diff --git a/2001/0xxx/CVE-2001-0188.json b/2001/0xxx/CVE-2001-0188.json index 8b2f3bac9db..26f3d015c86 100644 --- a/2001/0xxx/CVE-2001-0188.json +++ b/2001/0xxx/CVE-2001-0188.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0188", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0188", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010122 def-2001-03: GoodTech Systems FTP Connection DoS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-01/0350.html" - }, - { - "name" : "2270", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2270" - }, - { - "name" : "goodtech-ftp-dos(5984)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5984" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "goodtech-ftp-dos(5984)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5984" + }, + { + "name": "2270", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2270" + }, + { + "name": "20010122 def-2001-03: GoodTech Systems FTP Connection DoS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0350.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0436.json b/2001/0xxx/CVE-2001-0436.json index db7d3bd197b..a2b053f422a 100644 --- a/2001/0xxx/CVE-2001-0436.json +++ b/2001/0xxx/CVE-2001-0436.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0436", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010416 qDefense Advisory: DCForum allows remote read/write/execute", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-04/0269.html" - }, - { - "name" : "http://www.dcscripts.com/FAQ/sec_2001_03_31.html", - "refsource" : "CONFIRM", - "url" : "http://www.dcscripts.com/FAQ/sec_2001_03_31.html" - }, - { - "name" : "3862", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3862" - }, - { - "name" : "dcforum-az-expr(6392)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6392" - }, - { - "name" : "2611", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2611" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.dcscripts.com/FAQ/sec_2001_03_31.html", + "refsource": "CONFIRM", + "url": "http://www.dcscripts.com/FAQ/sec_2001_03_31.html" + }, + { + "name": "3862", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3862" + }, + { + "name": "2611", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2611" + }, + { + "name": "20010416 qDefense Advisory: DCForum allows remote read/write/execute", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0269.html" + }, + { + "name": "dcforum-az-expr(6392)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6392" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0596.json b/2001/0xxx/CVE-2001-0596.json index cd895d78a16..8190cf127a8 100644 --- a/2001/0xxx/CVE-2001-0596.json +++ b/2001/0xxx/CVE-2001-0596.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010409 Netscape 4.76 gif comment flaw", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=98685237415117&w=2" - }, - { - "name" : "DSA-051", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2001/dsa-051" - }, - { - "name" : "CLA-2001:393", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000393" - }, - { - "name" : "RHSA-2001:046", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2001-046.html" - }, - { - "name" : "netscape-javascript-access-data(6344)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344" - }, - { - "name" : "2637", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2637" - }, - { - "name" : "IMNX-2001-70-014-01", - "refsource" : "IMMUNIX", - "url" : "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01" - }, - { - "name" : "5579", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5579" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "CLA-2001:393", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000393" + }, + { + "name": "RHSA-2001:046", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2001-046.html" + }, + { + "name": "20010409 Netscape 4.76 gif comment flaw", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=98685237415117&w=2" + }, + { + "name": "2637", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2637" + }, + { + "name": "5579", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5579" + }, + { + "name": "netscape-javascript-access-data(6344)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344" + }, + { + "name": "IMNX-2001-70-014-01", + "refsource": "IMMUNIX", + "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01" + }, + { + "name": "DSA-051", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2001/dsa-051" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0753.json b/2001/0xxx/CVE-2001-0753.json index 635793490b1..f8633b037cb 100644 --- a/2001/0xxx/CVE-2001-0753.json +++ b/2001/0xxx/CVE-2001-0753.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0753", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0753", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010522 More Multiple Vulnerabilities in CBOS", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html" - }, - { - "name" : "cisco-cbos-execenable-info-disclosure(44544)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cisco-cbos-execenable-info-disclosure(44544)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544" + }, + { + "name": "20010522 More Multiple Vulnerabilities in CBOS", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0763.json b/2001/0xxx/CVE-2001-0763.json index d3ea4ea489f..8c520afb1d3 100644 --- a/2001/0xxx/CVE-2001-0763.json +++ b/2001/0xxx/CVE-2001-0763.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010608 potential buffer overflow in xinetd-2.1.8.9pre11-1", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0064.html" - }, - { - "name" : "CLA-2001:404", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404" - }, - { - "name" : "DSA-063", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2001/dsa-063" - }, - { - "name" : "IMNX-2001-70-024-01", - "refsource" : "IMMUNIX", - "url" : "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01" - }, - { - "name" : "ESA-20010621-01", - "refsource" : "ENGARDE", - "url" : "http://www.linuxsecurity.com/advisories/other_advisory-1469.html" - }, - { - "name" : "L-104", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/l-104.shtml" - }, - { - "name" : "RHSA-2001:075", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2001-075.html" - }, - { - "name" : "xinetd-identd-bo(6670)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6670" - }, - { - "name" : "2840", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2840" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2840", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2840" + }, + { + "name": "CLA-2001:404", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404" + }, + { + "name": "20010608 potential buffer overflow in xinetd-2.1.8.9pre11-1", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0064.html" + }, + { + "name": "ESA-20010621-01", + "refsource": "ENGARDE", + "url": "http://www.linuxsecurity.com/advisories/other_advisory-1469.html" + }, + { + "name": "DSA-063", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2001/dsa-063" + }, + { + "name": "RHSA-2001:075", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2001-075.html" + }, + { + "name": "IMNX-2001-70-024-01", + "refsource": "IMMUNIX", + "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01" + }, + { + "name": "L-104", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/l-104.shtml" + }, + { + "name": "xinetd-identd-bo(6670)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6670" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0881.json b/2001/0xxx/CVE-2001-0881.json index e03a75a5295..b9b5e8a78d5 100644 --- a/2001/0xxx/CVE-2001-0881.json +++ b/2001/0xxx/CVE-2001-0881.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0881", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0881", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1241.json b/2001/1xxx/CVE-2001-1241.json index 5bba06e3b4f..84cc46fd2ab 100644 --- a/2001/1xxx/CVE-2001-1241.json +++ b/2001/1xxx/CVE-2001-1241.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with \"#!\" and the desired program name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010717 multiple vulnerabilities in un-cgi", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-07/0287.html" - }, - { - "name" : "20010718 Re: [Khamba Staring ] multiple", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-07/0349.html" - }, - { - "name" : "http://www.midwinter.com/~koreth/uncgi.html", - "refsource" : "CONFIRM", - "url" : "http://www.midwinter.com/~koreth/uncgi.html" - }, - { - "name" : "http://www.midwinter.com/~koreth/uncgi-changes.html", - "refsource" : "CONFIRM", - "url" : "http://www.midwinter.com/~koreth/uncgi-changes.html" - }, - { - "name" : "3057", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3057" - }, - { - "name" : "uncgi-unexecutable-cgi(6847)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/6847.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with \"#!\" and the desired program name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.midwinter.com/~koreth/uncgi-changes.html", + "refsource": "CONFIRM", + "url": "http://www.midwinter.com/~koreth/uncgi-changes.html" + }, + { + "name": "uncgi-unexecutable-cgi(6847)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/6847.php" + }, + { + "name": "3057", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3057" + }, + { + "name": "20010718 Re: [Khamba Staring ] multiple", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0349.html" + }, + { + "name": "http://www.midwinter.com/~koreth/uncgi.html", + "refsource": "CONFIRM", + "url": "http://www.midwinter.com/~koreth/uncgi.html" + }, + { + "name": "20010717 multiple vulnerabilities in un-cgi", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0287.html" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1025.json b/2008/1xxx/CVE-2008-1025.json index 6fc6cf115b7..72de2afb175 100644 --- a/2008/1xxx/CVE-2008-1025.json +++ b/2008/1xxx/CVE-2008-1025.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT1467", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT1467" - }, - { - "name" : "APPLE-SA-2008-04-16", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html" - }, - { - "name" : "APPLE-SA-2008-07-11", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" - }, - { - "name" : "VU#705529", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/705529" - }, - { - "name" : "28814", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28814" - }, - { - "name" : "ADV-2008-1250", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1250/references" - }, - { - "name" : "ADV-2008-2094", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2094/references" - }, - { - "name" : "1019869", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019869" - }, - { - "name" : "29846", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29846" - }, - { - "name" : "31074", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31074" - }, - { - "name" : "apple-safari-webkit-hostname-xss(41862)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41862" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT1467", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT1467" + }, + { + "name": "29846", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29846" + }, + { + "name": "VU#705529", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/705529" + }, + { + "name": "APPLE-SA-2008-04-16", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html" + }, + { + "name": "APPLE-SA-2008-07-11", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" + }, + { + "name": "ADV-2008-2094", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2094/references" + }, + { + "name": "ADV-2008-1250", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1250/references" + }, + { + "name": "28814", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28814" + }, + { + "name": "apple-safari-webkit-hostname-xss(41862)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41862" + }, + { + "name": "1019869", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019869" + }, + { + "name": "31074", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31074" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1141.json b/2008/1xxx/CVE-2008-1141.json index 760182f8d9c..50e3a25951e 100644 --- a/2008/1xxx/CVE-2008-1141.json +++ b/2008/1xxx/CVE-2008-1141.