admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 17:01:24 +00:00
parent 078ed1201c
commit c7855627ed
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
16 changed files with 2211 additions and 1332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

536
2008/5xxx/CVE-2008-5511.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-5511",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an \"unloaded document.\""
"value": "CVE-2008-5511 Firefox XSS via XBL bindings to unloaded document"
}
]
},
@ -44,228 +21,343 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 2.1",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.25.el2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.29.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:3.0.5-1.el4",
"version_affected": "!"
},
{
"version_value": "0:4.7.3-1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.12.2.0-1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-32.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.0.12-18.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:3.0.5-1.el5_2",
"version_affected": "!"
},
{
"version_value": "0:4.7.3-2.el5",
"version_affected": "!"
},
{
"version_value": "0:3.12.2.0-2.el5",
"version_affected": "!"
},
{
"version_value": "0:1.9.0.5-1.el5_2",
"version_affected": "!"
},
{
"version_value": "0:2.0.0.19-1.el5_2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "32882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32882"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=451680",
"url": "http://secunia.com/advisories/34501",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451680"
"name": "http://secunia.com/advisories/34501"
},
{
"name": "33408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33408"
},
{
"name": "DSA-1697",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1697"
},
{
"name": "oval:org.mitre.oval:def:11881",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881"
},
{
"name": "USN-690-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/690-3/"
},
{
"name": "33205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33205"
},
{
"name": "1021418",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021418"
},
{
"name": "33421",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33421"
},
{
"name": "33232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33232"
},
{
"name": "RHSA-2008:1036",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html"
},
{
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html"
},
{
"name": "ADV-2009-0977",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0977"
},
{
"name": "USN-690-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-690-2"
},
{
"name": "USN-701-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-701-1"
},
{
"name": "33231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33231"
},
{
"name": "MDVSA-2008:245",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245"
},
{
"name": "USN-690-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/690-1/"
},
{
"name": "MDVSA-2009:012",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012"
},
{
"name": "33203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33203"
},
{
"name": "33433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33433"
},
{
"name": "DSA-1707",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1707"
},
{
"name": "33216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33216"
},
{
"name": "256408",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
},
{
"name": "RHSA-2008:1037",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html"
},
{
"name": "mozilla-xbl-security-bypass(47417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47417"
},
{
"name": "DSA-1704",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1704"
},
{
"name": "DSA-1696",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1696"
},
{
"name": "33204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33204"
},
{
"name": "USN-701-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-701-2"
},
{
"name": "33184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33184"
},
{
"name": "RHSA-2009:0002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html"
},
{
"name": "258748",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1"
},
{
"name": "MDVSA-2008:244",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=464174",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=464174"
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
},
{
"name": "33415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33415"
"url": "http://www.vupen.com/english/advisories/2009/0977",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0977"
},
{
"name": "33188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33188"
"url": "http://secunia.com/advisories/33184",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33184"
},
{
"name": "33523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33523"
"url": "http://secunia.com/advisories/33188",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33188"
},
{
"name": "35080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35080"
"url": "http://secunia.com/advisories/33189",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33189"
},
{
"name": "33547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33547"
"url": "http://secunia.com/advisories/33203",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33203"
},
{
"name": "33434",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33434"
"url": "http://secunia.com/advisories/33204",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33204"
},
{
"name": "33189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33189"
"url": "http://secunia.com/advisories/33205",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33205"
},
{
"name": "34501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34501"
"url": "http://secunia.com/advisories/33216",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33216"
},
{
"url": "http://secunia.com/advisories/33231",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33231"
},
{
"url": "http://secunia.com/advisories/33232",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33232"
},
{
"url": "http://secunia.com/advisories/33408",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33408"
},
{
"url": "http://secunia.com/advisories/33415",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33415"
},
{
"url": "http://secunia.com/advisories/33421",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33421"
},
{
"url": "http://secunia.com/advisories/33433",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33433"
},
{
"url": "http://secunia.com/advisories/33434",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33434"
},
{
"url": "http://secunia.com/advisories/33523",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33523"
},
{
"url": "http://secunia.com/advisories/33547",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33547"
},
{
"url": "http://secunia.com/advisories/35080",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35080"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1"
},
{
"url": "http://www.debian.org/security/2009/dsa-1696",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1696"
},
{
"url": "http://www.debian.org/security/2009/dsa-1697",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1697"
},
{
"url": "http://www.debian.org/security/2009/dsa-1704",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1704"
},
{
"url": "http://www.debian.org/security/2009/dsa-1707",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1707"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012"
},
{
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-1036.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-1037.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0002.html"
},
{
"url": "http://www.securityfocus.com/bid/32882",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/32882"
},
{
"url": "http://www.securitytracker.com/id?1021418",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021418"
},
{
"url": "http://www.ubuntu.com/usn/usn-690-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-690-2"
},
{
"url": "http://www.ubuntu.com/usn/usn-701-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-701-1"
},
{
"url": "http://www.ubuntu.com/usn/usn-701-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-701-2"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:1036",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:1036"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:1037",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:1037"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:0002",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0002"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451680",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=451680"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=464174",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=464174"
},
{
"url": "https://usn.ubuntu.com/690-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/690-1/"
},
{
"url": "https://usn.ubuntu.com/690-3/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/690-3/"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-5511",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-5511"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476285",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=476285"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47417",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47417"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881"
}
]
}

