": "20051215 MarmaraWeb E-commerce Remote Command Exucetion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419587/100/0/threaded"
},
{
"name" : "263",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/263"
"name": "263",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/263"
}
]
}

86
2005/4xxx/CVE-2005-4647.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4647",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4647",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) forumsId and (2) topicId parameters in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) forumsId and (2) topicId parameters in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15425",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15425"
"name": "15425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15425"
},
{
"name" : "ADV-2005-2426",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2426"
"name": "pearl-forums-index-sql-injection(23195)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23195"
},
{
"name" : "20848",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20848"
"name": "20848",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20848"
},
{
"name" : "17533",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17533"
"name": "ADV-2005-2426",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2426"
},
{
"name" : "pearl-forums-index-sql-injection(23195)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23195"
"name": "17533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17533"
}
]
}

74
2005/4xxx/CVE-2005-4740.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4740",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4740",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by \"connecting from a downlevel client.\""
"lang": "eng",
"value": "IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by \"connecting from a downlevel client.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "JR21329",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
"name": "JR21329",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
},
{
"name" : "15126",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15126"
"name": "15126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15126"
},
{
"name" : "17031",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17031"
"name": "17031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17031"
}
]
}

68
2005/4xxx/CVE-2005-4857.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4857",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4857",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a \"memory addressing error\"."
"lang": "eng",
"value": "eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a \"memory addressing error\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0",
"refsource" : "CONFIRM",
"url" : "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0"
"name": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0",
"refsource": "CONFIRM",
"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0"
},
{
"name" : "http://issues.ez.no/7459",
"refsource" : "CONFIRM",
"url" : "http://issues.ez.no/7459"
"name": "http://issues.ez.no/7459",
"refsource": "CONFIRM",
"url": "http://issues.ez.no/7459"
}
]
}

92
2005/4xxx/CVE-2005-4868.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4868",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4868",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service."
"lang": "eng",
"value": "Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050105 IBM DB2 Windows Permission Problems (#NISR05012005F)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110495402231836&w=2"
"name": "20050105 IBM DB2 Windows Permission Problems (#NISR05012005F)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110495402231836&w=2"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21181228",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
"name": "11402",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11402"
},
{
"name" : "http://www.nextgenss.com/advisories/db205012005F.txt",
"refsource" : "MISC",
"url" : "http://www.nextgenss.com/advisories/db205012005F.txt"
"name": "db2-everyone-gain-access(17605)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
},
{
"name" : "11402",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/11402"
"name": "http://www.nextgenss.com/advisories/db205012005F.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/db205012005F.txt"
},
{
"name" : "12733",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/12733/"
"name": "12733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12733/"
},
{
"name" : "db2-everyone-gain-access(17605)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
}
]
}