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1141", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\\\.\\DLKPFSD_Device that allocate \"link list structures.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1141", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5141", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5141" - }, - { - "name" : "ADV-2008-0597", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0597" - }, - { - "name" : "29005", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\\\.\\DLKPFSD_Device that allocate \"link list structures.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5141", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5141" + }, + { + "name": "29005", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29005" + }, + { + "name": "ADV-2008-0597", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0597" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1529.json b/2008/1xxx/CVE-2008-1529.json index cdde6e757d9..9025975b98d 100644 --- a/2008/1xxx/CVE-2008-1529.json +++ b/2008/1xxx/CVE-2008-1529.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZyXEL Prestige routers have a minimum password length for the admin account that is too small, which makes it easier for remote attackers to guess passwords via brute force methods." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080301 The Router Hacking Challenge is Over!", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/489009/100/0/threaded" - }, - { - "name" : "http://www.gnucitizen.org/projects/router-hacking-challenge/", - "refsource" : "MISC", - "url" : "http://www.gnucitizen.org/projects/router-hacking-challenge/" - }, - { - "name" : "http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf", - "refsource" : "MISC", - "url" : "http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf" - }, - { - "name" : "zyxelprestige-password-weak-security(41513)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZyXEL Prestige routers have a minimum password length for the admin account that is too small, which makes it easier for remote attackers to guess passwords via brute force methods." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080301 The Router Hacking Challenge is Over!", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded" + }, + { + "name": "http://www.gnucitizen.org/projects/router-hacking-challenge/", + "refsource": "MISC", + "url": "http://www.gnucitizen.org/projects/router-hacking-challenge/" + }, + { + "name": "http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf", + "refsource": "MISC", + "url": "http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf" + }, + { + "name": "zyxelprestige-password-weak-security(41513)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41513" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1764.json b/2008/1xxx/CVE-2008-1764.json index 1200c80bc75..751b35dc4c6 100644 --- a/2008/1xxx/CVE-2008-1764.json +++ b/2008/1xxx/CVE-2008-1764.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1764", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to \"keyboard handling of password inputs.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1764", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.opera.com/docs/changelogs/linux/927/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/linux/927/" - }, - { - "name" : "http://www.opera.com/docs/changelogs/windows/927/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/windows/927/" - }, - { - "name" : "GLSA-200804-14", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-14.xml" - }, - { - "name" : "SUSE-SR:2008:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html" - }, - { - "name" : "29735", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29735" - }, - { - "name" : "29679", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29679" - }, - { - "name" : "opera-password-inputs-unspecified(41834)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41834" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to \"keyboard handling of password inputs.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29679", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29679" + }, + { + "name": "29735", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29735" + }, + { + "name": "http://www.opera.com/docs/changelogs/windows/927/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/windows/927/" + }, + { + "name": "SUSE-SR:2008:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html" + }, + { + "name": "http://www.opera.com/docs/changelogs/linux/927/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/linux/927/" + }, + { + "name": "GLSA-200804-14", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-14.xml" + }, + { + "name": "opera-password-inputs-unspecified(41834)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41834" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5035.json b/2008/5xxx/CVE-2008-5035.json index 198a1964396..260538c402f 100644 --- a/2008/5xxx/CVE-2008-5035.json +++ b/2008/5xxx/CVE-2008-5035.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an invalid length." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4441", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4441" - }, - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4442", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4442" - }, - { - "name" : "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01133", - "refsource" : "CONFIRM", - "url" : "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01133" - }, - { - "name" : "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01134", - "refsource" : "CONFIRM", - "url" : "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01134" - }, - { - "name" : "MB02482", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02482" - }, - { - "name" : "MB02485", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02485" - }, - { - "name" : "32181", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32181" - }, - { - "name" : "ADV-2008-3051", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/3051" - }, - { - "name" : "32571", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32571" - }, - { - "name" : "ibm-hmc-rmc-dos(46413)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46413" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an invalid length." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4441", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4441" + }, + { + "name": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01134", + "refsource": "CONFIRM", + "url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01134" + }, + { + "name": "MB02485", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02485" + }, + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4442", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4442" + }, + { + "name": "32181", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32181" + }, + { + "name": "MB02482", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02482" + }, + { + "name": "ADV-2008-3051", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/3051" + }, + { + "name": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01133", + "refsource": "CONFIRM", + "url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01133" + }, + { + "name": "32571", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32571" + }, + { + "name": "ibm-hmc-rmc-dos(46413)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46413" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5266.json b/2008/5xxx/CVE-2008-5266.json index 012b8215601..8f9b9bad66d 100644 --- a/2008/5xxx/CVE-2008-5266.json +++ b/2008/5xxx/CVE-2008-5266.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5266", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5266", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080610 XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/493243/100/0/threaded" - }, - { - "name" : "http://webappsecurity.wordpress.com/2008/06/11/xss-glassfish-web-admin-interface-sun-java-system-application/", - "refsource" : "MISC", - "url" : "http://webappsecurity.wordpress.com/2008/06/11/xss-glassfish-web-admin-interface-sun-java-system-application/" - }, - { - "name" : "29646", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29646" - }, - { - "name" : "30604", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30604" - }, - { - "name" : "4659", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4659" - }, - { - "name" : "glassfish-httplisteneredit-xss(47029)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47029" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4659", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4659" + }, + { + "name": "20080610 XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/493243/100/0/threaded" + }, + { + "name": "http://webappsecurity.wordpress.com/2008/06/11/xss-glassfish-web-admin-interface-sun-java-system-application/", + "refsource": "MISC", + "url": "http://webappsecurity.wordpress.com/2008/06/11/xss-glassfish-web-admin-interface-sun-java-system-application/" + }, + { + "name": "glassfish-httplisteneredit-xss(47029)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47029" + }, + { + "name": "30604", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30604" + }, + { + "name": "29646", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29646" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5278.json b/2008/5xxx/CVE-2008-5278.json index 7e3c4b67f7a..ec8948ce1a7 100644 --- a/2008/5xxx/CVE-2008-5278.json +++ b/2008/5xxx/CVE-2008-5278.