294
2008/5xxx/CVE-2008-5513.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-5513",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data."
"value": "CVE-2008-5513 Firefox XSS vulnerabilities in SessionStore"
}
]
},
@ -44,133 +21,248 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 2.1",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.25.el2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.29.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:3.0.5-1.el4",
"version_affected": "!"
},
{
"version_value": "0:4.7.3-1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.12.2.0-1.el4",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-32.el4",
"version_affected": "!"
},
{
"version_value": "0:1.5.0.12-18.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:3.0.5-1.el5_2",
"version_affected": "!"
},
{
"version_value": "0:4.7.3-2.el5",
"version_affected": "!"
},
{
"version_value": "0:3.12.2.0-2.el5",
"version_affected": "!"
},
{
"version_value": "0:1.9.0.5-1.el5_2",
"version_affected": "!"
},
{
"version_value": "0:2.0.0.19-1.el5_2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "32882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32882"
"url": "http://secunia.com/advisories/34501",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34501"
},
{
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-69.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-69.html"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
},
{
"name": "1021421",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021421"
"url": "http://www.vupen.com/english/advisories/2009/0977",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0977"
},
{
"name": "33421",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33421"
"url": "http://secunia.com/advisories/33184",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33184"
},
{
"name": "RHSA-2008:1036",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html"
"url": "http://secunia.com/advisories/33188",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33188"
},
{
"name": "ADV-2009-0977",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0977"
"url": "http://secunia.com/advisories/33189",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33189"
},
{
"name": "USN-690-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-690-2"
"url": "http://secunia.com/advisories/33203",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33203"
},
{
"name": "firefox-sessionrestore-security-bypass(47418)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47418"
"url": "http://secunia.com/advisories/33216",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33216"
},
{
"name": "33231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33231"
"url": "http://secunia.com/advisories/33231",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33231"
},
{
"name": "MDVSA-2008:245",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245"
"url": "http://secunia.com/advisories/33421",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33421"
},
{
"name": "USN-690-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/690-1/"
"url": "http://secunia.com/advisories/33523",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33523"
},
{
"name": "33203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33203"
"url": "http://www.debian.org/security/2009/dsa-1707",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1707"
},
{
"name": "DSA-1707",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1707"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244"
},
{
"name": "oval:org.mitre.oval:def:10389",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10389"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245"
},
{
"name": "33216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33216"
"url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-1036.html"
},
{
"name": "256408",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
"url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-1037.html"
},
{
"name": "RHSA-2008:1037",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html"
"url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-0002.html"
},
{
"name": "33184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33184"
"url": "http://www.securityfocus.com/bid/32882",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/32882"
},
{
"name": "RHSA-2009:0002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html"
"url": "http://www.ubuntu.com/usn/usn-690-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-690-2"
},
{
"name": "MDVSA-2008:244",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244"
"url": "https://access.redhat.com/errata/RHSA-2008:1036",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:1036"
},
{
"name": "33188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33188"
"url": "https://access.redhat.com/errata/RHSA-2008:1037",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:1037"
},
{
"name": "33523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33523"
"url": "https://access.redhat.com/errata/RHSA-2009:0002",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0002"
},
{
"name": "33189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33189"
"url": "https://usn.ubuntu.com/690-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/690-1/"
},
{
"name": "34501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34501"
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-69.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-69.html"
},
{
"url": "http://www.securitytracker.com/id?1021421",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021421"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-5513",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-5513"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476289",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=476289"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47418",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47418"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10389",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10389"
}
]
}