248
2009/0xxx/CVE-2009-0037.json
View File

@ -1,216 +1,216 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0037",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0037",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL."
"lang": "eng",
"value": "The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090312 rPSA-2009-0042-1 curl",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/501757/100/0/threaded"
"name": "USN-726-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-726-1"
},
{
"name" : "20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/504849/100/0/threaded"
"name": "34259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34259"
},
{
"name" : "[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl",
"refsource" : "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2009/000060.html"
"name": "http://curl.haxx.se/lxr/source/CHANGES",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/lxr/source/CHANGES"
},
{
"name" : "http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/",
"refsource" : "MISC",
"url" : "http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/"
"name": "35766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35766"
},
{
"name" : "http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf",
"refsource" : "MISC",
"url" : "http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf"
"name": "34255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34255"
},
{
"name" : "http://curl.haxx.se/docs/adv_20090303.html",
"refsource" : "CONFIRM",
"url" : "http://curl.haxx.se/docs/adv_20090303.html"
"name": "RHSA-2009:0341",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0341.html"
},
{
"name" : "http://curl.haxx.se/lxr/source/CHANGES",
"refsource" : "CONFIRM",
"url" : "http://curl.haxx.se/lxr/source/CHANGES"
"name": "DSA-1738",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1738"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042"
"name": "http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/",
"refsource": "MISC",
"url": "http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0009.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0009.html"
"name": "curl-location-security-bypass(49030)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49030"
},
{
"name" : "http://support.apple.com/kb/HT4077",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4077"
"name": "ADV-2009-1865",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1865"
},
{
"name" : "APPLE-SA-2010-03-29-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name" : "DSA-1738",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1738"
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042"
},
{
"name" : "GLSA-200903-21",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200903-21.xml"
"name": "SUSE-SR:2009:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html"
},
{
"name" : "RHSA-2009:0341",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0341.html"
"name": "34138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34138"
},
{
"name" : "SSA:2009-069-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602"
"name": "http://curl.haxx.se/docs/adv_20090303.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20090303.html"
},
{
"name" : "SUSE-SR:2009:006",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html"
"name": "34202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34202"
},
{
"name" : "USN-726-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-726-1"
"name": "20090312 rPSA-2009-0042-1 curl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501757/100/0/threaded"
},
{
"name" : "33962",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33962"
"name": "ADV-2009-0581",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0581"
},
{
"name" : "oval:org.mitre.oval:def:11054",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11054"
"name": "SSA:2009-069-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602"
},
{
"name" : "oval:org.mitre.oval:def:6074",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6074"
"name": "[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000060.html"
},
{
"name" : "1021783",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1021783"
"name": "33962",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33962"
},
{
"name" : "34138",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34138"
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name" : "34202",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34202"
"name": "http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf",
"refsource": "MISC",
"url": "http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf"
},
{
"name" : "34255",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34255"
"name": "oval:org.mitre.oval:def:11054",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11054"
},
{
"name" : "34259",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34259"
"name": "GLSA-200903-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200903-21.xml"
},
{
"name" : "34237",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34237"
"name": "oval:org.mitre.oval:def:6074",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6074"
},
{
"name" : "34251",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34251"
"name": "1021783",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021783"
},
{
"name" : "34399",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34399"
"name": "34251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34251"
},
{
"name" : "35766",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35766"
"name": "34399",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34399"
},
{
"name" : "ADV-2009-0581",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0581"
"name": "20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504849/100/0/threaded"
},
{
"name" : "ADV-2009-1865",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1865"
"name": "34237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34237"
},
{
"name" : "curl-location-security-bypass(49030)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49030"
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0009.html"
}
]
}

98
2009/0xxx/CVE-2009-0178.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0178",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0178",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4521",
"refsource" : "CONFIRM",
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4521"
"name": "51432",
"refsource": "OSVDB",
"url": "http://osvdb.org/51432"
},
{
"name" : "MB02834",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02834"
"name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4521",
"refsource": "CONFIRM",
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4521"
},
{
"name" : "33293",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33293"
"name": "ibm-hmc-unspecified(48010)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48010"
},
{
"name" : "ADV-2009-0158",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0158"
"name": "33293",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33293"
},
{
"name" : "51432",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/51432"
"name": "33518",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33518"
},
{
"name" : "33518",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33518"
"name": "MB02834",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02834"
},
{
"name" : "ibm-hmc-unspecified(48010)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48010"
"name": "ADV-2009-0158",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0158"
}
]
}

104
2009/0xxx/CVE-2009-0179.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0179",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0179",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file."
"lang": "eng",
"value": "libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090113 CVE Request -- libmikmod",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2009/01/13/2"
"name": "34259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34259"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339"
"name": "FEDORA-2009-9095",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=479833",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=479833"
"name": "SUSE-SR:2009:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html"
},
{
"name" : "FEDORA-2009-9095",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.html"
"name": "33240",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33240"
},
{
"name" : "FEDORA-2009-9112",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339"
},
{
"name" : "SUSE-SR:2009:006",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html"
"name": "FEDORA-2009-9112",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html"
},
{
"name" : "33240",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33240"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=479833",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=479833"
},
{
"name" : "34259",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34259"
"name": "[oss-security] 20090113 CVE Request -- libmikmod",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2009/01/13/2"
}
]
}