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5278", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5278", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081125 WordPress XSS vulnerability in RSS Feed Generator", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/498652" - }, - { - "name" : "http://wordpress.org/development/2008/11/wordpress-265/", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/development/2008/11/wordpress-265/" - }, - { - "name" : "FEDORA-2008-10468", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00176.html" - }, - { - "name" : "FEDORA-2008-10483", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00000.html" - }, - { - "name" : "32476", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32476" - }, - { - "name" : "50214", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/50214" - }, - { - "name" : "32882", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32882" - }, - { - "name" : "32966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32966" - }, - { - "name" : "4662", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4662" - }, - { - "name" : "wordpress-feed-xss(46882)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2008-10468", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00176.html" + }, + { + "name": "http://wordpress.org/development/2008/11/wordpress-265/", + "refsource": "CONFIRM", + "url": "http://wordpress.org/development/2008/11/wordpress-265/" + }, + { + "name": "50214", + "refsource": "OSVDB", + "url": "http://osvdb.org/50214" + }, + { + "name": "4662", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4662" + }, + { + "name": "32476", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32476" + }, + { + "name": "32882", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32882" + }, + { + "name": "20081125 WordPress XSS vulnerability in RSS Feed Generator", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/498652" + }, + { + "name": "32966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32966" + }, + { + "name": "wordpress-feed-xss(46882)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46882" + }, + { + "name": "FEDORA-2008-10483", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5430.json b/2008/5xxx/CVE-2008-5430.json index ad00b5d8ad9..46c19d93cc9 100644 --- a/2008/5xxx/CVE-2008-5430.json +++ b/2008/5xxx/CVE-2008-5430.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5430", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many \"Content-type: message/rfc822;\" headers, which might allow remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081208 DoS attacks on MIME-capable software via complex MIME emails", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/499038/100/0/threaded" - }, - { - "name" : "20081209 Re: DoS attacks on MIME-capable software via complex MIME emails", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/499045/100/0/threaded" - }, - { - "name" : "http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro", - "refsource" : "MISC", - "url" : "http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro" - }, - { - "name" : "32869", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32869" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many \"Content-type: message/rfc822;\" headers, which might allow remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro", + "refsource": "MISC", + "url": "http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro" + }, + { + "name": "32869", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32869" + }, + { + "name": "20081208 DoS attacks on MIME-capable software via complex MIME emails", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/499038/100/0/threaded" + }, + { + "name": "20081209 Re: DoS attacks on MIME-capable software via complex MIME emails", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/499045/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5779.json b/2008/5xxx/CVE-2008-5779.json index 145aa476dc8..1ccfb8c380f 100644 --- a/2008/5xxx/CVE-2008-5779.json +++ b/2008/5xxx/CVE-2008-5779.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5779", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5779", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7474", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7474" - }, - { - "name" : "32835", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32835" - }, - { - "name" : "50723", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/50723" - }, - { - "name" : "33075", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33075" - }, - { - "name" : "4849", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4849" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33075", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33075" + }, + { + "name": "7474", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7474" + }, + { + "name": "32835", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32835" + }, + { + "name": "4849", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4849" + }, + { + "name": "50723", + "refsource": "OSVDB", + "url": "http://osvdb.org/50723" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5838.json b/2008/5xxx/CVE-2008-5838.json index dba7ba3b221..0cb2e82dc51 100644 --- a/2008/5xxx/CVE-2008-5838.json +++ b/2008/5xxx/CVE-2008-5838.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6398", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6398" - }, - { - "name" : "31319", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31319" - }, - { - "name" : "30692", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30692" - }, - { - "name" : "31506", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31506" - }, - { - "name" : "ADV-2008-2507", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2507" - }, - { - "name" : "eshop-searchresults-sql-injection(44472)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6398", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6398" + }, + { + "name": "31506", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31506" + }, + { + "name": "31319", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31319" + }, + { + "name": "eshop-searchresults-sql-injection(44472)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44472" + }, + { + "name": "30692", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30692" + }, + { + "name": "ADV-2008-2507", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2507" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2563.json b/2011/2xxx/CVE-2011-2563.json index 92f2536e5e9..9e4e5c25f4e 100644 --- a/2011/2xxx/CVE-2011-2563.json +++ b/2011/2xxx/CVE-2011-2563.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2563", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2011-2563", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110824 Cisco Unified Communications Manager Denial of Service Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml" - }, - { - "name" : "20110824 Denial of Service Vulnerabilities in Cisco Intercompany Media Engine", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f533.shtml" - }, - { - "name" : "1025969", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025969" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20110824 Cisco Unified Communications Manager Denial of Service Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml" + }, + { + "name": "1025969", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025969" + }, + { + "name": "20110824 Denial of Service Vulnerabilities in Cisco Intercompany Media Engine", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f533.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2660.json b/2011/2xxx/CVE-2011-2660.json index ed7fcf7ded9..c535bbd0bf1 100644 --- a/2011/2xxx/CVE-2011-2660.json +++ b/2011/2xxx/CVE-2011-2660.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2660", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2660", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.novell.com/651577", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/651577" - }, - { - "name" : "https://bugzilla.novell.com/708656", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/708656" - }, - { - "name" : "SUSE-SU-2011:0979", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00028.html" - }, - { - "name" : "SUSE-SU-2011:0980", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00029.html" - }, - { - "name" : "49391", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/49391" - }, - { - "name" : "vpnc-modifyresolvconfsuse-command-execution(69514)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "49391", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/49391" + }, + { + "name": "SUSE-SU-2011:0980", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00029.html" + }, + { + "name": "https://bugzilla.novell.com/651577", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/651577" + }, + { + "name": "vpnc-modifyresolvconfsuse-command-execution(69514)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69514" + }, + { + "name": "https://bugzilla.novell.com/708656", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/708656" + }, + { + "name": "SUSE-SU-2011:0979", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00028.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2805.json b/2011/2xxx/CVE-2011-2805.json index a1b98ca78b0..baca68dac77 100644 --- a/2011/2xxx/CVE-2011-2805.json +++ b/2011/2xxx/CVE-2011-2805.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-2805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=89520", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=89520" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html" - }, - { - "name" : "http://support.apple.com/kb/HT4999", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4999" - }, - { - "name" : "http://support.apple.com/kb/HT5000", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5000" - }, - { - "name" : "APPLE-SA-2011-10-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" - }, - { - "name" : "APPLE-SA-2011-10-12-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html" - }, - { - "name" : "74257", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/74257" - }, - { - "name" : "oval:org.mitre.oval:def:14583", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583" - }, - { - "name" : "google-chrome-unspecified-xss(68967)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68967" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html" + }, + { + "name": "APPLE-SA-2011-10-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" + }, + { + "name": "google-chrome-unspecified-xss(68967)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68967" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=89520", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=89520" + }, + { + "name": "74257", + "refsource": "OSVDB", + "url": "http://osvdb.org/74257" + }, + { + "name": "APPLE-SA-2011-10-12-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html" + }, + { + "name": "oval:org.mitre.oval:def:14583", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583" + }, + { + "name": "http://support.apple.com/kb/HT4999", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4999" + }, + { + "name": "http://support.apple.com/kb/HT5000", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5000" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2873.json b/2011/2xxx/CVE-2011-2873.json index 3f3a22bcf93..b9cb8d1ebec 100644 --- a/2011/2xxx/CVE-2011-2873.json +++ b/2011/2xxx/CVE-2011-2873.