177
2009/4xxx/CVE-2009-4027.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4027",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session."
"value": "CVE-2009-4026 CVE-2009-4027 kernel: mac80211: fix spurious delBA handling"
}
]
},
@ -44,68 +21,144 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Reachable Assertion",
"cweId": "CWE-617"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-194.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.4.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.17.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "37170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37170"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
},
{
"name": "RHSA-2010:0380",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0380.html"
"url": "http://secunia.com/advisories/38017",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38017"
},
{
"name": "USN-864-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-864-1"
"url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-864-1"
},
{
"name": "SUSE-SA:2010:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
"url": "http://secunia.com/advisories/38492",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38492"
},
{
"name": "DSA-1996",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1996"
"url": "http://www.debian.org/security/2010/dsa-1996",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-1996"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541149",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541149"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7"
"url": "http://www.securityfocus.com/bid/37170",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/37170"
},
{
"name": "oval:org.mitre.oval:def:11583",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11583"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541149",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541149"
},
{
"name": "38017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38017"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0380.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0380.html"
},
{
"name": "38492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38492"
"url": "https://access.redhat.com/errata/RHSA-2010:0178",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0178"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0380",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0380"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-4027",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4027"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11583",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11583"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

244
2009/4xxx/CVE-2009-4032.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4032",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php."
"value": "CVE-2009-4032 CVE-2010-2543 cacti: Multiple cross-site scripting flaws"
}
]
},
@ -44,133 +21,198 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.cacti.net/download_patches.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/download_patches.php"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541279",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541279"
},
{
"name": "20091126 Cacti 0.8.7e: Multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"name": "20091125 Cacti 0.8.7e: Multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
"url": "http://bugs.gentoo.org/show_bug.cgi?id=294573",
"refsource": "MISC",
"name": "http://bugs.gentoo.org/show_bug.cgi?id=294573"
},
{
"name": "FEDORA-2009-12575",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html"
"url": "http://docs.cacti.net/#cross-site_scripting_fixes",
"refsource": "MISC",
"name": "http://docs.cacti.net/#cross-site_scripting_fixes"
},
{
"name": "38087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38087"
"url": "http://jvn.jp/en/jp/JVN09758120/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN09758120/index.html"
},
{
"name": "JVN#09758120",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09758120/index.html"
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html",
"refsource": "MISC",
"name": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html"
},
{
"name": "cacti-name-xss(54388)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388"
"url": "http://secunia.com/advisories/37481",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37481"
},
{
"name": "41041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41041"
"url": "http://secunia.com/advisories/37934",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37934"
},
{
"name": "JVNDB-2009-003901",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html"
"url": "http://secunia.com/advisories/38087",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38087"
},
{
"name": "http://docs.cacti.net/#cross-site_scripting_fixes",
"refsource": "CONFIRM",
"url": "http://docs.cacti.net/#cross-site_scripting_fixes"
"url": "http://secunia.com/advisories/41041",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41041"
},
{
"name": "RHSA-2010:0635",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
"url": "http://www.cacti.net/download_patches.php",
"refsource": "MISC",
"name": "http://www.cacti.net/download_patches.php"
},
{
"name": "[oss-security] 20091125 CVE Request - Cacti - 0.8.7e",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/2"
"url": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch",
"refsource": "MISC",
"name": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch"
},
{
"name": "[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/25/2"
},
{
"name": "37481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37481"
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/25/4"
},
{
"name": "[oss-security] 20091125 Re: CVE Request - Cacti - 0.8.7e",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/4"
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"name": "[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"name": "37109",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37109"
"url": "http://www.osvdb.org/60483",
"refsource": "MISC",
"name": "http://www.osvdb.org/60483"
},
{
"name": "ADV-2009-3325",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3325"
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"name": "ADV-2010-2132",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2132"
"url": "http://www.securityfocus.com/bid/37109",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/37109"
},
{
"name": "37934",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37934"
"url": "http://www.vupen.com/english/advisories/2009/3325",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3325"
},
{
"name": "60483",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/60483"
"url": "http://www.vupen.com/english/advisories/2010/2132",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=294573",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=294573"
"url": "https://access.redhat.com/errata/RHSA-2010:0635",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0635"
},
{
"name": "FEDORA-2009-12560",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html"
"url": "https://access.redhat.com/security/cve/CVE-2009-4032",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4032"
},
{
"name": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