98
2009/0xxx/CVE-2009-0183.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0183",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0183",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request."
"lang": "eng",
"value": "Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090202 Secunia Research: Free Download Manager Remote Control Server Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/500604/100/0/threaded"
"name": "33554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33554"
},
{
"name" : "7986",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/7986"
"name": "20090202 Secunia Research: Free Download Manager Remote Control Server Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500604/100/0/threaded"
},
{
"name" : "http://secunia.com/secunia_research/2009-3/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2009-3/"
"name": "7986",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7986"
},
{
"name" : "33554",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33554"
"name": "http://secunia.com/secunia_research/2009-3/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-3/"
},
{
"name" : "51745",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/51745"
"name": "33524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33524"
},
{
"name" : "ADV-2009-0302",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0302"
"name": "51745",
"refsource": "OSVDB",
"url": "http://osvdb.org/51745"
},
{
"name" : "33524",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33524"
"name": "ADV-2009-0302",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0302"
}
]
}

308
2009/0xxx/CVE-2009-0799.json
View File

@ -1,266 +1,266 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0799",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-0799",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read."
"lang": "eng",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886",
"refsource" : "CONFIRM",
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
"name": "oval:org.mitre.oval:def:10204",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
},
{
"name" : "http://poppler.freedesktop.org/releases.html",
"refsource" : "CONFIRM",
"url" : "http://poppler.freedesktop.org/releases.html"
"name": "DSA-1793",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name" : "DSA-1790",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1790"
"name": "34963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34963"
},
{
"name" : "DSA-1793",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1793"
"name": "DSA-1790",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name" : "FEDORA-2009-6973",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
"name": "35037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35037"
},
{
"name" : "FEDORA-2009-6982",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
"name": "ADV-2009-1077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name" : "FEDORA-2009-6972",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
},
{
"name" : "MDVSA-2009:101",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
"name": "ADV-2009-1066",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name" : "MDVSA-2010:087",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
},
{
"name" : "MDVSA-2011:175",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"name": "SSA:2009-129-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477"
},
{
"name" : "RHSA-2009:0430",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
"name": "1022072",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name" : "RHSA-2009:0429",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
"name": "RHSA-2009:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name" : "RHSA-2009:0431",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
"name": "ADV-2009-1065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name" : "RHSA-2009:0458",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
"name": "RHSA-2009:0430",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name" : "RHSA-2009:0480",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
"name": "FEDORA-2009-6972",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name" : "SSA:2009-129-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477"
"name": "35618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35618"
},
{
"name" : "SUSE-SA:2009:024",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name" : "SUSE-SR:2009:010",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name" : "SUSE-SR:2009:012",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
"name": "http://poppler.freedesktop.org/releases.html",
"refsource": "CONFIRM",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name" : "VU#196617",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/196617"
"name": "34568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name" : "34568",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34568"
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name" : "oval:org.mitre.oval:def:10204",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
"name": "VU#196617",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name" : "1022072",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022072"
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name" : "34755",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34755"
"name": "SUSE-SA:2009:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name" : "34291",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34291"
"name": "RHSA-2009:0458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name" : "34481",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34481"
"name": "FEDORA-2009-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name" : "34746",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34746"
"name": "34991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34991"
},
{
"name" : "34852",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34852"
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
},
{
"name" : "34756",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34756"
"name": "MDVSA-2009:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name" : "34959",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34959"
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name" : "34963",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34963"
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name" : "35037",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35037"
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name" : "35065",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35065"
"name": "ADV-2009-1076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name" : "34991",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34991"
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
},
{
"name" : "35064",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35064"
"name": "34291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34291"
},
{
"name" : "35618",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35618"
"name": "34755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34755"
},
{
"name" : "35685",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35685"
"name": "34852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34852"
},
{
"name" : "ADV-2009-1065",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1065"
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name" : "ADV-2009-1066",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1066"
"name": "FEDORA-2009-6973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name" : "ADV-2009-1076",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1076"
"name": "34959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34959"
},
{
"name" : "ADV-2009-1077",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1077"
"name": "34746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34746"
},
{
"name" : "ADV-2010-1040",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1040"
"name": "RHSA-2009:0429",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
]
}