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2873", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-2873", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2012-03-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2012-03-07-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" - }, - { - "name" : "APPLE-SA-2012-03-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" - }, - { - "name" : "52365", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52365" - }, - { - "name" : "79912", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/79912" - }, - { - "name" : "oval:org.mitre.oval:def:17326", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17326" - }, - { - "name" : "1026774", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026774" - }, - { - "name" : "48274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48274" - }, - { - "name" : "48288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48288" - }, - { - "name" : "48377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48377" - }, - { - "name" : "apple-webkit-cve20112873-code-execution(73802)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73802" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:17326", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17326" + }, + { + "name": "52365", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52365" + }, + { + "name": "1026774", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026774" + }, + { + "name": "48377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48377" + }, + { + "name": "apple-webkit-cve20112873-code-execution(73802)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73802" + }, + { + "name": "APPLE-SA-2012-03-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" + }, + { + "name": "48274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48274" + }, + { + "name": "79912", + "refsource": "OSVDB", + "url": "http://osvdb.org/79912" + }, + { + "name": "APPLE-SA-2012-03-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" + }, + { + "name": "48288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48288" + }, + { + "name": "APPLE-SA-2012-03-07-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2942.json b/2011/2xxx/CVE-2011-2942.json index fca4088d8e9..4308aa27fba 100644 --- a/2011/2xxx/CVE-2011-2942.json +++ b/2011/2xxx/CVE-2011-2942.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2942", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging connectivity to a network interface that uses an Ethernet bridge device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-2942", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20111024 kernel; CVE-2011-2942 and CVE-2011-3209", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/10/24/3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=730917", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=730917" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging connectivity to a network interface that uses an Ethernet bridge device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=730917", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730917" + }, + { + "name": "[oss-security] 20111024 kernel; CVE-2011-2942 and CVE-2011-3209", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/10/24/3" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2992.json b/2011/2xxx/CVE-2011-2992.json index b8fa5ad2c95..1ee96c37500 100644 --- a/2011/2xxx/CVE-2011-2992.json +++ b/2011/2xxx/CVE-2011-2992.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=672789", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=672789" - }, - { - "name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html" - }, - { - "name" : "SUSE-SA:2011:037", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html" - }, - { - "name" : "oval:org.mitre.oval:def:14209", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14209" - }, - { - "name" : "49055", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49055" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html" + }, + { + "name": "SUSE-SA:2011:037", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html" + }, + { + "name": "49055", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49055" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=672789", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=672789" + }, + { + "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html" + }, + { + "name": "oval:org.mitre.oval:def:14209", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14209" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0006.json b/2013/0xxx/CVE-2013-0006.json index dea901ff93a..5cbb397efeb 100644 --- a/2013/0xxx/CVE-2013-0006.json +++ b/2013/0xxx/CVE-2013-0006.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka \"MSXML Integer Truncation Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2013-0006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS13-002", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-002" - }, - { - "name" : "TA13-008A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA13-008A.html" - }, - { - "name" : "oval:org.mitre.oval:def:16429", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16429" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka \"MSXML Integer Truncation Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA13-008A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA13-008A.html" + }, + { + "name": "MS13-002", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-002" + }, + { + "name": "oval:org.mitre.oval:def:16429", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16429" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0419.json b/2013/0xxx/CVE-2013-0419.json index 65b5db02a00..81bd7ef01b7 100644 --- a/2013/0xxx/CVE-2013-0419.json +++ b/2013/0xxx/CVE-2013-0419.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-0419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" - }, - { - "name" : "HPSBUX02864", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136570436423916&w=2" - }, - { - "name" : "SSRT101156", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136570436423916&w=2" - }, - { - "name" : "HPSBMU02874", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136733161405818&w=2" - }, - { - "name" : "HPSBUX02857", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136439120408139&w=2" - }, - { - "name" : "SSRT101103", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136439120408139&w=2" - }, - { - "name" : "SSRT101184", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136733161405818&w=2" - }, - { - "name" : "RHSA-2013:0236", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0236.html" - }, - { - "name" : "RHSA-2013:0237", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0237.html" - }, - { - "name" : "RHSA-2013:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" - }, - { - "name" : "RHSA-2013:1456", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html" - }, - { - "name" : "TA13-032A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA13-032A.html" - }, - { - "name" : "VU#858729", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/858729" - }, - { - "name" : "57714", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/57714" - }, - { - "name" : "oval:org.mitre.oval:def:16247", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16247" - }, - { - "name" : "oval:org.mitre.oval:def:19097", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19097" - }, - { - "name" : "oval:org.mitre.oval:def:19501", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19501" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:19501", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19501" + }, + { + "name": "SSRT101156", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136570436423916&w=2" + }, + { + "name": "TA13-032A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html" + }, + { + "name": "oval:org.mitre.oval:def:19097", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19097" + }, + { + "name": "RHSA-2013:0236", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html" + }, + { + "name": "RHSA-2013:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html" + }, + { + "name": "VU#858729", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/858729" + }, + { + "name": "RHSA-2013:0237", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html" + }, + { + "name": "HPSBUX02857", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136439120408139&w=2" + }, + { + "name": "oval:org.mitre.oval:def:16247", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16247" + }, + { + "name": "57714", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/57714" + }, + { + "name": "HPSBMU02874", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2" + }, + { + "name": "SSRT101103", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136439120408139&w=2" + }, + { + "name": "RHSA-2013:1456", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html" + }, + { + "name": "HPSBUX02864", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136570436423916&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" + }, + { + "name": "SSRT101184", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0427.json b/2013/0xxx/CVE-2013-0427.json index f28e3ea2c62..e68670137aa 100644 --- a/2013/0xxx/CVE-2013-0427.json +++ b/2013/0xxx/CVE-2013-0427.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-0427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" - }, - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907455", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907455" - }, - { - "name" : "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS", - "refsource" : "CONFIRM", - "url" : "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS" - }, - { - "name" : "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/87d135824bdf", - "refsource" : "CONFIRM", - "url" : "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/87d135824bdf" - }, - { - "name" : "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056", - "refsource" : "CONFIRM", - "url" : "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "HPSBUX02864", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136570436423916&w=2" - }, - { - "name" : "SSRT101156", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136570436423916&w=2" - }, - { - "name" : "HPSBMU02874", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136733161405818&w=2" - }, - { - "name" : "HPSBUX02857", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136439120408139&w=2" - }, - { - "name" : "SSRT101103", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136439120408139&w=2" - }, - { - "name" : "SSRT101184", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136733161405818&w=2" - }, - { - "name" : "MDVSA-2013:095", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095" - }, - { - "name" : "RHSA-2013:0236", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0236.html" - }, - { - "name" : "RHSA-2013:0237", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0237.html" - }, - { - "name" : "RHSA-2013:0245", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0245.html" - }, - { - "name" : "RHSA-2013:0246", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0246.html" - }, - { - "name" : "RHSA-2013:0247", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0247.html" - }, - { - "name" : "RHSA-2013:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