212
2009/4xxx/CVE-2009-4131.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4131",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions."
"value": "CVE-2009-4131 kernel: ext4: Fix insufficient checks in EXT4_IOC_MOVE_EXT"
}
]
},
@ -44,83 +21,138 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=544471",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544471"
},
{
"name": "[linux-kernel] 20091209 [GIT PULL] ext4 updates for v2.6.33",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2009/12/9/255"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git6.log",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git6.log"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/tytso/ext4.git;a=commit;h=4a58579b9e4e2a35d57e6c9c8483e52f6f1b7fd6",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/tytso/ext4.git;a=commit;h=4a58579b9e4e2a35d57e6c9c8483e52f6f1b7fd6"
},
{
"name": "SUSE-SA:2010:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
},
{
"name": "MDVSA-2009:329",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
},
{
"name": "USN-869-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-869-1"
},
{
"name": "37686",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37686"
},
{
"name": "37658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37658"
},
{
"name": "ADV-2009-3468",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3468"
},
{
"name": "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/"
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
},
{
"name": "FEDORA-2009-13039",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00702.html"
"url": "http://secunia.com/advisories/38017",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38017"
},
{
"name": "38017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38017"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
},
{
"name": "37277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37277"
"url": "http://git.kernel.org/?p=linux/kernel/git/tytso/ext4.git%3Ba=commit%3Bh=4a58579b9e4e2a35d57e6c9c8483e52f6f1b7fd6",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/tytso/ext4.git%3Ba=commit%3Bh=4a58579b9e4e2a35d57e6c9c8483e52f6f1b7fd6"
},
{
"url": "http://lkml.org/lkml/2009/12/9/255",
"refsource": "MISC",
"name": "http://lkml.org/lkml/2009/12/9/255"
},
{
"url": "http://secunia.com/advisories/37658",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37658"
},
{
"url": "http://secunia.com/advisories/37686",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37686"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git6.log",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git6.log"
},
{
"url": "http://www.securityfocus.com/bid/37277",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/37277"
},
{
"url": "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/",
"refsource": "MISC",
"name": "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/"
},
{
"url": "http://www.ubuntu.com/usn/USN-869-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-869-1"
},
{
"url": "http://www.vupen.com/english/advisories/2009/3468",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/3468"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-4131",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4131"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544471",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=544471"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00702.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00702.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

255
2009/4xxx/CVE-2009-4141.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4141",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file."
"value": "CVE-2009-4141 kernel: create_elf_tables can leave urandom in a bad state"
}
]
},
@ -44,93 +21,185 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.24.7-149.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.11.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.14.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.33-rc4-git1.bz2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.33-rc4-git1.bz2"
},
{
"name": "oval:org.mitre.oval:def:9201",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9201"
},
{
"name": "37806",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37806"
},
{
"name": "http://twitter.com/taviso/statuses/7744108017",
"url": "http://support.avaya.com/css/P8/documents/100073666",
"refsource": "MISC",
"url": "http://twitter.com/taviso/statuses/7744108017"
"name": "http://support.avaya.com/css/P8/documents/100073666"
},
{
"name": "http://support.avaya.com/css/P8/documents/100073666",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100073666"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=53281b6d34d44308372d16acb7fb5327609f68b6",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=53281b6d34d44308372d16acb7fb5327609f68b6"
},
{
"name": "20100114 Locked fasync file descriptors can be referenced after free in >= 2.6.28",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0252.html"
},
{
"name": "oval:org.mitre.oval:def:7054",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7054"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=547906",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547906"
},
{
"name": "39033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39033"
},
{
"name": "http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c",
"url": "https://access.redhat.com/errata/RHSA-2010:0046",
"refsource": "MISC",
"url": "http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c"
"name": "https://access.redhat.com/errata/RHSA-2010:0046"
},
{
"name": "38199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38199"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0046.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0046.html"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "RHSA-2010:0046",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0046.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html"
},
{
"name": "SUSE-SA:2010:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html"
"url": "http://secunia.com/advisories/39033",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39033"
},
{
"name": "RHSA-2010:0161",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0161.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0161",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0161"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0149",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0149"
},
{
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0252.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0252.html"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53281b6d34d44308372d16acb7fb5327609f68b6",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53281b6d34d44308372d16acb7fb5327609f68b6"
},
{
"url": "http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c",
"refsource": "MISC",
"name": "http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c"
},
{
"url": "http://secunia.com/advisories/38199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38199"
},
{
"url": "http://twitter.com/taviso/statuses/7744108017",
"refsource": "MISC",
"name": "http://twitter.com/taviso/statuses/7744108017"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.33-rc4-git1.bz2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.33-rc4-git1.bz2"
},
{
"url": "http://www.securityfocus.com/bid/37806",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/37806"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-4141",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4141"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547906",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=547906"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7054",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7054"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9201",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9201"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