68
2009/1xxx/CVE-2009-1369.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1369",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1369",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message."
"lang": "eng",
"value": "moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "8394",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8394"
"name": "mozilocms-index-path-disclosure(49811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49811"
},
{
"name" : "mozilocms-index-path-disclosure(49811)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49811"
"name": "8394",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8394"
}
]
}

74
2009/1xxx/CVE-2009-1772.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1772",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1772",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate allows remote attackers to inject arbitrary web script or HTML via the re_route parameter to the login script."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate allows remote attackers to inject arbitrary web script or HTML via the re_route parameter to the login script."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels-team.blogspot.com/2009/05/activecollab-xss-and-full-path.html",
"refsource" : "MISC",
"url" : "http://pridels-team.blogspot.com/2009/05/activecollab-xss-and-full-path.html"
"name": "35079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35079"
},
{
"name" : "35022",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35022"
"name": "http://pridels-team.blogspot.com/2009/05/activecollab-xss-and-full-path.html",
"refsource": "MISC",
"url": "http://pridels-team.blogspot.com/2009/05/activecollab-xss-and-full-path.html"
},
{
"name" : "35079",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35079"
"name": "35022",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35022"
}
]
}

68
2009/3xxx/CVE-2009-3268.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3268",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3268",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828."
"lang": "eng",
"value": "Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090908 Re: DoS vulnerability in Google Chrome",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/506328/100/100/threaded"
"name": "20090908 Re: DoS vulnerability in Google Chrome",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506328/100/100/threaded"
},
{
"name" : "http://websecurity.com.ua/3194/",
"refsource" : "MISC",
"url" : "http://websecurity.com.ua/3194/"
"name": "http://websecurity.com.ua/3194/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/3194/"
}
]
}

68
2009/3xxx/CVE-2009-3350.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3350",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3350",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://drupal.org/node/572852",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/572852"
"name": "36329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36329"
},
{
"name" : "36329",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36329"
"name": "http://drupal.org/node/572852",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/572852"
}
]
}

74
2009/4xxx/CVE-2009-4255.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4255",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4255",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "10301",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/10301"
"name": "youhostit-createdbyalias-xss(54570)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54570"
},
{
"name" : "37601",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37601"
"name": "10301",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10301"
},
{
"name" : "youhostit-createdbyalias-xss(54570)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54570"
"name": "37601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37601"
}
]
}

22
2009/4xxx/CVE-2009-4276.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4276",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2009-4276",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2009. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2009. Notes: none."
}
]
}

74
2009/4xxx/CVE-2009-4345.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4345",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4345",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
"name": "ADV-2009-3550",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3550"
},
{
"name" : "ADV-2009-3550",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3550"
"name": "typo3-vshoutbox-xss(54787)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54787"
},
{
"name" : "typo3-vshoutbox-xss(54787)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54787"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
}
]
}

62
2009/4xxx/CVE-2009-4396.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4396",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4396",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
}
]
}

80
2009/4xxx/CVE-2009-4454.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4454",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4454",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log."
"lang": "eng",
"value": "vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20091216 VideoCache 1.9.2 vccleaner root vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/508507/100/0/threaded"
"name": "20091216 VideoCache 1.9.2 vccleaner root vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-12/0366.html"
},
{
"name" : "20091216 VideoCache 1.9.2 vccleaner root vulnerability",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2009-12/0366.html"
"name": "20091216 VideoCache 1.9.2 vccleaner root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508507/100/0/threaded"
},
{
"name" : "37733",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37733"
"name": "videocache-vccleaner-symlink(54916)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54916"
},
{
"name" : "videocache-vccleaner-symlink(54916)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54916"
"name": "37733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37733"
}
]
}