" - }, - { - "name" : "RHSA-2013:1456", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html" - }, - { - "name" : "openSUSE-SU-2013:0312", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html" - }, - { - "name" : "openSUSE-SU-2013:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html" - }, - { - "name" : "TA13-032A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA13-032A.html" - }, - { - "name" : "VU#858729", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/858729" - }, - { - "name" : "57724", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/57724" - }, - { - "name" : "oval:org.mitre.oval:def:16013", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16013" - }, - { - "name" : "oval:org.mitre.oval:def:18641", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18641" - }, - { - "name" : "oval:org.mitre.oval:def:19245", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19245" - }, - { - "name" : "oval:org.mitre.oval:def:19488", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19488" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907455", + "refsource": "CONFIRM", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907455" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "MDVSA-2013:095", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095" + }, + { + "name": "57724", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/57724" + }, + { + "name": "SSRT101156", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136570436423916&w=2" + }, + { + "name": "TA13-032A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html" + }, + { + "name": "oval:org.mitre.oval:def:16013", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16013" + }, + { + "name": "RHSA-2013:0236", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html" + }, + { + "name": "oval:org.mitre.oval:def:19245", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19245" + }, + { + "name": "RHSA-2013:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html" + }, + { + "name": "VU#858729", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/858729" + }, + { + "name": "RHSA-2013:0237", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html" + }, + { + "name": "HPSBUX02857", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136439120408139&w=2" + }, + { + "name": "RHSA-2013:0247", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html" + }, + { + "name": "oval:org.mitre.oval:def:19488", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19488" + }, + { + "name": "HPSBMU02874", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2" + }, + { + "name": "SSRT101103", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136439120408139&w=2" + }, + { + "name": "openSUSE-SU-2013:0312", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html" + }, + { + "name": "openSUSE-SU-2013:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html" + }, + { + "name": "RHSA-2013:0246", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html" + }, + { + "name": "RHSA-2013:1456", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html" + }, + { + "name": "HPSBUX02864", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136570436423916&w=2" + }, + { + "name": "RHSA-2013:0245", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html" + }, + { + "name": "oval:org.mitre.oval:def:18641", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18641" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" + }, + { + "name": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS", + "refsource": "CONFIRM", + "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS" + }, + { + "name": "SSRT101184", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2" + }, + { + "name": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/87d135824bdf", + "refsource": "CONFIRM", + "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/87d135824bdf" + }, + { + "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056", + "refsource": "CONFIRM", + "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0645.json b/2013/0xxx/CVE-2013-0645.json index a9ec33b6974..c76f0d8a43e 100644 --- a/2013/0xxx/CVE-2013-0645.json +++ b/2013/0xxx/CVE-2013-0645.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0645", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2013-0645", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb13-05.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb13-05.html" - }, - { - "name" : "RHSA-2013:0254", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0254.html" - }, - { - "name" : "SUSE-SU-2013:0296", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html" - }, - { - "name" : "openSUSE-SU-2013:0295", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html" - }, - { - "name" : "openSUSE-SU-2013:0298", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html" - }, - { - "name" : "TA13-043A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA13-043A.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2013:0296", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html" + }, + { + "name": "RHSA-2013:0254", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html" + }, + { + "name": "openSUSE-SU-2013:0295", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html" + }, + { + "name": "openSUSE-SU-2013:0298", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html" + }, + { + "name": "TA13-043A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb13-05.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1046.json b/2013/1xxx/CVE-2013-1046.json index f04040f33d3..2cd45ab9137 100644 --- a/2013/1xxx/CVE-2013-1046.json +++ b/2013/1xxx/CVE-2013-1046.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1046", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2013-1046", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT5934", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5934" - }, - { - "name" : "http://support.apple.com/kb/HT6001", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6001" - }, - { - "name" : "APPLE-SA-2013-09-18-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" - }, - { - "name" : "APPLE-SA-2013-10-22-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html" - }, - { - "name" : "APPLE-SA-2013-10-22-8", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html" - }, - { - "name" : "1029054", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029054" - }, - { - "name" : "54886", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54886" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2013-10-22-8", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html" + }, + { + "name": "1029054", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029054" + }, + { + "name": "http://support.apple.com/kb/HT6001", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6001" + }, + { + "name": "APPLE-SA-2013-10-22-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html" + }, + { + "name": "54886", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54886" + }, + { + "name": "http://support.apple.com/kb/HT5934", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5934" + }, + { + "name": "APPLE-SA-2013-09-18-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1191.json b/2013/1xxx/CVE-2013-1191.json index feba67b4d58..70ac2a47c31 100644 --- a/2013/1xxx/CVE-2013-1191.json +++ b/2013/1xxx/CVE-2013-1191.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-1191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140521 Multiple Vulnerabilities in Cisco NX-OS-Based Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3247.json b/2013/3xxx/CVE-2013-3247.json index 4bcce0a8e8a..092a928cf73 100644 --- a/2013/3xxx/CVE-2013-3247.json +++ b/2013/3xxx/CVE-2013-3247.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3247", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-3247", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3387.json b/2013/3xxx/CVE-2013-3387.json index 30485bcb53c..9b7a05dc906 100644 --- a/2013/3xxx/CVE-2013-3387.json +++ b/2013/3xxx/CVE-2013-3387.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3387", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (disk consumption) via a flood of TCP packets to port 5400, leading to large error-log files, aka Bug ID CSCua42724." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-3387", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130821 Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (disk consumption) via a flood of TCP packets to port 5400, leading to large error-log files, aka Bug ID CSCua42724." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130821 Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4569.json b/2013/4xxx/CVE-2013-4569.json index 32875dc973d..53501ff6e15 100644 --- a/2013/4xxx/CVE-2013-4569.json +++ b/2013/4xxx/CVE-2013-4569.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when \"Group changes by page in recent changes and watchlist\" is enabled, allows remote attackers to obtain sensitive information (revision-deleted IPs) via the Recent Changes page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20131114 MediaWiki Security Release: 1.21.3, 1.20.8 and 1.19.9", - "refsource" : "MLIST", - "url" : "http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-November/000135.html" - }, - { - "name" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=54294", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=54294" - }, - { - "name" : "FEDORA-2013-21856", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123011.html" - }, - { - "name" : "FEDORA-2013-21874", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/122998.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when \"Group changes by page in recent changes and watchlist\" is enabled, allows remote attackers to obtain sensitive information (revision-deleted IPs) via the Recent Changes page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[MediaWiki-announce] 20131114 MediaWiki Security Release: 1.21.3, 1.20.8 and 1.19.9", + "refsource": "MLIST", + "url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-November/000135.html" + }, + { + "name": "FEDORA-2013-21856", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123011.html" + }, + { + "name": "FEDORA-2013-21874", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/122998.html" + }, + { + "name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=54294", + "refsource": "CONFIRM", + "url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=54294" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4854.json b/2013/4xxx/CVE-2013-4854.json index 9ad08936d60..03c7a95e543 100644 --- a/2013/4xxx/CVE-2013-4854.json +++ b/2013/4xxx/CVE-2013-4854.