183
2009/4xxx/CVE-2009-4272.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4272",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing \"emergency\" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic."
"value": "CVE-2009-4272 kernel: emergency route cache flushing leads to node deadlock"
}
]
},
@ -44,73 +21,149 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.11.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Virtualization for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:5.4-2.1.8.el5_4rhev2_1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=545411",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545411"
"url": "http://support.avaya.com/css/P8/documents/100073666",
"refsource": "MISC",
"name": "http://support.avaya.com/css/P8/documents/100073666"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31"
"url": "https://access.redhat.com/errata/RHSA-2010:0046",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0046"
},
{
"name": "http://support.avaya.com/css/P8/documents/100073666",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100073666"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0046.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0046.html"
},
{
"name": "linux-kernel-routing-dos(55808)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55808"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "[oss-security] 20100120 CVE-2009-4272 kernel: emergency route cache flushing leads to node deadlock",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/01/20/1"
"url": "https://access.redhat.com/errata/RHSA-2010:0095",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0095"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b6280b47a7a42970d098a3059f4ebe7e55e90d8d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b6280b47a7a42970d098a3059f4ebe7e55e90d8d"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=73e42897e8e5619eacb787d2ce69be12f47cfc21",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=73e42897e8e5619eacb787d2ce69be12f47cfc21"
},
{
"name": "oval:org.mitre.oval:def:11167",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11167"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b6280b47a7a42970d098a3059f4ebe7e55e90d8d",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b6280b47a7a42970d098a3059f4ebe7e55e90d8d"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31"
},
{
"name": "oval:org.mitre.oval:def:7026",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7026"
"url": "http://www.openwall.com/lists/oss-security/2010/01/20/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/01/20/1"
},
{
"name": "RHSA-2010:0046",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0046.html"
"url": "http://www.openwall.com/lists/oss-security/2010/01/20/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/01/20/6"
},
{
"name": "[oss-security] 20100120 Re: CVE-2009-4272 kernel: emergency route cache flushing leads to node deadlock",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/01/20/6"
"url": "https://access.redhat.com/security/cve/CVE-2009-4272",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4272"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=73e42897e8e5619eacb787d2ce69be12f47cfc21",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=73e42897e8e5619eacb787d2ce69be12f47cfc21"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545411",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=545411"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55808",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55808"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11167",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11167"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7026",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7026"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

345
2010/3xxx/CVE-2010-3453.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3453",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write."
"value": "CVE-2010-3453 OpenOffice.org: Heap-based buffer overflow by processing *.doc files with WW8 list styles with specially-crafted count of list levels"
}
]
},
@ -44,128 +21,224 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:1.1.5-10.7.el4_8.10",
"version_affected": "!"
},
{
"version_value": "1:2.0.4-5.7.0.6.1.el4_8.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "1:3.1.1-19.5.el5_5.6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "1:3.2.1-19.6.el6_0.5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "40775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40775"
},
{
"name": "46031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46031"
},
{
"name": "DSA-2151",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2151"
},
{
"name": "60799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60799"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"name": "GLSA-201408-19",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "43118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43118"
},
{
"name": "43065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43065"
},
{
"name": "ADV-2011-0230",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "1025002",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025002"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html"
},
{
"name": "ADV-2011-0232",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0232"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=640950",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640950"
},
{
"name": "RHSA-2011:0182",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0182.html"
},
{
"name": "USN-1056-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1056-1"
},
{
"name": "RHSA-2011:0181",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0181.html"
},
{
"name": "70714",
"refsource": "OSVDB",
"url": "http://osvdb.org/70714"
},
{
"name": "ADV-2011-0279",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0279"
},
{
"name": "43105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43105"
},
{
"name": "MDVSA-2011:027",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:027"
},
{
"name": "http://www.vsecurity.com/resources/advisory/20110126-1",
"url": "http://secunia.com/advisories/40775",
"refsource": "MISC",
"url": "http://www.vsecurity.com/resources/advisory/20110126-1"
"name": "http://secunia.com/advisories/40775"
},
{
"name": "http://www.cs.brown.edu/people/drosenbe/research.html",
"url": "http://secunia.com/advisories/43105",
"refsource": "MISC",
"url": "http://www.cs.brown.edu/people/drosenbe/research.html"
"name": "http://secunia.com/advisories/43105"
},
{
"name": "42999",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42999"
"url": "http://secunia.com/advisories/60799",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60799"
},
{
"url": "http://ubuntu.com/usn/usn-1056-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-1056-1"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml",
"refsource": "MISC",
"name": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0230",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0279",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0279"
},
{
"url": "http://secunia.com/advisories/42999",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42999"
},
{
"url": "http://secunia.com/advisories/43065",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43065"
},
{
"url": "http://secunia.com/advisories/43118",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43118"
},
{
"url": "http://www.cs.brown.edu/people/drosenbe/research.html",
"refsource": "MISC",
"name": "http://www.cs.brown.edu/people/drosenbe/research.html"
},
{
"url": "http://www.debian.org/security/2011/dsa-2151",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2151"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:027",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:027"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0181.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0181.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0182.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0182.html"
},
{
"url": "http://www.securityfocus.com/bid/46031",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46031"
},
{
"url": "http://www.securitytracker.com/id?1025002",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025002"
},
{
"url": "http://www.vsecurity.com/resources/advisory/20110126-1",
"refsource": "MISC",
"name": "http://www.vsecurity.com/resources/advisory/20110126-1"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0232",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0232"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0181",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0181"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0182",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0182"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0183",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0183"
},
{
"url": "http://osvdb.org/70714",
"refsource": "MISC",
"name": "http://osvdb.org/70714"
},
{
"url": "http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html",
"refsource": "MISC",
"name": "http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3453",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3453"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640950",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=640950"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