74
2009/4xxx/CVE-2009-4786.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4786",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4786",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to (1) admin/admin_config.php, (2) admin/admin_modules.php, (3) delete.php, (4) editlink.php, (5) submit.php, (6) submit_groups.php, (7) user_add_remove_links.php, and (8) user_settings.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to (1) admin/admin_config.php, (2) admin/admin_modules.php, (3) delete.php, (4) editlink.php, (5) submit.php, (6) submit_groups.php, (7) user_add_remove_links.php, and (8) user_settings.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://holisticinfosec.org/content/view/130/45/",
"refsource" : "MISC",
"url" : "http://holisticinfosec.org/content/view/130/45/"
"name": "http://holisticinfosec.org/content/view/130/45/",
"refsource": "MISC",
"url": "http://holisticinfosec.org/content/view/130/45/"
},
{
"name" : "http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/",
"refsource" : "CONFIRM",
"url" : "http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/"
"name": "http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/",
"refsource": "CONFIRM",
"url": "http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/"
},
{
"name" : "37349",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37349"
"name": "37349",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37349"
}
]
}

86
2009/4xxx/CVE-2009-4937.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4937",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4937",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 allows remote attackers to inject arbitrary web script or HTML via an onmouseover action in an img BBCode tag within a url BBCode tag."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 allows remote attackers to inject arbitrary web script or HTML via an onmouseover action in an img BBCode tag within a url BBCode tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090527 MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1-->",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/503863/100/0/threaded"
"name": "8819",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8819"
},
{
"name" : "8819",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/8819"
"name": "54783",
"refsource": "OSVDB",
"url": "http://osvdb.org/54783"
},
{
"name" : "54783",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/54783"
"name": "35272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35272"
},
{
"name" : "35272",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35272"
"name": "small-pirate-bbcode-xss(50836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50836"
},
{
"name" : "small-pirate-bbcode-xss(50836)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50836"
"name": "20090527 MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1-->",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503863/100/0/threaded"
}
]
}

98
2009/4xxx/CVE-2009-4988.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4988",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4988",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000."
"lang": "eng",
"value": "Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090804 SAP Business One 2005 Remote Buffer Overflow Vulnerability.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/505489/100/0/threaded"
"name": "sap-bo2005-ntnamingservice-bo(52256)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52256"
},
{
"name" : "9319",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9319"
"name": "1022655",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022655"
},
{
"name" : "35933",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35933"
"name": "ADV-2009-2170",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2170"
},
{
"name" : "1022655",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022655"
"name": "36103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36103"
},
{
"name" : "36103",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36103"
"name": "9319",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9319"
},
{
"name" : "ADV-2009-2170",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2170"
"name": "20090804 SAP Business One 2005 Remote Buffer Overflow Vulnerability.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505489/100/0/threaded"
},
{
"name" : "sap-bo2005-ntnamingservice-bo(52256)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52256"
"name": "35933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35933"
}
]
}

98
2012/2xxx/CVE-2012-2200.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2200",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-2200",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory."
"lang": "eng",
"value": "The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/sendmail1_advisory.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/sendmail1_advisory.asc"
"name": "1027207",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027207"
},
{
"name" : "IV22963",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV22963"
"name": "IV22965",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IV22965"
},
{
"name" : "IV22964",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV22964"
"name": "IV22963",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IV22963"
},
{
"name" : "IV22965",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV22965"
"name": "http://aix.software.ibm.com/aix/efixes/security/sendmail1_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail1_advisory.asc"
},
{
"name" : "IV22966",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV22966"
"name": "aix-sendmail-command-execution(76466)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76466"
},
{
"name" : "1027207",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027207"
"name": "IV22964",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IV22964"
},
{
"name" : "aix-sendmail-command-execution(76466)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76466"
"name": "IV22966",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IV22966"
}
]
}