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4854", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-4854", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130806 [slackware-security] bind (SSA:2013-218-01)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-13-210/" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", - "refsource" : "MISC", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10052" - }, - { - "name" : "https://kb.isc.org/article/AA-01015", - "refsource" : "CONFIRM", - "url" : "https://kb.isc.org/article/AA-01015" - }, - { - "name" : "https://kb.isc.org/article/AA-01016", - "refsource" : "CONFIRM", - "url" : "https://kb.isc.org/article/AA-01016" - }, - { - "name" : "https://support.apple.com/kb/HT6536", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6536" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-1244", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-1244" - }, - { - "name" : "APPLE-SA-2014-10-16-3", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" - }, - { - "name" : "DSA-2728", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2013/dsa-2728" - }, - { - "name" : "FEDORA-2013-13831", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html" - }, - { - "name" : "FEDORA-2013-13863", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html" - }, - { - "name" : "FreeBSD-SA-13:07", - "refsource" : "FREEBSD", - "url" : "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc" - }, - { - "name" : "HPSBUX02926", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" - }, - { - "name" : "SSRT101281", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" - }, - { - "name" : "MDVSA-2013:202", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202" - }, - { - "name" : "RHSA-2013:1114", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1114.html" - }, - { - "name" : "RHSA-2013:1115", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1115.html" - }, - { - "name" : "SUSE-SU-2013:1310", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html" - }, - { - "name" : "openSUSE-SU-2013:1354", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html" - }, - { - "name" : "USN-1910-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1910-1" - }, - { - "name" : "61479", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/61479" - }, - { - "name" : "oval:org.mitre.oval:def:19561", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561" - }, - { - "name" : "1028838", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1028838" - }, - { - "name" : "54432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54432" - }, - { - "name" : "54207", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54207" - }, - { - "name" : "54134", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54134" - }, - { - "name" : "54185", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54185" - }, - { - "name" : "54211", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54211" - }, - { - "name" : "54323", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54323" - }, - { - "name" : "isc-bind-cve20134854-dos(86004)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2013-13863", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html" + }, + { + "name": "HPSBUX02926", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" + }, + { + "name": "https://kb.isc.org/article/AA-01015", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/article/AA-01015" + }, + { + "name": "APPLE-SA-2014-10-16-3", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" + }, + { + "name": "54134", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54134" + }, + { + "name": "MDVSA-2013:202", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-1244", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-1244" + }, + { + "name": "54185", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54185" + }, + { + "name": "FreeBSD-SA-13:07", + "refsource": "FREEBSD", + "url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc" + }, + { + "name": "https://kb.isc.org/article/AA-01016", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/article/AA-01016" + }, + { + "name": "oval:org.mitre.oval:def:19561", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", + "refsource": "MISC", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10052" + }, + { + "name": "FEDORA-2013-13831", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html" + }, + { + "name": "54207", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54207" + }, + { + "name": "openSUSE-SU-2013:1354", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html" + }, + { + "name": "https://support.apple.com/kb/HT6536", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6536" + }, + { + "name": "isc-bind-cve20134854-dos(86004)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/" + }, + { + "name": "20130806 [slackware-security] bind (SSA:2013-218-01)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html" + }, + { + "name": "RHSA-2013:1114", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html" + }, + { + "name": "61479", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/61479" + }, + { + "name": "54323", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54323" + }, + { + "name": "SUSE-SU-2013:1310", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html" + }, + { + "name": "54211", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54211" + }, + { + "name": "USN-1910-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1910-1" + }, + { + "name": "DSA-2728", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2013/dsa-2728" + }, + { + "name": "1028838", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1028838" + }, + { + "name": "RHSA-2013:1115", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html" + }, + { + "name": "SSRT101281", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396" + }, + { + "name": "54432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54432" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4948.json b/2013/4xxx/CVE-2013-4948.json index 64490bc726f..6e33bbc28f0 100644 --- a/2013/4xxx/CVE-2013-4948.json +++ b/2013/4xxx/CVE-2013-4948.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4948", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-4948", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "26553", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/26553" - }, - { - "name" : "http://packetstormsecurity.com/files/122255/Machform-Form-Maker-2-XSS-Shell-Upload-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/122255/Machform-Form-Maker-2-XSS-Shell-Upload-SQL-Injection.html" - }, - { - "name" : "94801", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/94801" - }, - { - "name" : "machform-formmaker2-view-sql-injection(85388)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85388" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26553", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/26553" + }, + { + "name": "94801", + "refsource": "OSVDB", + "url": "http://osvdb.org/94801" + }, + { + "name": "machform-formmaker2-view-sql-injection(85388)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85388" + }, + { + "name": "http://packetstormsecurity.com/files/122255/Machform-Form-Maker-2-XSS-Shell-Upload-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/122255/Machform-Form-Maker-2-XSS-Shell-Upload-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4994.json b/2013/4xxx/CVE-2013-4994.json index 0234fbe0fa6..b4eee01dedc 100644 --- a/2013/4xxx/CVE-2013-4994.json +++ b/2013/4xxx/CVE-2013-4994.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4994", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-4994", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12073.json b/2017/12xxx/CVE-2017-12073.json index 852ac66594b..56be534b9d9 100644 --- a/2017/12xxx/CVE-2017-12073.json +++ b/2017/12xxx/CVE-2017-12073.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12073", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12073", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12917.json b/2017/12xxx/CVE-2017-12917.json index f5d9884bd56..fa979bcc8e0 100644 --- a/2017/12xxx/CVE-2017-12917.json +++ b/2017/12xxx/CVE-2017-12917.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12917", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12917", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12969.json b/2017/12xxx/CVE-2017-12969.json index f84120b6317..5cd643773d4 100644 --- a/2017/12xxx/CVE-2017-12969.json +++ b/2017/12xxx/CVE-2017-12969.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43120", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43120/" - }, - { - "name" : "20171105 CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2017/Nov/17" - }, - { - "name" : "http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-(IPO)-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txt", - "refsource" : "MISC", - "url" : "http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-(IPO)-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/144882/Avaya-IP-Office-IPO-10.1-Active-X-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/144882/Avaya-IP-Office-IPO-10.1-Active-X-Buffer-Overflow.html" - }, - { - "name" : "http://downloads.avaya.com/css/P8/documents/101044091", - "refsource" : "CONFIRM", - "url" : "http://downloads.avaya.com/css/P8/documents/101044091" - }, - { - "name" : "101667", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101667" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-(IPO)-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txt", + "refsource": "MISC", + "url": "http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-(IPO)-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txt" + }, + { + "name": "http://downloads.avaya.com/css/P8/documents/101044091", + "refsource": "CONFIRM", + "url": "http://downloads.avaya.com/css/P8/documents/101044091" + }, + { + "name": "http://packetstormsecurity.com/files/144882/Avaya-IP-Office-IPO-10.1-Active-X-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/144882/Avaya-IP-Office-IPO-10.1-Active-X-Buffer-Overflow.html" + }, + { + "name": "101667", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101667" + }, + { + "name": "43120", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43120/" + }, + { + "name": "20171105 CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2017/Nov/17" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13111.json b/2017/13xxx/CVE-2017-13111.json index 6022ffb664b..57007e6267e 100644 --- a/2017/13xxx/CVE-2017-13111.json +++ b/2017/13xxx/CVE-2017-13111.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13111", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-13111", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13250.json b/2017/13xxx/CVE-2017-13250.json index d623d4210f1..97168364d1e 100644 --- a/2017/13xxx/CVE-2017-13250.json +++ b/2017/13xxx/CVE-2017-13250.json @@ -1,86 +1,86 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2018-03-05T00:00:00", - "ID" : "CVE-2017-13250", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7.1.1" - }, - { - "version_value" : "7.1.2" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "8.1" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71375536." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2018-03-05T00:00:00", + "ID": "CVE-2017-13250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7.1.1" + }, + { + "version_value": "7.1.2" + }, + { + "version_value": "8.0" + }, + { + "version_value": "8.1" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-03-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-03-01" - }, - { - "name" : "103255", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103255" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71375536." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103255", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103255" + }, + { + "name": "https://source.android.com/security/bulletin/2018-03-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-03-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13420.json b/2017/13xxx/CVE-2017-13420.json index efd802ff3e5..82ddac96b92 100644 --- a/2017/13xxx/CVE-2017-13420.json +++ b/2017/13xxx/CVE-2017-13420.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13420", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13420", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13592.json b/2017/13xxx/CVE-2017-13592.json index fc0bc0affda..db8c376103f 100644 --- a/2017/13xxx/CVE-2017-13592.json +++ b/2017/13xxx/CVE-2017-13592.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13592", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13592", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13829.json b/2017/13xxx/CVE-2017-13829.json index 8a3fcf0f859..232a5f4f62e 100644 --- a/2017/13xxx/CVE-2017-13829.json +++ b/2017/13xxx/CVE-2017-13829.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-13829", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the \"CFNetwork\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-13829", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT208221", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208221" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the \"CFNetwork\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT208221", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208221" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16013.json b/2017/16xxx/CVE-2017-16013.json index 82e094c36f5..fb67ab836e1 100644 --- a/2017/16xxx/CVE-2017-16013.json +++ b/2017/16xxx/CVE-2017-16013.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2017-16013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "hapi node module", - "version" : { - "version_data" : [ - { - "version_value" : ">= 15.0.0 <= 16.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service (CWE-400)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2017-16013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "hapi node module", + "version": { + "version_data": [ + { + "version_value": ">= 15.0.0 <= 16.1.0" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/hapijs/hapi/issues/3466", - "refsource" : "MISC", - "url" : "https://github.com/hapijs/hapi/issues/3466" - }, - { - "name" : "https://nodesecurity.io/advisories/335", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service (CWE-400)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/335", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/335" + }, + { + "name": "https://github.com/hapijs/hapi/issues/3466", + "refsource": "MISC", + "url": "https://github.com/hapijs/hapi/issues/3466" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16537.json b/2017/16xxx/CVE-2017-16537.json index 15dc5207536..1325a374e85 100644 --- a/2017/16xxx/CVE-2017-16537.json +++ b/2017/16xxx/CVE-2017-16537.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html" - }, - { - "name" : "https://groups.google.com/d/msg/syzkaller/bBFN8imrjjo/-5jCl8EiCQAJ", - "refsource" : "MISC", - "url" : "https://groups.google.com/d/msg/syzkaller/bBFN8imrjjo/-5jCl8EiCQAJ" - }, - { - "name" : "https://patchwork.kernel.org/patch/9994017/", - "refsource" : "MISC", - "url" : "https://patchwork.kernel.org/patch/9994017/" - }, - { - "name" : "USN-3617-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3617-1/" - }, - { - "name" : "USN-3617-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3617-2/" - }, - { - "name" : "USN-3617-3", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3617-3/" - }, - { - "name" : "USN-3619-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3619-1/" - }, - { - "name" : "USN-3619-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3619-2/" - }, - { - "name" : "USN-3754-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3754-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3617-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3617-1/" + }, + { + "name": "USN-3619-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3619-2/" + }, + { + "name": "https://patchwork.kernel.org/patch/9994017/", + "refsource": "MISC", + "url": "https://patchwork.kernel.org/patch/9994017/" + }, + { + "name": "https://groups.google.com/d/msg/syzkaller/bBFN8imrjjo/-5jCl8EiCQAJ", + "refsource": "MISC", + "url": "https://groups.google.com/d/msg/syzkaller/bBFN8imrjjo/-5jCl8EiCQAJ" + }, + { + "name": "USN-3617-3", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3617-3/" + }, + { + "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html" + }, + { + "name": "USN-3754-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3754-1/" + }, + { + "name": "USN-3617-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3617-2/" + }, + { + "name": "USN-3619-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3619-1/" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16774.json b/2017/16xxx/CVE-2017-16774.json index 54d6cc2caaa..f5ed439b07d 100644 --- a/2017/16xxx/CVE-2017-16774.json +++ b/2017/16xxx/CVE-2017-16774.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16774", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16774", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17587.json b/2017/17xxx/CVE-2017-17587.json index d8a93e429dc..d5cd0a2cbcc 100644 --- a/2017/17xxx/CVE-2017-17587.json +++ b/2017/17xxx/CVE-2017-17587.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17587", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17587", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43250", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43250/" - }, - { - "name" : "https://packetstormsecurity.com/files/145308/FS-Indiamart-Clone-1.0-SQL-Injection.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/145308/FS-Indiamart-Clone-1.0-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/145308/FS-Indiamart-Clone-1.0-SQL-Injection.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/145308/FS-Indiamart-Clone-1.0-SQL-Injection.html" + }, + { + "name": "43250", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43250/" + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4590.json b/2017/4xxx/CVE-2017-4590.json index 973372d063f..9078f0f3f8a 100644 --- a/2017/4xxx/CVE-2017-4590.json +++ b/2017/4xxx/CVE-2017-4590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4590", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4590", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4936.json b/2017/4xxx/CVE-2017-4936.json index dda2274f3d0..1bd6bca938d 100644 --- a/2017/4xxx/CVE-2017-4936.json +++ b/2017/4xxx/CVE-2017-4936.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@vmware.com", - "DATE_PUBLIC" : "2017-11-16T00:00:00", - "ID" : "CVE-2017-4936", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Workstation", - "version" : { - "version_data" : [ - { - "version_value" : "12.x before 12.5.8" - } - ] - } - }, - { - "product_name" : "Horizon View Client for Windows", - "version" : { - "version_data" : [ - { - "version_value" : "4.x before 4.6.1" - } - ] - } - } - ] - }, - "vendor_name" : "VMware" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Out-of-bounds read vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security@vmware.com", + "DATE_PUBLIC": "2017-11-16T00:00:00", + "ID": "CVE-2017-4936", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Workstation", + "version": { + "version_data": [ + { + "version_value": "12.x before 12.5.8" + } + ] + } + }, + { + "product_name": "Horizon View Client for Windows", + "version": { + "version_data": [ + { + "version_value": "4.x before 4.6.1" + } + ] + } + } + ] + }, + "vendor_name": "VMware" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vmware.com/security/advisories/VMSA-2017-0018.html", - "refsource" : "CONFIRM", - "url" : "https://www.vmware.com/security/advisories/VMSA-2017-0018.html" - }, - { - "name" : "101892", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101892" - }, - { - "name" : "1039835", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039835" - }, - { - "name" : "1039836", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039836" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds read vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.vmware.com/security/advisories/VMSA-2017-0018.html", + "refsource": "CONFIRM", + "url": "https://www.vmware.com/security/advisories/VMSA-2017-0018.html" + }, + { + "name": "1039836", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039836" + }, + { + "name": "101892", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101892" + }, + { + "name": "1039835", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039835" + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18040.json b/2018/18xxx/CVE-2018-18040.json index feddf4d5965..6852ec70329 100644 --- a/2018/18xxx/CVE-2018-18040.json +++ b/2018/18xxx/CVE-2018-18040.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18040", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18040", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18400.json b/2018/18xxx/CVE-2018-18400.json index 8c0fd3d7d7b..b70473498c3 100644 --- a/2018/18xxx/CVE-2018-18400.json +++ b/2018/18xxx/CVE-2018-18400.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18400", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18400", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18576.json b/2018/18xxx/CVE-2018-18576.json index 5f749d44130..00776b28309 100644 --- a/2018/18xxx/CVE-2018-18576.json +++ b/2018/18xxx/CVE-2018-18576.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18576", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18576", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18874.json b/2018/18xxx/CVE-2018-18874.json index cc74ba703f6..e8859f66f40 100644 --- a/2018/18xxx/CVE-2018-18874.json +++ b/2018/18xxx/CVE-2018-18874.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18874", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the \"Upload File or Image\" feature, with a .php filename and \"Content-Type: application/octet-stream\" to the index.php?action=file_manager_upload URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/gnat/nc-cms/issues/11", - "refsource" : "MISC", - "url" : "https://github.com/gnat/nc-cms/issues/11" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the \"Upload File or Image\" feature, with a .php filename and \"Content-Type: application/octet-stream\" to the index.php?action=file_manager_upload URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/gnat/nc-cms/issues/11", + "refsource": "MISC", + "url": "https://github.com/gnat/nc-cms/issues/11" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1329.json b/2018/1xxx/CVE-2018-1329.json index c5a00a0d134..9afc3cf674e 100644 --- a/2018/1xxx/CVE-2018-1329.json +++ b/2018/1xxx/CVE-2018-1329.