195
2010/3xxx/CVE-2010-3705.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3705",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array."
"value": "CVE-2010-3705 kernel: sctp memory corruption in HMAC handling"
}
]
},
@ -44,83 +21,159 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.7-rt29.47.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=640036",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640036"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
},
{
"name": "[oss-security] 20101004 CVE request: kernel: SCTP memory corruption in HMAC handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/2"
"url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0842"
},
{
"name": "FEDORA-2010-18983",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html"
"url": "http://www.debian.org/security/2010/dsa-2126",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2126"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=51e97a12bef19b7e43199fc153cf9bd5f2140362",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=51e97a12bef19b7e43199fc153cf9bd5f2140362"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"
},
{
"name": "ADV-2010-3321",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3321"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html"
},
{
"name": "RHSA-2010:0842",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
"url": "http://secunia.com/advisories/42745",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42745"
},
{
"name": "RHSA-2010:0958",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
},
{
"name": "[oss-security] 20101004 Re: CVE request: kernel: SCTP memory corruption in HMAC handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/7"
"url": "http://www.vupen.com/english/advisories/2010/3321",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3321"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36"
"url": "https://access.redhat.com/errata/RHSA-2010:0958",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0958"
},
{
"name": "MDVSA-2011:029",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36"
},
{
"name": "[linux-kernel] 20101001 [PATCH] Fix out-of-bounds reading in sctp_asoc_get_hmac()",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=128596992418814&w=2"
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362"
},
{
"name": "42745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42745"
"url": "http://marc.info/?l=linux-kernel&m=128596992418814&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=128596992418814&w=2"
},
{
"name": "DSA-2126",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2126"
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/10/04/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/10/04/7"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3705",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3705"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640036",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=640036"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

203
2010/3xxx/CVE-2010-3846.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3846",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow."
"value": "CVE-2010-3846 cvs: Heap-based buffer overflow by applying RCS file changes"
}
]
},
@ -44,103 +21,163 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.11.23-11.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "42041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42041"
"url": "http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev",
"refsource": "MISC",
"name": "http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev"
},
{
"name": "FEDORA-2010-16600",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050090.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050212.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050212.html"
},
{
"name": "FEDORA-2010-16599",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050212.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050287.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050287.html"
},
{
"name": "ADV-2010-2846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2846"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050090.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050090.html"
},
{
"name": "44528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44528"
"url": "http://secunia.com/advisories/41079",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41079"
},
{
"name": "42409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42409"
"url": "http://secunia.com/advisories/42041",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42041"
},
{
"name": "68952",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/68952"
"url": "http://secunia.com/advisories/42409",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42409"
},
{
"name": "cvs-applyrcschange-bo(62858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62858"
"url": "http://www.osvdb.org/68952",
"refsource": "MISC",
"name": "http://www.osvdb.org/68952"
},
{
"name": "FEDORA-2010-16721",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050287.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0918.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0918.html"
},
{
"name": "ADV-2010-2845",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2845"
"url": "http://www.securityfocus.com/bid/44528",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/44528"
},
{
"name": "1024795",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024795"
"url": "http://www.securitytracker.com/id?1024795",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1024795"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=642146",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642146"
"url": "http://www.vupen.com/english/advisories/2010/2845",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2845"
},
{
"name": "ADV-2010-3080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3080"
"url": "http://www.vupen.com/english/advisories/2010/2846",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2846"
},
{
"name": "ADV-2010-2869",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2869"
"url": "http://www.vupen.com/english/advisories/2010/2869",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2869"
},
{
"name": "http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev",
"refsource": "CONFIRM",
"url": "http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev"
"url": "http://www.vupen.com/english/advisories/2010/2899",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2899"
},
{
"name": "41079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41079"
"url": "http://www.vupen.com/english/advisories/2010/3080",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3080"
},
{
"name": "ADV-2010-2899",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2899"
"url": "https://access.redhat.com/errata/RHSA-2010:0918",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0918"
},
{
"name": "RHSA-2010:0918",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0918.html"
"url": "https://access.redhat.com/security/cve/CVE-2010-3846",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3846"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642146",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=642146"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62858",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62858"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}