22
2012/6xxx/CVE-2012-6400.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6400",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6400",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2012/6xxx/CVE-2012-6631.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6631",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6631",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in accounts/admin/index.php in Vessio NetBill 1.2 allows remote attackers to hijack the authentication of administrators for requests that add accounts via a new-client action."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in accounts/admin/index.php in Vessio NetBill 1.2 allows remote attackers to hijack the authentication of administrators for requests that add accounts via a new-client action."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/files/112655/NetBill-Billing-System-1.2-CSRF-XSS.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/112655/NetBill-Billing-System-1.2-CSRF-XSS.html"
"name": "49109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49109"
},
{
"name" : "http://www.vulnerability-lab.com/get_content.php?id=560",
"refsource" : "MISC",
"url" : "http://www.vulnerability-lab.com/get_content.php?id=560"
"name": "netbill-index-csrf(75539)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75539"
},
{
"name" : "81881",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/81881"
"name": "http://www.vulnerability-lab.com/get_content.php?id=560",
"refsource": "MISC",
"url": "http://www.vulnerability-lab.com/get_content.php?id=560"
},
{
"name" : "49109",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49109"
"name": "http://packetstormsecurity.org/files/112655/NetBill-Billing-System-1.2-CSRF-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/112655/NetBill-Billing-System-1.2-CSRF-XSS.html"
},
{
"name" : "netbill-index-csrf(75539)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75539"
"name": "81881",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81881"
}
]
}

74
2012/6xxx/CVE-2012-6648.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6648",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6648",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-0943 is used for the guest-account issue."
"lang": "eng",
"value": "gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-0943 is used for the guest-account issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff",
"refsource" : "MISC",
"url" : "https://launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff"
"name": "https://launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff",
"refsource": "MISC",
"url": "https://launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
"name": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name" : "USN-1399-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-1399-1"
"name": "USN-1399-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1399-1"
}
]
}

22
2015/1xxx/CVE-2015-1014.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1014",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1014",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2015/1xxx/CVE-2015-1095.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1095",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-1095",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device."
"lang": "eng",
"value": "IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT204659",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204659"
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name" : "https://support.apple.com/HT204661",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204661"
"name": "APPLE-SA-2015-04-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
},
{
"name" : "https://support.apple.com/HT204662",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204662"
"name": "1032048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032048"
},
{
"name" : "APPLE-SA-2015-04-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name" : "APPLE-SA-2015-04-08-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
"name": "https://support.apple.com/HT204662",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204662"
},
{
"name" : "APPLE-SA-2015-04-08-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html"
"name": "APPLE-SA-2015-04-08-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html"
},
{
"name" : "1032048",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032048"
"name": "https://support.apple.com/HT204661",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204661"
}
]
}

110
2015/1xxx/CVE-2015-1271.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1271",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1271",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation."
"lang": "eng",
"value": "PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
"name": "https://codereview.chromium.org/1226403008",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1226403008"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=446032",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=446032"
"name": "RHSA-2015:1499",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"name" : "https://codereview.chromium.org/1226403008",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1226403008"
"name": "openSUSE-SU-2015:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name" : "DSA-3315",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3315"
"name": "1033031",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
"name": "https://code.google.com/p/chromium/issues/detail?id=446032",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=446032"
},
{
"name" : "RHSA-2015:1499",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "openSUSE-SU-2015:1287",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
"name": "75973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"name" : "75973",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75973"
"name": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name" : "1033031",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033031"
"name": "DSA-3315",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3315"
}
]
}

74
2015/1xxx/CVE-2015-1626.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1626",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-1626",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-0056 and CVE-2015-1623."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-0056 and CVE-2015-1623."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS15-018",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-018"
"name": "MS15-018",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-018"
},
{
"name" : "72930",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72930"
"name": "1031888",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031888"
},
{
"name" : "1031888",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031888"
"name": "72930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72930"
}
]
}