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-1329", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-1329", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1389.json b/2018/1xxx/CVE-2018-1389.json index f475cd7ff2f..8befe0072ac 100644 --- a/2018/1xxx/CVE-2018-1389.json +++ b/2018/1xxx/CVE-2018-1389.json @@ -1,124 +1,124 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-04-27T00:00:00", - "ID" : "CVE-2018-1389", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "API Connect", - "version" : { - "version_data" : [ - { - "version_value" : "5.0.1.0" - }, - { - "version_value" : "5.0.0.0" - }, - { - "version_value" : "5.0.2.0" - }, - { - "version_value" : "5.0.5.0" - }, - { - "version_value" : "5.0.6.0" - }, - { - "version_value" : "5.0.6.1" - }, - { - "version_value" : "5.0.6.2" - }, - { - "version_value" : "5.0.7.0" - }, - { - "version_value" : "5.0.7.1" - }, - { - "version_value" : "5.0.3.0" - }, - { - "version_value" : "5.0.4.0" - }, - { - "version_value" : "5.0.7.2" - }, - { - "version_value" : "5.0.6.3" - }, - { - "version_value" : "5.0.6.4" - }, - { - "version_value" : "5.0.8.0" - }, - { - "version_value" : "5.0.8.1" - }, - { - "version_value" : "5.0.6.5" - }, - { - "version_value" : "5.0.8.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Data Manipulation" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-04-27T00:00:00", + "ID": "CVE-2018-1389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "API Connect", + "version": { + "version_data": [ + { + "version_value": "5.0.1.0" + }, + { + "version_value": "5.0.0.0" + }, + { + "version_value": "5.0.2.0" + }, + { + "version_value": "5.0.5.0" + }, + { + "version_value": "5.0.6.0" + }, + { + "version_value": "5.0.6.1" + }, + { + "version_value": "5.0.6.2" + }, + { + "version_value": "5.0.7.0" + }, + { + "version_value": "5.0.7.1" + }, + { + "version_value": "5.0.3.0" + }, + { + "version_value": "5.0.4.0" + }, + { + "version_value": "5.0.7.2" + }, + { + "version_value": "5.0.6.3" + }, + { + "version_value": "5.0.6.4" + }, + { + "version_value": "5.0.8.0" + }, + { + "version_value": "5.0.8.1" + }, + { + "version_value": "5.0.6.5" + }, + { + "version_value": "5.0.8.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22013531", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22013531" - }, - { - "name" : "104026", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104026" - }, - { - "name" : "ibm-api-cve20181389-info-mod(138213)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Data Manipulation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-api-cve20181389-info-mod(138213)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138213" + }, + { + "name": "104026", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104026" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22013531", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22013531" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1926.json b/2018/1xxx/CVE-2018-1926.json index 57a325f9252..8793fae631c 100644 --- a/2018/1xxx/CVE-2018-1926.json +++ b/2018/1xxx/CVE-2018-1926.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-12-10T00:00:00", - "ID" : "CVE-2018-1926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere Application Server", - "version" : { - "version_data" : [ - { - "version_value" : "7.0" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "8.5" - }, - { - "version_value" : "9.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious URL, a remote attacker could send a specially-crafted request. An attacker could exploit this vulnerability to perform CSRF attack and update available applications. IBM X-Force ID: 152992." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "N", - "I" : "L", - "PR" : "N", - "S" : "U", - "SCORE" : "4.300", - "UI" : "R" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-12-10T00:00:00", + "ID": "CVE-2018-1926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebSphere Application Server", + "version": { + "version_data": [ + { + "version_value": "7.0" + }, + { + "version_value": "8.0" + }, + { + "version_value": "8.5" + }, + { + "version_value": "9.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10742301", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10742301" - }, - { - "name" : "106204", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106204" - }, - { - "name" : "ibm-websphere-cve20181926-csrf(152992)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152992" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious URL, a remote attacker could send a specially-crafted request. An attacker could exploit this vulnerability to perform CSRF attack and update available applications. IBM X-Force ID: 152992." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "N", + "I": "L", + "PR": "N", + "S": "U", + "SCORE": "4.300", + "UI": "R" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10742301", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10742301" + }, + { + "name": "106204", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106204" + }, + { + "name": "ibm-websphere-cve20181926-csrf(152992)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152992" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5125.json b/2018/5xxx/CVE-2018-5125.json index 2abe40e8a30..85e696fa6a9 100644 --- a/2018/5xxx/CVE-2018-5125.json +++ b/2018/5xxx/CVE-2018-5125.json @@ -1,175 +1,175 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2018-5125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Thunderbird", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "52.7" - } - ] - } - }, - { - "product_name" : "Firefox ESR", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "52.7" - } - ] - } - }, - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "59" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2018-5125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "52.7" + } + ] + } + }, + { + "product_name": "Firefox ESR", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "52.7" + } + ] + } + }, + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "59" + } + ] + } + } + ] + }, + "vendor_name": "Mozilla" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180315 [SECURITY] [DLA 1308-1] firefox-esr security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" - }, - { - "name" : "[debian-lts-announce] 20180329 [SECURITY] [DLA 1327-1] thunderbird security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html" - }, - { - "name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2018-06/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2018-06/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2018-07/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2018-07/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2018-09/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2018-09/" - }, - { - "name" : "DSA-4139", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4139" - }, - { - "name" : "DSA-4155", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4155" - }, - { - "name" : "GLSA-201810-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201810-01" - }, - { - "name" : "GLSA-201811-13", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201811-13" - }, - { - "name" : "RHSA-2018:0526", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0526" - }, - { - "name" : "RHSA-2018:0527", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0527" - }, - { - "name" : "RHSA-2018:0647", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0647" - }, - { - "name" : "RHSA-2018:0648", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0648" - }, - { - "name" : "USN-3545-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3545-1/" - }, - { - "name" : "USN-3596-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3596-1/" - }, - { - "name" : "USN-3688-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3688-1/" - }, - { - "name" : "103388", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103388" - }, - { - "name" : "1040514", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-4139", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4139" + }, + { + "name": "GLSA-201810-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201810-01" + }, + { + "name": "103388", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103388" + }, + { + "name": "GLSA-201811-13", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201811-13" + }, + { + "name": "RHSA-2018:0527", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0527" + }, + { + "name": "USN-3545-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3545-1/" + }, + { + "name": "[debian-lts-announce] 20180315 [SECURITY] [DLA 1308-1] firefox-esr security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2018-09/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2018-09/" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2018-07/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" + }, + { + "name": "RHSA-2018:0526", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0526" + }, + { + "name": "[debian-lts-announce] 20180329 [SECURITY] [DLA 1327-1] thunderbird security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html" + }, + { + "name": "DSA-4155", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4155" + }, + { + "name": "RHSA-2018:0648", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0648" + }, + { + "name": "RHSA-2018:0647", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0647" + }, + { + "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520" + }, + { + "name": "USN-3688-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3688-1/" + }, + { + "name": "1040514", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040514" + }, + { + "name": "USN-3596-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3596-1/" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2018-06/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5291.json b/2018/5xxx/CVE-2018-5291.json index eb99388221a..39814baf0be 100644 --- a/2018/5xxx/CVE-2018-5291.json +++ b/2018/5xxx/CVE-2018-5291.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5291", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md", - "refsource" : "MISC", - "url" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md" - }, - { - "name" : "https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system/", - "refsource" : "MISC", - "url" : "https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system/" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8995", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8995" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wpvulndb.com/vulnerabilities/8995", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8995" + }, + { + "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md", + "refsource": "MISC", + "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md" + }, + { + "name": "https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system/", + "refsource": "MISC", + "url": "https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system/" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5604.json b/2018/5xxx/CVE-2018-5604.json index b3d0816bfae..78fa708a936 100644 --- a/2018/5xxx/CVE-2018-5604.json +++ b/2018/5xxx/CVE-2018-5604.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5604", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5604", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file