173
2011/2xxx/CVE-2011-2212.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2212",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to \"virtqueue in and out requests.\""
"value": "CVE-2011-2212 qemu-kvm: virtqueue: too-large indirect descriptor buffer overflow"
}
]
},
@ -44,78 +21,138 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.160.el6_1.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2011:0919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0919.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html"
},
{
"name": "45170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45170"
"url": "http://rhn.redhat.com/errata/RHSA-2011-0919.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2011-0919.html"
},
{
"name": "45354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45354"
"url": "http://secunia.com/advisories/45158",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45158"
},
{
"name": "45301",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45301"
"url": "http://secunia.com/advisories/45170",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45170"
},
{
"name": "DSA-2282",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2011/dsa-2282"
"url": "http://secunia.com/advisories/45187",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45187"
},
{
"name": "45158",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45158"
"url": "http://secunia.com/advisories/45188",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45188"
},
{
"name": "openSUSE-SU-2011:0803",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html"
"url": "http://secunia.com/advisories/45301",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45301"
},
{
"name": "45188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45188"
"url": "http://secunia.com/advisories/45354",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45354"
},
{
"name": "74751",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/74751"
"url": "http://ubuntu.com/usn/usn-1165-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-1165-1"
},
{
"name": "USN-1165-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1165-1"
"url": "http://www.osvdb.org/74751",
"refsource": "MISC",
"name": "http://www.osvdb.org/74751"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=713589",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=713589"
"url": "https://access.redhat.com/errata/RHSA-2011:0919",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0919"
},
{
"name": "45187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45187"
"url": "https://access.redhat.com/security/cve/CVE-2011-2212",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2212"
},
{
"name": "SUSE-SU-2011:0806",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/9605323"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=713589",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=713589"
},
{
"url": "https://hermes.opensuse.org/messages/9605323",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/9605323"
},
{
"url": "https://www.debian.org/security/2011/dsa-2282",
"refsource": "MISC",
"name": "https://www.debian.org/security/2011/dsa-2282"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

165
2011/2xxx/CVE-2011-2497.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2497",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow."
"value": "CVE-2011-2497 kernel: bluetooth: buffer overflow in l2cap config request"
}
]
},
@ -44,58 +21,134 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-131.12.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.9-rt31.75.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7ac28817536797fd40e9646452183606f9e17f71",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7ac28817536797fd40e9646452183606f9e17f71"
"url": "https://access.redhat.com/errata/RHSA-2011:1253",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1253"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0"
"url": "https://access.redhat.com/errata/RHSA-2011:1189",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1189"
},
{
"name": "[oss-security] 20110624 CVE request: kernel: remote buffer overflow in bluetooth",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/24/9"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ac28817536797fd40e9646452183606f9e17f71",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ac28817536797fd40e9646452183606f9e17f71"
},
{
"name": "[linux-kernel] 20110624 [PATCH] Bluetooth: Prevent buffer overflow in l2cap config request",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=130891911909436&w=2"
"url": "http://marc.info/?l=linux-kernel&m=130891911909436&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=130891911909436&w=2"
},
{
"name": "48472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48472"
"url": "http://securityreason.com/securityalert/8359",
"refsource": "MISC",
"name": "http://securityreason.com/securityalert/8359"
},
{
"name": "74679",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/74679"
"url": "http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0"
},
{
"name": "8359",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8359"
"url": "http://www.openwall.com/lists/oss-security/2011/06/24/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/06/24/9"
},
{
"name": "[oss-security] 20110627 Re: CVE request: kernel: remote buffer overflow in bluetooth",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/3"
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/06/27/3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=716805",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716805"
"url": "http://www.osvdb.org/74679",
"refsource": "MISC",
"name": "http://www.osvdb.org/74679"
},
{
"url": "http://www.securityfocus.com/bid/48472",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/48472"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-2497",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2497"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716805",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=716805"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

147
2011/2xxx/CVE-2011-2504.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2504",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf before 1.5.4 allows local users to gain privileges via unspecified Trojan horse code in the current working directory."
"value": "CVE-2011-2504 x11perfcomp has dot in its path"
}
]
},
@ -44,38 +21,106 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Inclusion of Functionality from Untrusted Control Sphere",
"cweId": "CWE-829"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:7.6-6.el6",
"version_affected": "!"
},
{
"version_value": "0:7.5-13.el6",
"version_affected": "!"
},
{
"version_value": "0:7.5-6.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:0502",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0502.html"
},
{
"name": "x11perf-priv-esc(82241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82241"
},
{
"name": "[xorg-announce] 20110727 [ANNOUNCE] x11perf 1.5.4",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-July/001715.html"
},
{
"name": "58082",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58082"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=717672",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-July/001715.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717672"
"name": "http://lists.freedesktop.org/archives/xorg-announce/2011-July/001715.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0502.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0502.html"
},
{
"url": "http://www.securityfocus.com/bid/58082",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58082"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0502",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0502"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-2504",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2504"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717672",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=717672"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82241",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82241"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}