80
2015/1xxx/CVE-2015-1838.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1838",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1838",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp."
"lang": "eng",
"value": "modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1212784",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1212784"
"name": "FEDORA-2016-105b3b8804",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html"
},
{
"name" : "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html",
"refsource" : "CONFIRM",
"url" : "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1212784",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212784"
},
{
"name" : "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c",
"refsource" : "CONFIRM",
"url" : "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c"
"name": "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c",
"refsource": "CONFIRM",
"url": "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c"
},
{
"name" : "FEDORA-2016-105b3b8804",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html"
"name": "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html",
"refsource": "CONFIRM",
"url": "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html"
}
]
}

74
2015/5xxx/CVE-2015-5079.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5079",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5079",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in widgets/logs.php in BlackCat CMS before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the dl parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in widgets/logs.php in BlackCat CMS before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the dl parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150701 Path Traversal in BlackCat CMS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535900/100/0/threaded"
"name": "http://packetstormsecurity.com/files/132541/BlackCat-CMS-1.1.1-Path-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132541/BlackCat-CMS-1.1.1-Path-Traversal.html"
},
{
"name" : "http://packetstormsecurity.com/files/132541/BlackCat-CMS-1.1.1-Path-Traversal.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132541/BlackCat-CMS-1.1.1-Path-Traversal.html"
"name": "https://www.htbridge.com/advisory/HTB23263",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23263"
},
{
"name" : "https://www.htbridge.com/advisory/HTB23263",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23263"
"name": "20150701 Path Traversal in BlackCat CMS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535900/100/0/threaded"
}
]
}

74
2015/5xxx/CVE-2015-5871.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5871",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-5871",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890."
"lang": "eng",
"value": "IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205267",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205267"
"name": "1033703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name" : "APPLE-SA-2015-09-30-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name" : "1033703",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033703"
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
}
]
}

22
2018/11xxx/CVE-2018-11029.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11029",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11029",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/11xxx/CVE-2018-11097.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11097",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11097",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash."
"lang": "eng",
"value": "An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/cloudwu/cstring/issues/6",
"refsource" : "MISC",
"url" : "https://github.com/cloudwu/cstring/issues/6"
"name": "https://github.com/cloudwu/cstring/issues/6",
"refsource": "MISC",
"url": "https://github.com/cloudwu/cstring/issues/6"
}
]
}

68
2018/11xxx/CVE-2018-11105.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11105",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11105",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the \"name\" (aka wplc_name) and \"email\" (aka wplc_email) input fields to wp-json/wp_live_chat_support/v1/start_chat whenever a malicious attacker would initiate a new chat with an administrator. NOTE: this issue exists because of an incomplete fix for CVE-2018-9864."
"lang": "eng",
"value": "There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the \"name\" (aka wplc_name) and \"email\" (aka wplc_email) input fields to wp-json/wp_live_chat_support/v1/start_chat whenever a malicious attacker would initiate a new chat with an administrator. NOTE: this issue exists because of an incomplete fix for CVE-2018-9864."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/RiieCco/write-ups/tree/master/CVE-2018-11105",
"refsource" : "MISC",
"url" : "https://github.com/RiieCco/write-ups/tree/master/CVE-2018-11105"
"name": "https://wordpress.org/plugins/wp-live-chat-support/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/wp-live-chat-support/#developers"
},
{
"name" : "https://wordpress.org/plugins/wp-live-chat-support/#developers",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/wp-live-chat-support/#developers"
"name": "https://github.com/RiieCco/write-ups/tree/master/CVE-2018-11105",
"refsource": "MISC",
"url": "https://github.com/RiieCco/write-ups/tree/master/CVE-2018-11105"
}
]
}

22
2018/11xxx/CVE-2018-11420.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11420",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11420",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/15xxx/CVE-2018-15022.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15022",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15022",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2018/3xxx/CVE-2018-3105.json
View File