206
2011/2xxx/CVE-2011-2511.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2511",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption."
"value": "CVE-2011-2511 libvirt: integer overflow in VirDomainGetVcpus"
}
]
},
@ -44,88 +21,169 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.8.2-22.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:0.8.7-18.el6_1.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://libvirt.org/news.html",
"refsource": "CONFIRM",
"url": "http://libvirt.org/news.html"
"url": "http://libvirt.org/news.html",
"refsource": "MISC",
"name": "http://libvirt.org/news.html"
},
{
"name": "libvirt-virdomaingetvcpus-bo(68271)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68271"
"url": "http://www.debian.org/security/2011/dsa-2280",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2280"
},
{
"name": "45441",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45441"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html"
},
{
"name": "FEDORA-2011-9091",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html"
},
{
"name": "45446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45446"
"url": "http://secunia.com/advisories/45375",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45375"
},
{
"name": "[oss-security] 20110628 CVE request: libvirt: integer overflow in VirDomainGetVcpus",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/28/9"
"url": "http://secunia.com/advisories/45441",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45441"
},
{
"name": "RHSA-2011:1197",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1197.html"
"url": "http://secunia.com/advisories/45446",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45446"
},
{
"name": "RHSA-2011:1019",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1019.html"
"url": "http://www.openwall.com/lists/oss-security/2011/06/28/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/06/28/9"
},
{
"name": "USN-1180-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1180-1"
"url": "http://www.redhat.com/support/errata/RHSA-2011-1019.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-1019.html"
},
{
"name": "45375",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45375"
"url": "http://www.redhat.com/support/errata/RHSA-2011-1197.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-1197.html"
},
{
"name": "[libvirt] 20110624 [PATCH 2/2] remote: protect against integer overflow",
"refsource": "MLIST",
"url": "https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html"
"url": "http://www.securitytracker.com/id?1025822",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025822"
},
{
"name": "1025822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025822"
"url": "http://www.ubuntu.com/usn/USN-1180-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1180-1"
},
{
"name": "DSA-2280",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2280"
"url": "https://access.redhat.com/errata/RHSA-2011:1019",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1019"
},
{
"name": "SUSE-SU-2011:0837",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10027908"
"url": "https://access.redhat.com/errata/RHSA-2011:1197",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1197"
},
{
"name": "FEDORA-2011-9062",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html"
"url": "https://access.redhat.com/security/cve/CVE-2011-2511",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2511"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717199",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=717199"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68271",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68271"
},
{
"url": "https://hermes.opensuse.org/messages/10027908",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/10027908"
},
{
"url": "https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

147
2011/2xxx/CVE-2011-2520.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2520",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object."
"value": "CVE-2011-2520 system-config-firewall: privilege escalation flaw via use of python pickle"
}
]
},
@ -44,53 +21,117 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Deserialization of Untrusted Data",
"cweId": "CWE-502"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.27-3.el6_1.3",
"version_affected": "!"
},
{
"version_value": "0:1.1.16-17.el6_1.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2011-9652",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063314.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063314.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063314.html"
},
{
"name": "systemconfigfirewall-priv-escalation(68734)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68734"
"url": "http://secunia.com/advisories/45294",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45294"
},
{
"name": "[oss-security] 20110718 CVE-2011-2520: flaw in system-config-firewall's usage of pickle allows privilege escalation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/6"
"url": "http://securitytracker.com/id?1025793",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1025793"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=717985",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717985"
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/07/18/6"
},
{
"name": "RHSA-2011:0953",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0953.html"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0953.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0953.html"
},
{
"name": "48715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48715"
"url": "http://www.securityfocus.com/bid/48715",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/48715"
},
{
"name": "1025793",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025793"
"url": "https://access.redhat.com/errata/RHSA-2011:0953",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0953"
},
{
"name": "45294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45294"
"url": "https://access.redhat.com/security/cve/CVE-2011-2520",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2520"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717985",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=717985"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68734",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68734"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

61
2023/23xxx/CVE-2023-23119.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23119",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-23119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/SkYce4f5o",
"refsource": "MISC",
"name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/SkYce4f5o"
},
{
"url": "https://community.ui.com/tags/security/releases",
"refsource": "MISC",
"name": "https://community.ui.com/tags/security/releases"
}
]
}