@ -1,83 +1,83 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-3105",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3105",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SOA Suite",
"version" : {
"version_data" : [
"product_name": "SOA Suite",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "11.1.1.7.0"
"version_affected": "=",
"version_value": "11.1.1.7.0"
},
{
"version_affected" : "=",
"version_value" : "11.1.1.9.0"
"version_affected": "=",
"version_value": "11.1.1.9.0"
},
{
"version_affected" : "=",
"version_value" : "12.1.3.0.0"
"version_affected": "=",
"version_value": "12.1.3.0.0"
},
{
"version_affected" : "=",
"version_value" : "12.2.1.2.0"
"version_affected": "=",
"version_value": "12.2.1.2.0"
},
{
"version_affected" : "=",
"version_value" : "12.2.1.3.0"
"version_affected": "=",
"version_value": "12.2.1.3.0"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Health Care FastPath). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle SOA Suite accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
"lang": "eng",
"value": "Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Health Care FastPath). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle SOA Suite accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle SOA Suite accessible data."
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle SOA Suite accessible data."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name" : "104821",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104821"
"name": "104821",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104821"
}
]
}

94
2018/3xxx/CVE-2018-3150.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-3150",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3150",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Java",
"version" : {
"version_data" : [
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "Java SE: 11"
"version_affected": "=",
"version_value": "Java SE: 11"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Utility). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Utility). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data."
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20181018-0001/"
"name": "105597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105597"
},
{
"name" : "RHSA-2018:3521",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3521"
"name": "USN-3804-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name" : "USN-3804-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3804-1/"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "105597",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105597"
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name" : "1041889",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041889"
"name": "RHSA-2018:3521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
}
]
}

23
2018/3xxx/CVE-2018-3736.json
View File

@ -1,18 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2018-3736",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-3736",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-3739. Reason: This candidate is a duplicate of CVE-2018-3739. Notes: All CVE users should reference CVE-2018-3739 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-3739. Reason: This candidate is a duplicate of CVE-2018-3739. Notes: All CVE users should reference CVE-2018-3739 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

64
2018/3xxx/CVE-2018-3857.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "talos-cna@cisco.com",
"DATE_PUBLIC" : "2018-07-19T00:00:00",
"ID" : "CVE-2018-3857",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2018-07-19T00:00:00",
"ID": "CVE-2018-3857",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Canvas Draw",
"version" : {
"version_data" : [
"product_name": "Canvas Draw",
"version": {
"version_data": [
{
"version_value" : "ACD Systems Canvas Draw 4.0"
"version_value": "ACD Systems Canvas Draw 4.0"
}
]
}
}
]
},
"vendor_name" : "ACD Systems"
"vendor_name": "ACD Systems"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858."
"lang": "eng",
"value": "An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-122: Heap-Based Buffer Overflow"
"lang": "eng",
"value": "CWE-122: Heap-Based Buffer Overflow"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0541",
"refsource" : "MISC",
"url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0541"
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0541",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0541"
}
]
}

98
2018/8xxx/CVE-2018-8583.json
View File

@ -1,109 +1,109 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8583",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8583",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Edge",
"version" : {
"version_data" : [
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value" : "Windows 10 Version 1703 for 32-bit Systems"
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1703 for x64-based Systems"
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1709 for 32-bit Systems"
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value" : "Windows 10 Version 1709 for x64-based Systems"
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1803 for 32-bit Systems"
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value" : "Windows 10 Version 1803 for x64-based Systems"
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1809 for 32-bit Systems"
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value" : "Windows 10 Version 1809 for x64-based Systems"
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value" : "Windows Server 2019"
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name" : "ChakraCore",
"version" : {
"version_data" : [
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value" : "ChakraCore"
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629."
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583"
"name": "106111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106111"
},
{
"name" : "106111",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106111"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583"
}
]
}

68
2018/8xxx/CVE-2018-8881.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8881",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8881",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string."
"lang": "eng",
"value": "Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392446",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392446"
"name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392446",
"refsource": "MISC",
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392446"
},
{
"name" : "USN-3694-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3694-1/"
"name": "USN-3694-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3694-1/"
}
]
}